From a985526631148203b79e5c4d38af9e281e1b2df3 Mon Sep 17 00:00:00 2001 From: Greg Kroah-Hartman Date: Tue, 12 Dec 2017 09:30:41 +0100 Subject: [PATCH] 4.14-stable patches added patches: arm-avoid-faulting-on-qemu.patch arm-bug-if-jumping-to-usermode-address-in-kernel-mode.patch crypto-talitos-fix-aead-for-sha224-on-non-sha224-capable-chips.patch crypto-talitos-fix-aead-test-failures.patch crypto-talitos-fix-ctr-aes-talitos.patch crypto-talitos-fix-memory-corruption-on-sec2.patch crypto-talitos-fix-setkey-to-check-key-weakness.patch crypto-talitos-fix-use-of-sg_link_tbl_len.patch --- queue-4.14/arm-avoid-faulting-on-qemu.patch | 48 +++++ ...g-to-usermode-address-in-kernel-mode.patch | 86 +++++++++ ...r-sha224-on-non-sha224-capable-chips.patch | 51 +++++ ...rypto-talitos-fix-aead-test-failures.patch | 125 ++++++++++++ .../crypto-talitos-fix-ctr-aes-talitos.patch | 39 ++++ ...alitos-fix-memory-corruption-on-sec2.patch | 180 ++++++++++++++++++ ...tos-fix-setkey-to-check-key-weakness.patch | 47 +++++ ...o-talitos-fix-use-of-sg_link_tbl_len.patch | 33 ++++ queue-4.14/series | 8 + 9 files changed, 617 insertions(+) create mode 100644 queue-4.14/arm-avoid-faulting-on-qemu.patch create mode 100644 queue-4.14/arm-bug-if-jumping-to-usermode-address-in-kernel-mode.patch create mode 100644 queue-4.14/crypto-talitos-fix-aead-for-sha224-on-non-sha224-capable-chips.patch create mode 100644 queue-4.14/crypto-talitos-fix-aead-test-failures.patch create mode 100644 queue-4.14/crypto-talitos-fix-ctr-aes-talitos.patch create mode 100644 queue-4.14/crypto-talitos-fix-memory-corruption-on-sec2.patch create mode 100644 queue-4.14/crypto-talitos-fix-setkey-to-check-key-weakness.patch create mode 100644 queue-4.14/crypto-talitos-fix-use-of-sg_link_tbl_len.patch diff --git a/queue-4.14/arm-avoid-faulting-on-qemu.patch b/queue-4.14/arm-avoid-faulting-on-qemu.patch new file mode 100644 index 00000000000..76e8ef80958 --- /dev/null +++ b/queue-4.14/arm-avoid-faulting-on-qemu.patch @@ -0,0 +1,48 @@ +From 3aaf33bebda8d4ffcc0fc8ef39e6c1ac68823b11 Mon Sep 17 00:00:00 2001 +From: Russell King +Date: Mon, 27 Nov 2017 11:22:42 +0000 +Subject: ARM: avoid faulting on qemu + +From: Russell King + +commit 3aaf33bebda8d4ffcc0fc8ef39e6c1ac68823b11 upstream. + +When qemu starts a kernel in a bare environment, the default SCR has +the AW and FW bits clear, which means that the kernel can't modify +the PSR A or PSR F bits, and means that FIQs and imprecise aborts are +always masked. + +When running uboot under qemu, the AW and FW SCR bits are set, and the +kernel functions normally - and this is how real hardware behaves. + +Fix this for qemu by ignoring the FIQ bit. + +Fixes: 8bafae202c82 ("ARM: BUG if jumping to usermode address in kernel mode") +Signed-off-by: Russell King +Cc: Alex Shi +Signed-off-by: Greg Kroah-Hartman + +--- + arch/arm/kernel/entry-header.S | 4 ++-- + 1 file changed, 2 insertions(+), 2 deletions(-) + +--- a/arch/arm/kernel/entry-header.S ++++ b/arch/arm/kernel/entry-header.S +@@ -300,7 +300,7 @@ + mov r2, sp + ldr r1, [r2, #\offset + S_PSR] @ get calling cpsr + ldr lr, [r2, #\offset + S_PC]! @ get pc +- tst r1, #0xcf ++ tst r1, #PSR_I_BIT | 0x0f + bne 1f + msr spsr_cxsf, r1 @ save in spsr_svc + #if defined(CONFIG_CPU_V6) || defined(CONFIG_CPU_32v6K) +@@ -332,7 +332,7 @@ + ldr r1, [sp, #\offset + S_PSR] @ get calling cpsr + ldr lr, [sp, #\offset + S_PC] @ get pc + add sp, sp, #\offset + S_SP +- tst r1, #0xcf ++ tst r1, #PSR_I_BIT | 0x0f + bne 1f + msr spsr_cxsf, r1 @ save in spsr_svc + diff --git a/queue-4.14/arm-bug-if-jumping-to-usermode-address-in-kernel-mode.patch b/queue-4.14/arm-bug-if-jumping-to-usermode-address-in-kernel-mode.patch new file mode 100644 index 00000000000..aa568f3d671 --- /dev/null +++ b/queue-4.14/arm-bug-if-jumping-to-usermode-address-in-kernel-mode.patch @@ -0,0 +1,86 @@ +From 8bafae202c82dc257f649ea3c275a0f35ee15113 Mon Sep 17 00:00:00 2001 +From: Russell King +Date: Fri, 24 Nov 2017 23:49:34 +0000 +Subject: ARM: BUG if jumping to usermode address in kernel mode + +From: Russell King + +commit 8bafae202c82dc257f649ea3c275a0f35ee15113 upstream. + +Detect if we are returning to usermode via the normal kernel exit paths +but the saved PSR value indicates that we are in kernel mode. This +could occur due to corrupted stack state, which has been observed with +"ftracetest". + +This ensures that we catch the problem case before we get to user code. + +Signed-off-by: Russell King +Cc: Alex Shi +Signed-off-by: Greg Kroah-Hartman + +--- + arch/arm/include/asm/assembler.h | 18 ++++++++++++++++++ + arch/arm/kernel/entry-header.S | 6 ++++++ + 2 files changed, 24 insertions(+) + +--- a/arch/arm/include/asm/assembler.h ++++ b/arch/arm/include/asm/assembler.h +@@ -518,4 +518,22 @@ THUMB( orr \reg , \reg , #PSR_T_BIT ) + #endif + .endm + ++ .macro bug, msg, line ++#ifdef CONFIG_THUMB2_KERNEL ++1: .inst 0xde02 ++#else ++1: .inst 0xe7f001f2 ++#endif ++#ifdef CONFIG_DEBUG_BUGVERBOSE ++ .pushsection .rodata.str, "aMS", %progbits, 1 ++2: .asciz "\msg" ++ .popsection ++ .pushsection __bug_table, "aw" ++ .align 2 ++ .word 1b, 2b ++ .hword \line ++ .popsection ++#endif ++ .endm ++ + #endif /* __ASM_ASSEMBLER_H__ */ +--- a/arch/arm/kernel/entry-header.S ++++ b/arch/arm/kernel/entry-header.S +@@ -300,6 +300,8 @@ + mov r2, sp + ldr r1, [r2, #\offset + S_PSR] @ get calling cpsr + ldr lr, [r2, #\offset + S_PC]! @ get pc ++ tst r1, #0xcf ++ bne 1f + msr spsr_cxsf, r1 @ save in spsr_svc + #if defined(CONFIG_CPU_V6) || defined(CONFIG_CPU_32v6K) + @ We must avoid clrex due to Cortex-A15 erratum #830321 +@@ -314,6 +316,7 @@ + @ after ldm {}^ + add sp, sp, #\offset + PT_REGS_SIZE + movs pc, lr @ return & move spsr_svc into cpsr ++1: bug "Returning to usermode but unexpected PSR bits set?", \@ + #elif defined(CONFIG_CPU_V7M) + @ V7M restore. + @ Note that we don't need to do clrex here as clearing the local +@@ -329,6 +332,8 @@ + ldr r1, [sp, #\offset + S_PSR] @ get calling cpsr + ldr lr, [sp, #\offset + S_PC] @ get pc + add sp, sp, #\offset + S_SP ++ tst r1, #0xcf ++ bne 1f + msr spsr_cxsf, r1 @ save in spsr_svc + + @ We must avoid clrex due to Cortex-A15 erratum #830321 +@@ -341,6 +346,7 @@ + .endif + add sp, sp, #PT_REGS_SIZE - S_SP + movs pc, lr @ return & move spsr_svc into cpsr ++1: bug "Returning to usermode but unexpected PSR bits set?", \@ + #endif /* !CONFIG_THUMB2_KERNEL */ + .endm + diff --git a/queue-4.14/crypto-talitos-fix-aead-for-sha224-on-non-sha224-capable-chips.patch b/queue-4.14/crypto-talitos-fix-aead-for-sha224-on-non-sha224-capable-chips.patch new file mode 100644 index 00000000000..f8f0a7f7222 --- /dev/null +++ b/queue-4.14/crypto-talitos-fix-aead-for-sha224-on-non-sha224-capable-chips.patch @@ -0,0 +1,51 @@ +From 6cda075aff67a1b9b5ba1b2818091dc939643b6c Mon Sep 17 00:00:00 2001 +From: LEROY Christophe +Date: Fri, 6 Oct 2017 15:04:39 +0200 +Subject: crypto: talitos - fix AEAD for sha224 on non sha224 capable chips + +From: LEROY Christophe + +commit 6cda075aff67a1b9b5ba1b2818091dc939643b6c upstream. + +sha224 AEAD test fails with: + +[ 2.803125] talitos ff020000.crypto: DEUISR 0x00000000_00000000 +[ 2.808743] talitos ff020000.crypto: MDEUISR 0x80100000_00000000 +[ 2.814678] talitos ff020000.crypto: DESCBUF 0x20731f21_00000018 +[ 2.820616] talitos ff020000.crypto: DESCBUF 0x0628d64c_00000010 +[ 2.826554] talitos ff020000.crypto: DESCBUF 0x0631005c_00000018 +[ 2.832492] talitos ff020000.crypto: DESCBUF 0x0628d664_00000008 +[ 2.838430] talitos ff020000.crypto: DESCBUF 0x061b13a0_00000080 +[ 2.844369] talitos ff020000.crypto: DESCBUF 0x0631006c_00000080 +[ 2.850307] talitos ff020000.crypto: DESCBUF 0x0631006c_00000018 +[ 2.856245] talitos ff020000.crypto: DESCBUF 0x063100ec_00000000 +[ 2.884972] talitos ff020000.crypto: failed to reset channel 0 +[ 2.890503] talitos ff020000.crypto: done overflow, internal time out, or rngu error: ISR 0x20000000_00020000 +[ 2.900652] alg: aead: encryption failed on test 1 for authenc-hmac-sha224-cbc-3des-talitos: ret=22 + +This is due to SHA224 not being supported by the HW. Allthough for +hash we are able to init the hash context by SW, it is not +possible for AEAD. Therefore SHA224 AEAD has to be deactivated. + +Signed-off-by: Christophe Leroy +Signed-off-by: Herbert Xu +Signed-off-by: Greg Kroah-Hartman + +--- + drivers/crypto/talitos.c | 5 +++++ + 1 file changed, 5 insertions(+) + +--- a/drivers/crypto/talitos.c ++++ b/drivers/crypto/talitos.c +@@ -3068,6 +3068,11 @@ static struct talitos_crypto_alg *talito + t_alg->algt.alg.aead.setkey = aead_setkey; + t_alg->algt.alg.aead.encrypt = aead_encrypt; + t_alg->algt.alg.aead.decrypt = aead_decrypt; ++ if (!