Re: [PATCH] crypto: mxs-dcp: Ensure payload is zero when using key slot

From: Herbert Xu
Date: Fri Jul 12 2024 - 19:56:41 EST

Next message: Sean Christopherson: "[GIT PULL] KVM: x86 pull requests for 6.11"
Previous message: Herbert Xu: "Re: [PATCH v1] hwrng: Kconfig - Do not enable by default CN10K driver"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Wed, Jul 03, 2024 at 02:49:58PM +0200, David Gstir wrote:
> We could leak stack memory through the payload field when running
> AES with a key from one of the hardware's key slots. Fix this by
> ensuring the payload field is set to 0 in such cases.
>
> This does not affect the common use case when the key is supplied
> from main memory via the descriptor payload.
>
> Signed-off-by: David Gstir <david@xxxxxxxxxxxxx>
> Reported-by: kernel test robot <lkp@xxxxxxxxx>
> Reported-by: Dan Carpenter <dan.carpenter@xxxxxxxxxx>
> Closes: https://lore.kernel.org/r/202405270146.Y9tPoil8-lkp@xxxxxxxxx/
> Fixes: 3d16af0b4cfa ("crypto: mxs-dcp: Add support for hardware-bound keys")
> ---
> drivers/crypto/mxs-dcp.c | 3 ++-
> 1 file changed, 2 insertions(+), 1 deletion(-)

Patch applied. Thanks.
--
Email: Herbert Xu <herbert@xxxxxxxxxxxxxxxxxxx>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt

Next message: Sean Christopherson: "[GIT PULL] KVM: x86 pull requests for 6.11"
Previous message: Herbert Xu: "Re: [PATCH v1] hwrng: Kconfig - Do not enable by default CN10K driver"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]