svn commit: r286373 - head/sys/geom/eli
Pawel Jakub Dawidek
pjd at FreeBSD.org
Thu Aug 6 17:13:36 UTC 2015
Author: pjd
Date: Thu Aug 6 17:13:34 2015
New Revision: 286373
URL: https://svnweb.freebsd.org/changeset/base/286373
Log:
After crypto_dispatch() bio might be already delivered and destroyed,
so we cannot access it anymore. Setting an error later lead to memory
corruption.
Assert that crypto_dispatch() was successful. It can fail only if we pass a
bogus crypto request, which is a bug in the program, not a runtime condition.
PR: 199705
Submitted by: luke.tw
Reviewed by: emaste
MFC after: 3 days
Modified:
head/sys/geom/eli/g_eli_integrity.c
head/sys/geom/eli/g_eli_privacy.c
Modified: head/sys/geom/eli/g_eli_integrity.c
==============================================================================
--- head/sys/geom/eli/g_eli_integrity.c Thu Aug 6 17:07:21 2015 (r286372)
+++ head/sys/geom/eli/g_eli_integrity.c Thu Aug 6 17:13:34 2015 (r286373)
@@ -408,8 +408,8 @@ g_eli_auth_run(struct g_eli_worker *wr,
struct cryptodesc *crde, *crda;
u_int i, lsec, nsec, data_secsize, decr_secsize, encr_secsize;
off_t dstoff;
- int err, error;
u_char *p, *data, *auth, *authkey, *plaindata;
+ int error;
G_ELI_LOGREQ(3, bp, "%s", __func__);
@@ -451,7 +451,6 @@ g_eli_auth_run(struct g_eli_worker *wr,
bp->bio_inbed = 0;
bp->bio_children = nsec;
- error = 0;
for (i = 1; i <= nsec; i++, dstoff += encr_secsize) {
crp = (struct cryptop *)p; p += sizeof(*crp);
crde = (struct cryptodesc *)p; p += sizeof(*crde);
@@ -519,10 +518,8 @@ g_eli_auth_run(struct g_eli_worker *wr,
crda->crd_klen = G_ELI_AUTH_SECKEYLEN * 8;
crp->crp_etype = 0;
- err = crypto_dispatch(crp);
- if (err != 0 && error == 0)
- error = err;
+ error = crypto_dispatch(crp);
+ KASSERT(error == 0, ("crypto_dispatch() failed (error=%d)",
+ error));
}
- if (bp->bio_error == 0)
- bp->bio_error = error;
}
Modified: head/sys/geom/eli/g_eli_privacy.c
==============================================================================
--- head/sys/geom/eli/g_eli_privacy.c Thu Aug 6 17:07:21 2015 (r286372)
+++ head/sys/geom/eli/g_eli_privacy.c Thu Aug 6 17:13:34 2015 (r286373)
@@ -230,10 +230,10 @@ g_eli_crypto_run(struct g_eli_worker *wr
struct cryptop *crp;
struct cryptodesc *crd;
u_int i, nsec, secsize;
- int err, error;
off_t dstoff;
size_t size;
u_char *p, *data;
+ int error;
G_ELI_LOGREQ(3, bp, "%s", __func__);
@@ -271,7 +271,6 @@ g_eli_crypto_run(struct g_eli_worker *wr
bcopy(bp->bio_data, data, bp->bio_length);
}
- error = 0;
for (i = 0, dstoff = bp->bio_offset; i < nsec; i++, dstoff += secsize) {
crp = (struct cryptop *)p; p += sizeof(*crp);
crd = (struct cryptodesc *)p; p += sizeof(*crd);
@@ -308,10 +307,8 @@ g_eli_crypto_run(struct g_eli_worker *wr
crd->crd_next = NULL;
crp->crp_etype = 0;
- err = crypto_dispatch(crp);
- if (error == 0)
- error = err;
+ error = crypto_dispatch(crp);
+ KASSERT(error == 0, ("crypto_dispatch() failed (error=%d)",
+ error));
}
- if (bp->bio_error == 0)
- bp->bio_error = error;
}
More information about the svn-src-all
mailing list