Re: [PATCH 1/2] crypto: virtio: Fix src/dst scatterlist calculation in __virtio_crypto_skcipher_do_req()

Hi Markus, On 2020/5/25 14:05, Markus Elfring wrote: >> The system will crash when we insmod crypto/tcrypt.ko whit mode=38. > > * I suggest to use the word “with” in this sentence. > OK, it's a typo. > * Will it be helpful to explain the passed mode number? > > >> BTW I add a check for sg_nen

Re: [PATCH 2/2] crypto: virtio: Fix use-after-free in virtio_crypto_skcipher_finalize_req()

> … So the system will crash > at last when this memory be used again. I would prefer a wording with less typos here. > We can free the resources before calling ->complete to fix this issue. * An imperative wording can be nicer. https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.

Re: [PATCH 1/2] crypto: virtio: Fix src/dst scatterlist calculation in __virtio_crypto_skcipher_do_req()

> The system will crash when we insmod crypto/tcrypt.ko whit mode=38. * I suggest to use the word “with” in this sentence. * Will it be helpful to explain the passed mode number? > BTW I add a check for sg_nents_for_len() its return value since > sg_nents_for_len() function could fail. Please

Re: [PATCH 1/2] crypto: virtio: fix src/dst scatterlist calculation

Hi Jason, On 2020/5/25 11:12, Jason Wang wrote: > > On 2020/5/25 上午8:56, Longpeng(Mike) wrote: >> The system will crash when we insmod crypto/tcrypt.ko whit mode=38. >> >> Usually the next entry of one sg will be @sg@ + 1, but if this sg element >> is part of a chained scatterlist, it could jump

Re: [PATCH 1/2] crypto: virtio: fix src/dst scatterlist calculation

On 2020/5/25 上午8:56, Longpeng(Mike) wrote: The system will crash when we insmod crypto/tcrypt.ko whit mode=38. Usually the next entry of one sg will be @sg@ + 1, but if this sg element is part of a chained scatterlist, it could jump to the start of a new scatterlist array. Let's fix it by sg_n

[PATCH 1/2] crypto: virtio: fix src/dst scatterlist calculation

The system will crash when we insmod crypto/tcrypt.ko whit mode=38. Usually the next entry of one sg will be @sg@ + 1, but if this sg element is part of a chained scatterlist, it could jump to the start of a new scatterlist array. Let's fix it by sg_next() on calculation of src/dst scatterlist. B

[PATCH 2/2] crypto: virtio: fix an memory use-after-free bug

The system'll crash when we insmod crypto/tcrypto.ko with mode=155. After dig into this case, I find it's caused by reuse the request memory. In crypto_authenc_init_tfm, we'll set the reqsize to: [PART 1]sizeof(authenc_request_ctx) + [PART 2]ictx->reqoff + [PART 3]MAX(ahash part, skcipher p

[PATCH 0/2] crypto: virtio: fix two crash issue

Link: https://lkml.org/lkml/2020/1/23/205 Cc: Gonglei Cc: Herbert Xu Cc: "Michael S. Tsirkin" Cc: Jason Wang Cc: "David S. Miller" Cc: virtualizat...@lists.linux-foundation.org Cc: linux-ker...@vger.kernel.org Longpeng(Mike) (2): crypto: virtio: fix src/dst scatterlist calculation crypto