git: 1a04f0156c4e - main - cryptodev: Fix some input validation bugs

Mark Johnston markj at FreeBSD.org
Tue May 11 21:36:36 UTC 2021


The branch main has been updated by markj:

URL: https://cgit.FreeBSD.org/src/commit/?id=1a04f0156c4e6abfc01d5841341a94179f317f31

commit 1a04f0156c4e6abfc01d5841341a94179f317f31
Author:     Mark Johnston <markj at FreeBSD.org>
AuthorDate: 2021-05-11 21:36:12 +0000
Commit:     Mark Johnston <markj at FreeBSD.org>
CommitDate: 2021-05-11 21:36:12 +0000

    cryptodev: Fix some input validation bugs
    
    - When we do not have a separate IV, make sure that the IV length
      specified by the session is not larger than the payload size.
    - Disallow AEAD requests without a separate IV.  crp_sanity() asserts
      that CRYPTO_F_IV_SEPARATE is set for AEAD requests, and some (but not
      all) drivers require it.
    - Return EINVAL for AEAD requests if an IV is specified but the
      transform does not expect one.
    
    Reported by:    syzbot+c9e8f6ff5cb7fa6a1250 at syzkaller.appspotmail.com
    Reported by:    syzbot+007341439ae295cee74f at syzkaller.appspotmail.com
    Reported by:    syzbot+46e0cc42a428b3b0a40d at syzkaller.appspotmail.com
    Reported by:    syzbot+2c4d670173b8bdb947df at syzkaller.appspotmail.com
    Reported by:    syzbot+220faa5eeb4d47b23877 at syzkaller.appspotmail.com
    Reported by:    syzbot+e83434b40f05843722f7 at syzkaller.appspotmail.com
    Reviewed by:    jhb
    MFC after:      3 days
    Sponsored by:   The FreeBSD Foundation
    Differential Revision:  https://reviews.freebsd.org/D30154
---
 sys/opencrypto/cryptodev.c | 17 +++++++++++++----
 1 file changed, 13 insertions(+), 4 deletions(-)

diff --git a/sys/opencrypto/cryptodev.c b/sys/opencrypto/cryptodev.c
index f102b59b82ac..d179dd6348e5 100644
--- a/sys/opencrypto/cryptodev.c
+++ b/sys/opencrypto/cryptodev.c
@@ -878,6 +878,11 @@ cryptodev_op(struct csession *cse, const struct crypt_op *cop)
 		}
 		crp->crp_flags |= CRYPTO_F_IV_SEPARATE;
 	} else if (cse->ivsize != 0) {
+		if (crp->crp_payload_length < cse->ivsize) {
+			SDT_PROBE1(opencrypto, dev, ioctl, error, __LINE__);
+			error = EINVAL;
+			goto bail;
+		}
 		crp->crp_iv_start = 0;
 		crp->crp_payload_start += cse->ivsize;
 		crp->crp_payload_length -= cse->ivsize;
@@ -1058,6 +1063,11 @@ cryptodev_aead(struct csession *cse, struct crypt_aead *caead)
 		    cse->ivsize == AES_XTS_IV_LEN)
 			caead->ivlen = AES_XTS_IV_LEN;
 
+		if (cse->ivsize == 0) {
+			SDT_PROBE1(opencrypto, dev, ioctl, error, __LINE__);
+			error = EINVAL;
+			goto bail;
+		}
 		if (caead->ivlen != cse->ivsize) {
 			error = EINVAL;
 			SDT_PROBE1(opencrypto, dev, ioctl, error, __LINE__);
@@ -1071,10 +1081,9 @@ cryptodev_aead(struct csession *cse, struct crypt_aead *caead)
 		}
 		crp->crp_flags |= CRYPTO_F_IV_SEPARATE;
 	} else {
-		crp->crp_iv_start = crp->crp_payload_start;
-		crp->crp_payload_start += cse->ivsize;
-		crp->crp_payload_length -= cse->ivsize;
-		dst += cse->ivsize;
+		error = EINVAL;
+		SDT_PROBE1(opencrypto, dev, ioctl, error, __LINE__);
+		goto bail;
 	}
 
 	if (crp->crp_op & CRYPTO_OP_VERIFY_DIGEST) {


More information about the dev-commits-src-all mailing list