[PATCH] crypto: arm64/sm4 - Fix possible crash in GCM cryption
Herbert Xu
herbert at gondor.apana.org.au
Wed Jan 18 06:54:03 PST 2023
On Wed, Jan 18, 2023 at 10:19:28PM +0800, Tianjia Zhang wrote:
> When the cryption total length is zero, GCM cryption call
> skcipher_walk_done() will cause an unexpected crash, so skip calling
> this function to avoid possible crash when the GCM cryption length
> is equal to zero.
>
> Fixes: ae1b83c7d572 ("crypto: arm64/sm4 - add CE implementation for GCM mode")
> Signed-off-by: Tianjia Zhang <tianjia.zhang at linux.alibaba.com>
> ---
> arch/arm64/crypto/sm4-ce-gcm-glue.c | 12 +++++++-----
> 1 file changed, 7 insertions(+), 5 deletions(-)
>
> diff --git a/arch/arm64/crypto/sm4-ce-gcm-glue.c b/arch/arm64/crypto/sm4-ce-gcm-glue.c
> index c450a2025ca9..9b63bcf9aa85 100644
> --- a/arch/arm64/crypto/sm4-ce-gcm-glue.c
> +++ b/arch/arm64/crypto/sm4-ce-gcm-glue.c
> @@ -178,11 +178,13 @@ static int gcm_crypt(struct aead_request *req, struct skcipher_walk *walk,
>
> kernel_neon_end();
>
> - err = skcipher_walk_done(walk, tail);
> - if (err)
> - return err;
> - if (walk->nbytes)
> - kernel_neon_begin();
> + if (walk->nbytes) {
Please do
if (!walk->nbytes)
break;
As an additional improvement, the tail calculation can be removed
entirely because you already set the chunksize so the walker should
only be feeding you multiples of chunksize except at the end.
Cheers,
--
Email: Herbert Xu <herbert at gondor.apana.org.au>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt
More information about the linux-arm-kernel
mailing list