summaryrefslogtreecommitdiffstats
path: root/ccm-stack.patch
diff options
context:
space:
mode:
authorLaura Abbott <labbott@fedoraproject.org>2017-02-28 13:09:16 -0800
committerLaura Abbott <labbott@fedoraproject.org>2017-02-28 13:09:16 -0800
commit1652b3b29eb207a6455cf6389a0b92b41ecb5e04 (patch)
tree0f5c7df52efa136689fe511d3238b322e3654ab4 /ccm-stack.patch
parent476553105e5f3a281b06829f62eb073735359497 (diff)
downloadkernel-1652b3b29eb207a6455cf6389a0b92b41ecb5e04.tar.gz
kernel-1652b3b29eb207a6455cf6389a0b92b41ecb5e04.tar.xz
kernel-1652b3b29eb207a6455cf6389a0b92b41ecb5e04.zip
Fix for yet another stack variable in crypto (rhbz 1427593)
Diffstat (limited to 'ccm-stack.patch')
-rw-r--r--ccm-stack.patch49
1 files changed, 49 insertions, 0 deletions
diff --git a/ccm-stack.patch b/ccm-stack.patch
new file mode 100644
index 000000000..b4228c5a4
--- /dev/null
+++ b/ccm-stack.patch
@@ -0,0 +1,49 @@
+From 3b30460c5b0ed762be75a004e924ec3f8711e032 Mon Sep 17 00:00:00 2001
+From: Ard Biesheuvel <ard.biesheuvel@linaro.org>
+Date: Mon, 27 Feb 2017 15:30:56 +0000
+Subject: crypto: ccm - move cbcmac input off the stack
+
+Commit f15f05b0a5de ("crypto: ccm - switch to separate cbcmac driver")
+refactored the CCM driver to allow separate implementations of the
+underlying MAC to be provided by a platform. However, in doing so, it
+moved some data from the linear region to the stack, which violates the
+SG constraints when the stack is virtually mapped.
+
+So move idata/odata back to the request ctx struct, of which we can
+reasonably expect that it has been allocated using kmalloc() et al.
+
+Reported-by: Johannes Berg <johannes@sipsolutions.net>
+Fixes: f15f05b0a5de ("crypto: ccm - switch to separate cbcmac driver")
+Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
+Tested-by: Johannes Berg <johannes@sipsolutions.net>
+Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
+---
+ crypto/ccm.c | 5 +++--
+ 1 file changed, 3 insertions(+), 2 deletions(-)
+
+diff --git a/crypto/ccm.c b/crypto/ccm.c
+index 4428488..1ce37ae 100644
+--- a/crypto/ccm.c
++++ b/crypto/ccm.c
+@@ -45,6 +45,7 @@ struct crypto_rfc4309_req_ctx {
+
+ struct crypto_ccm_req_priv_ctx {
+ u8 odata[16];
++ u8 idata[16];
+ u8 auth_tag[16];
+ u32 flags;
+ struct scatterlist src[3];
+@@ -183,8 +184,8 @@ static int crypto_ccm_auth(struct aead_request *req, struct scatterlist *plain,
+ AHASH_REQUEST_ON_STACK(ahreq, ctx->mac);
+ unsigned int assoclen = req->assoclen;
+ struct scatterlist sg[3];
+- u8 odata[16];
+- u8 idata[16];
++ u8 *odata = pctx->odata;
++ u8 *idata = pctx->idata;
+ int ilen, err;
+
+ /* format control data for input */
+--
+cgit v0.12
+