[PATCH] crypto: mxs-dcp: Ensure payload is zero when using key slot
Herbert Xu
herbert at gondor.apana.org.au
Fri Jul 12 16:55:50 PDT 2024
On Wed, Jul 03, 2024 at 02:49:58PM +0200, David Gstir wrote:
> We could leak stack memory through the payload field when running
> AES with a key from one of the hardware's key slots. Fix this by
> ensuring the payload field is set to 0 in such cases.
>
> This does not affect the common use case when the key is supplied
> from main memory via the descriptor payload.
>
> Signed-off-by: David Gstir <david at sigma-star.at>
> Reported-by: kernel test robot <lkp at intel.com>
> Reported-by: Dan Carpenter <dan.carpenter at linaro.org>
> Closes: https://lore.kernel.org/r/202405270146.Y9tPoil8-lkp@intel.com/
> Fixes: 3d16af0b4cfa ("crypto: mxs-dcp: Add support for hardware-bound keys")
> ---
> drivers/crypto/mxs-dcp.c | 3 ++-
> 1 file changed, 2 insertions(+), 1 deletion(-)
Patch applied. Thanks.
--
Email: Herbert Xu <herbert at gondor.apana.org.au>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt
More information about the linux-arm-kernel
mailing list