(priv->features & TALITOS_FTR_SHA224_HWINIT) && ++ !strncmp(alg->cra_name, "authenc(hmac(sha224)", 20)) { ++ kfree(t_alg); ++ return ERR_PTR(-ENOTSUPP); ++ } + break; + case CRYPTO_ALG_TYPE_AHASH: + alg = &t_alg->algt.alg.hash.halg.base; diff --git a/queue-4.14/crypto-talitos-fix-aead-test-failures.patch b/queue-4.14/crypto-talitos-fix-aead-test-failures.patch new file mode 100644 index 00000000000..9813fc70894 --- /dev/null +++ b/queue-4.14/crypto-talitos-fix-aead-test-failures.patch @@ -0,0 +1,125 @@ +From ec8c7d14acc0a477429d3a6fade5dab72c996c82 Mon Sep 17 00:00:00 2001 +From: LEROY Christophe +Date: Fri, 6 Oct 2017 15:04:33 +0200 +Subject: crypto: talitos - fix AEAD test failures + +From: LEROY Christophe + +commit ec8c7d14acc0a477429d3a6fade5dab72c996c82 upstream. + +AEAD tests fail when destination SG list has more than 1 element. + +[ 2.058752] alg: aead: Test 1 failed on encryption for authenc-hmac-sha1-cbc-aes-talitos +[ 2.066965] 00000000: 53 69 6e 67 6c 65 20 62 6c 6f 63 6b 20 6d 73 67 +00000010: c0 43 ff 74 c0 43 ff e0 de 83 d1 20 de 84 8e 54 +00000020: de 83 d7 c4 +[ 2.082138] alg: aead: Test 1 failed on encryption for authenc-hmac-sha1-cbc-aes-talitos +[ 2.090435] 00000000: 53 69 6e 67 6c 65 20 62 6c 6f 63 6b 20 6d 73 67 +00000010: de 84 ea 58 c0 93 1a 24 de 84 e8 59 de 84 f1 20 +00000020: 00 00 00 00 +[ 2.105721] alg: aead: Test 1 failed on encryption for authenc-hmac-sha1-cbc-3des-talitos +[ 2.114259] 00000000: 6f 54 20 6f 61 4d 79 6e 53 20 63 65 65 72 73 74 +00000010: 54 20 6f 6f 4d 20 6e 61 20 79 65 53 72 63 74 65 +00000020: 20 73 6f 54 20 6f 61 4d 79 6e 53 20 63 65 65 72 +00000030: 73 74 54 20 6f 6f 4d 20 6e 61 20 79 65 53 72 63 +00000040: 74 65 20 73 6f 54 20 6f 61 4d 79 6e 53 20 63 65 +00000050: 65 72 73 74 54 20 6f 6f 4d 20 6e 61 20 79 65 53 +00000060: 72 63 74 65 20 73 6f 54 20 6f 61 4d 79 6e 53 20 +00000070: 63 65 65 72 73 74 54 20 6f 6f 4d 20 6e 61 0a 79 +00000080: c0 50 f1 ac c0 50 f3 38 c0 50 f3 94 c0 50 f5 30 +00000090: c0 99 74 3c +[ 2.166410] alg: aead: Test 1 failed on encryption for authenc-hmac-sha1-cbc-3des-talitos +[ 2.174794] 00000000: 6f 54 20 6f 61 4d 79 6e 53 20 63 65 65 72 73 74 +00000010: 54 20 6f 6f 4d 20 6e 61 20 79 65 53 72 63 74 65 +00000020: 20 73 6f 54 20 6f 61 4d 79 6e 53 20 63 65 65 72 +00000030: 73 74 54 20 6f 6f 4d 20 6e 61 20 79 65 53 72 63 +00000040: 74 65 20 73 6f 54 20 6f 61 4d 79 6e 53 20 63 65 +00000050: 65 72 73 74 54 20 6f 6f 4d 20 6e 61 20 79 65 53 +00000060: 72 63 74 65 20 73 6f 54 20 6f 61 4d 79 6e 53 20 +00000070: 63 65 65 72 73 74 54 20 6f 6f 4d 20 6e 61 0a 79 +00000080: c0 50 f1 ac c0 50 f3 38 c0 50 f3 94 c0 50 f5 30 +00000090: c0 99 74 3c +[ 2.226486] alg: No test for authenc(hmac(sha224),cbc(aes)) (authenc-hmac-sha224-cbc-aes-talitos) +[ 2.236459] alg: No test for authenc(hmac(sha224),cbc(aes)) (authenc-hmac-sha224-cbc-aes-talitos) +[ 2.247196] alg: aead: Test 1 failed on encryption for authenc-hmac-sha224-cbc-3des-talitos +[ 2.255555] 00000000: 6f 54 20 6f 61 4d 79 6e 53 20 63 65 65 72 73 74 +00000010: 54 20 6f 6f 4d 20 6e 61 20 79 65 53 72 63 74 65 +00000020: 20 73 6f 54 20 6f 61 4d 79 6e 53 20 63 65 65 72 +00000030: 73 74 54 20 6f 6f 4d 20 6e 61 20 79 65 53 72 63 +00000040: 74 65 20 73 6f 54 20 6f 61 4d 79 6e 53 20 63 65 +00000050: 65 72 73 74 54 20 