[PATCH] crypto: hisilicon/hpre - rsa key should not be empty

LKML Archive mirror
 help / color / mirror / Atom feed

* [PATCH] crypto: hisilicon/hpre - rsa key should not be empty
@ 2021-03-26  6:13 Meng Yu
  2021-04-02  7:12 ` Herbert Xu
  0 siblings, 1 reply; 5+ messages in thread
From: Meng Yu @ 2021-03-26  6:13 UTC (permalink / raw)
  To: herbert, davem
  Cc: linux-crypto, xuzaibo, wangzhou1, yumeng18, linux-kernel,
	shenyang39

We should ensure key is not empty before we set key.

Signed-off-by: Meng Yu <yumeng18@huawei.com>
---
 drivers/crypto/hisilicon/hpre/hpre_crypto.c | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/drivers/crypto/hisilicon/hpre/hpre_crypto.c b/drivers/crypto/hisilicon/hpre/hpre_crypto.c
index 53068d2..7cf7d80 100644
--- a/drivers/crypto/hisilicon/hpre/hpre_crypto.c
+++ b/drivers/crypto/hisilicon/hpre/hpre_crypto.c
@@ -1093,6 +1093,9 @@ static int hpre_rsa_setpubkey(struct crypto_akcipher *tfm, const void *key,
 	struct hpre_ctx *ctx = akcipher_tfm_ctx(tfm);
 	int ret;
 
+	if (!key || !keylen)
+		return -EINVAL;
+
 	ret = crypto_akcipher_set_pub_key(ctx->rsa.soft_tfm, key, keylen);
 	if (ret)
 		return ret;
@@ -1106,6 +1109,9 @@ static int hpre_rsa_setprivkey(struct crypto_akcipher *tfm, const void *key,
 	struct hpre_ctx *ctx = akcipher_tfm_ctx(tfm);
 	int ret;
 
+	if (!key || !keylen)
+		return -EINVAL;
+
 	ret = crypto_akcipher_set_priv_key(ctx->rsa.soft_tfm, key, keylen);
 	if (ret)
 		return ret;
-- 
2.8.1


^ permalink raw reply related	[flat|nested] 5+ messages in thread

* Re: [PATCH] crypto: hisilicon/hpre - rsa key should not be empty
  2021-03-26  6:13 [PATCH] crypto: hisilicon/hpre - rsa key should not be empty Meng Yu
@ 2021-04-02  7:12 ` Herbert Xu
  2021-04-02 10:16   ` yumeng
  0 siblings, 1 reply; 5+ messages in thread
From: Herbert Xu @ 2021-04-02  7:12 UTC (permalink / raw)
  To: Meng Yu; +Cc: davem, linux-crypto, xuzaibo, wangzhou1, linux-kernel, shenyang39

On Fri, Mar 26, 2021 at 02:13:32PM +0800, Meng Yu wrote:
> We should ensure key is not empty before we set key.
> 
> Signed-off-by: Meng Yu <yumeng18@huawei.com>
> ---
>  drivers/crypto/hisilicon/hpre/hpre_crypto.c | 6 ++++++
>  1 file changed, 6 insertions(+)
> 
> diff --git a/drivers/crypto/hisilicon/hpre/hpre_crypto.c b/drivers/crypto/hisilicon/hpre/hpre_crypto.c
> index 53068d2..7cf7d80 100644
> --- a/drivers/crypto/hisilicon/hpre/hpre_crypto.c
> +++ b/drivers/crypto/hisilicon/hpre/hpre_crypto.c
> @@ -1093,6 +1093,9 @@ static int hpre_rsa_setpubkey(struct crypto_akcipher *tfm, const void *key,
>  	struct hpre_ctx *ctx = akcipher_tfm_ctx(tfm);
>  	int ret;
>  
> +	if (!key || !keylen)
> +		return -EINVAL;
> +
>  	ret = crypto_akcipher_set_pub_key(ctx->rsa.soft_tfm, key, keylen);

Does this fix a real bug? Wouldn't the soft fallback setkey catch
this anyhow?

