Re: [PATCH 4/6] drivers:crypto:qce: Fix SHA result buffer corruption issues.
From: Bjorn Andersson
Date: Tue Nov 17 2020 - 23:04:32 EST
On Tue 17 Nov 07:47 CST 2020, Thara Gopinath wrote:
> Partial hash was being copied into the final result buffer without the
> entire message block processed. Depending on how the end user processes
> this result buffer, errors vary from result buffer corruption to result
> buffer poisoing. Fix this issue by ensuring that only the final hash value
> is copied into the result buffer.
>
Looks reasonable to me
Reviewed-by: Bjorn Andersson <bjorn.andersson@xxxxxxxxxx>
Regards,
Bjorn
> Signed-off-by: Thara Gopinath <thara.gopinath@xxxxxxxxxx>
> ---
> drivers/crypto/qce/sha.c | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/drivers/crypto/qce/sha.c b/drivers/crypto/qce/sha.c
> index 87be96a0b0bb..61c418c12345 100644
> --- a/drivers/crypto/qce/sha.c
> +++ b/drivers/crypto/qce/sha.c
> @@ -48,7 +48,7 @@ static void qce_ahash_done(void *data)
> dma_unmap_sg(qce->dev, &rctx->result_sg, 1, DMA_FROM_DEVICE);
>
> memcpy(rctx->digest, result->auth_iv, digestsize);
> - if (req->result)
> + if (req->result && rctx->last_blk)
> memcpy(req->result, result->auth_iv, digestsize);
>
> rctx->byte_count[0] = cpu_to_be32(result->auth_byte_count[0]);
> --
> 2.25.1
>