git: 5f9a61203779 - stable/13 - cryptodev: Allow some CIOCCRYPT operations with an empty payload.
- Go to: [ bottom of page ] [ top of archives ] [ this month ]
Date: Thu, 21 Oct 2021 22:04:14 UTC
The branch stable/13 has been updated by jhb:
URL: https://cgit.FreeBSD.org/src/commit/?id=5f9a612037793b51c70e26846334d0e0c4232950
commit 5f9a612037793b51c70e26846334d0e0c4232950
Author: John Baldwin <jhb@FreeBSD.org>
AuthorDate: 2021-10-06 21:08:47 +0000
Commit: John Baldwin <jhb@FreeBSD.org>
CommitDate: 2021-10-21 21:07:18 +0000
cryptodev: Allow some CIOCCRYPT operations with an empty payload.
If an operation would generate a MAC output (e.g. for digest operation
or for an AEAD or EtA operation), then an empty payload buffer is
valid. Only reject requests with an empty buffer for "plain" cipher
sessions.
Some of the AES-CCM NIST KAT vectors use an empty payload.
While here, don't advance crp_payload_start for requests that use an
empty payload with an inline IV. (*)
Reported by: syzbot+d4b94fbd9a44b032f428@syzkaller.appspotmail.com (*)
Reviewed by: markj
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D32109
(cherry picked from commit a0cbcbb7917b0b8566ec0853425a73d7958ddbed)
---
sys/opencrypto/cryptodev.c | 11 +++++++++--
1 file changed, 9 insertions(+), 2 deletions(-)
diff --git a/sys/opencrypto/cryptodev.c b/sys/opencrypto/cryptodev.c
index b449c7a12d9f..7e4cecff3980 100644
--- a/sys/opencrypto/cryptodev.c
+++ b/sys/opencrypto/cryptodev.c
@@ -846,7 +846,7 @@ cryptodev_op(struct csession *cse, const struct crypt_op *cop)
}
if (cse->txform) {
- if (cop->len == 0 || (cop->len % cse->txform->blocksize) != 0) {
+ if ((cop->len % cse->txform->blocksize) != 0) {
SDT_PROBE1(opencrypto, dev, ioctl, error, __LINE__);
return (EINVAL);
}
@@ -901,6 +901,12 @@ cryptodev_op(struct csession *cse, const struct crypt_op *cop)
}
break;
case CSP_MODE_CIPHER:
+ if (cop->len == 0 ||
+ (cop->iv == NULL && cop->len == cse->ivsize)) {
+ SDT_PROBE1(opencrypto, dev, ioctl, error, __LINE__);
+ error = EINVAL;
+ goto bail;
+ }
switch (cop->op) {
case COP_ENCRYPT:
crp->crp_op = CRYPTO_OP_ENCRYPT;
@@ -984,8 +990,9 @@ cryptodev_op(struct csession *cse, const struct crypt_op *cop)
goto bail;
}
crp->crp_iv_start = 0;
- crp->crp_payload_start += cse->ivsize;
crp->crp_payload_length -= cse->ivsize;
+ if (crp->crp_payload_length != 0)
+ crp->crp_payload_start = cse->ivsize;
dst += cse->ivsize;
}