Thanks,
-- 
Email: Herbert Xu <herbert@gondor.apana.org.au>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt

^ permalink raw reply	[flat|nested] 5+ messages in thread

* Re: [PATCH] crypto: hisilicon/hpre - rsa key should not be empty
  2021-04-02  7:12 ` Herbert Xu
@ 2021-04-02 10:16   ` yumeng
  2021-04-02 10:22     ` Herbert Xu
  0 siblings, 1 reply; 5+ messages in thread
From: yumeng @ 2021-04-02 10:16 UTC (permalink / raw)
  To: Herbert Xu
  Cc: davem, linux-crypto, xuzaibo, wangzhou1, linux-kernel, shenyang39



在 2021/4/2 15:12, Herbert Xu 写道:
> On Fri, Mar 26, 2021 at 02:13:32PM +0800, Meng Yu wrote:
>> We should ensure key is not empty before we set key.
>>
>> Signed-off-by: Meng Yu <yumeng18@huawei.com>
>> ---
>>   drivers/crypto/hisilicon/hpre/hpre_crypto.c | 6 ++++++
>>   1 file changed, 6 insertions(+)
>>
>> diff --git a/drivers/crypto/hisilicon/hpre/hpre_crypto.c b/drivers/crypto/hisilicon/hpre/hpre_crypto.c
>> index 53068d2..7cf7d80 100644
>> --- a/drivers/crypto/hisilicon/hpre/hpre_crypto.c
>> +++ b/drivers/crypto/hisilicon/hpre/hpre_crypto.c
>> @@ -1093,6 +1093,9 @@ static int hpre_rsa_setpubkey(struct crypto_akcipher *tfm, const void *key,
>>   	struct hpre_ctx *ctx = akcipher_tfm_ctx(tfm);
>>   	int ret;
>>   
>> +	if (!key || !keylen)
>> +		return -EINVAL;
>> +
>>   	ret = crypto_akcipher_set_pub_key(ctx->rsa.soft_tfm, key, keylen);
> 
> Does this fix a real bug? Wouldn't the soft fallback setkey catch
> this anyhow?
> 

I think it is not a real bug, and soft fallback setkey can always catch 
the error.
But our original intention was to make it don't go to 'xxx_set_pub_key'
when the key is null, and it can return an error earlier.
But maybe it is not good.


^ permalink raw reply	[flat|nested] 5+ messages in thread

* Re: [PATCH] crypto: hisilicon/hpre - rsa key should not be empty
  2021-04-02 10:16   ` yumeng
@ 2021-04-02 10:22     ` Herbert Xu
  2021-04-06  0:51       ` yumeng
  0 siblings, 1 reply; 5+ messages in thread
From: Herbert Xu @ 2021-04-02 10:22 UTC (permalink / raw)
  To: yumeng; +Cc: davem, linux-crypto, xuzaibo, wangzhou1, linux-kernel, shenyang39

On Fri, Apr 02, 2021 at 06:16:16PM +0800, yumeng wrote:
>
> I think it is not a real bug, and soft fallback setkey can always catch the
> error.
> But our original intention was to make it don't go to 'xxx_set_pub_key'
> when the key is null, and it can return an error earlier.
> But maybe it is not good.

It might make sense to check them twice if you were touching them
directly, e.g., poking inside the key.  However, it appears that
your driver simply palms off the key to rsa_helper.c which should
check the key/keylen too so I think there is no need for this patch
for now.

Thanks,
-- 
Email: Herbert Xu <herbert@gondor.apana.org.au>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt

^ permalink raw reply	[flat|nested] 5+ messages in thread

* Re: [PATCH] crypto: hisilicon/hpre - rsa key should not be empty
  2021-04-02 10:22     ` Herbert Xu
@ 2021-04-06  0:51       ` yumeng
  0 siblings, 0 replies; 5+ messages in thread
From: yumeng @ 2021-04-06  0:51 UTC (permalink / raw)
  To: Herbert Xu
  Cc: davem, linux-crypto, xuzaibo, wangzhou1, linux-kernel, shenyang39



在 2021/4/2 18:22, Herbert Xu 写道:
> On Fri, Apr 02, 2021 at 06:16:16PM +0800, yumeng wrote:
>>
>> I think it is not a real bug, and soft fallback setkey can always catch the
>> error.
>> But our original intention was to make it don't go to 'xxx_set_pub_key'
>> when the key is null, and it can return an error earlier.
>> But maybe it is not good.
> 
> It might make sense to check them twice if you were touching them
> directly, e.g., poking inside the key.  However, it appears that
> your driver simply palms off the key to rsa_helper.c which should
> check the key/keylen too so I think there is no need for this patch
> for now.
> 
> Thanks,
> 

OK, thank you.

^ permalink raw reply	[flat|nested] 5+ messages in thread

end of thread, other threads:[~2021-04-06  0:52 UTC | newest]

Thread overview: 5+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2021-03-26  6:13 [PATCH] crypto: hisilicon/hpre - rsa key should not be empty Meng Yu
2021-04-02  7:12 ` Herbert Xu
2021-04-02 10:16   ` yumeng
2021-04-02 10:22     ` Herbert Xu
2021-04-06  0:51       ` yumeng

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).