6f 6f 4d 20 6e 61 20 79 65 53 +00000060: 72 63 74 65 20 73 6f 54 20 6f 61 4d 79 6e 53 20 +00000070: 63 65 65 72 73 74 54 20 6f 6f 4d 20 6e 61 0a 79 +00000080: c0 50 f1 ac c0 50 f3 38 c0 50 f3 94 c0 50 f5 30 +00000090: c0 99 74 3c c0 96 e5 b8 +[ 2.309004] alg: aead: Test 1 failed on encryption for authenc-hmac-sha224-cbc-3des-talitos +[ 2.317562] 00000000: 6f 54 20 6f 61 4d 79 6e 53 20 63 65 65 72 73 74 +00000010: 54 20 6f 6f 4d 20 6e 61 20 79 65 53 72 63 74 65 +00000020: 20 73 6f 54 20 6f 61 4d 79 6e 53 20 63 65 65 72 +00000030: 73 74 54 20 6f 6f 4d 20 6e 61 20 79 65 53 72 63 +00000040: 74 65 20 73 6f 54 20 6f 61 4d 79 6e 53 20 63 65 +00000050: 65 72 73 74 54 20 6f 6f 4d 20 6e 61 20 79 65 53 +00000060: 72 63 74 65 20 73 6f 54 20 6f 61 4d 79 6e 53 20 +00000070: 63 65 65 72 73 74 54 20 6f 6f 4d 20 6e 61 0a 79 +00000080: c0 50 f1 ac c0 50 f3 38 c0 50 f3 94 c0 50 f5 30 +00000090: c0 99 74 3c c0 96 e5 b8 +[ 2.370710] alg: aead: Test 1 failed on encryption for authenc-hmac-sha256-cbc-aes-talitos +[ 2.379177] 00000000: 53 69 6e 67 6c 65 20 62 6c 6f 63 6b 20 6d 73 67 +00000010: 54 20 6f 6f 4d 20 6e 61 20 79 65 53 72 63 74 65 +00000020: 20 73 6f 54 20 6f 61 4d 79 6e 53 20 63 65 65 72 +[ 2.397863] alg: aead: Test 1 failed on encryption for authenc-hmac-sha256-cbc-aes-talitos +[ 2.406134] 00000000: 53 69 6e 67 6c 65 20 62 6c 6f 63 6b 20 6d 73 67 +00000010: 54 20 6f 6f 4d 20 6e 61 20 79 65 53 72 63 74 65 +00000020: 20 73 6f 54 20 6f 61 4d 79 6e 53 20 63 65 65 72 +[ 2.424789] alg: aead: Test 1 failed on encryption for authenc-hmac-sha256-cbc-3des-talitos +[ 2.433491] 00000000: 6f 54 20 6f 61 4d 79 6e 53 20 63 65 65 72 73 74 +00000010: 54 20 6f 6f 4d 20 6e 61 20 79 65 53 72 63 74 65 +00000020: 20 73 6f 54 20 6f 61 4d 79 6e 53 20 63 65 65 72 +00000030: 73 74 54 20 6f 6f 4d 20 6e 61 20 79 65 53 72 63 +00000040: 74 65 20 73 6f 54 20 6f 61 4d 79 6e 53 20 63 65 +00000050: 65 72 73 74 54 20 6f 6f 4d 20 6e 61 20 79 65 53 +00000060: 72 63 74 65 20 73 6f 54 20 6f 61 4d 79 6e 53 20 +00000070: 63 65 65 72 73 74 54 20 6f 6f 4d 20 6e 61 0a 79 +00000080: c0 50 f1 ac c0 50 f3 38 c0 50 f3 94 c0 50 f5 30 +00000090: c0 99 74 3c c0 96 e5 b8 c0 96 e9 20 c0 00 3d dc +[ 2.488832] alg: aead: Test 1 failed on encryption for authenc-hmac-sha256-cbc-3des-talitos +[ 2.497387] 00000000: 6f 54 20 6f 61 4d 79 6e 53 20 63 65 65 72 73 74 +00000010: 54 20 6f 6f 4d 20 6e 61 20 79 65 53 72 63 74 65 +00000020: 20 73 6f 54 20 6f 61 4d 79 6e 53 20 63 65 65 72 +00000030: 73 74 54 20 6f 6f 4d 20 6e 61 20 79 65 53 72 63 +00000040: 74 65 20 73 6f 54 20 6f 61 4d 79 6e 53 20 63 65 +00000050: 65 72 73 74 54 20 6f 6f 4d 20 6e 61 20 79 65 53 +00000060: 72 63 74 65 20 73 6f 54 20 6f 61 4d 79 6e 53 20 +00000070: 63 65 65 72 73 74 54 20 6f 6f 4d 20 6e 61 0a 79 +00000080: c0 50 f1 ac c0 50 f3 38 c0 50 f3 94 c0 50 f5 30 +00000090: c0 99 74 3c c0 96 e5 b8 c0 96 e9 20 c0 00 3d dc + +This patch fixes that. + +Signed-off-by: Christophe Leroy +Signed-off-by: Herbert Xu +Signed-off-by: Greg Kroah-Hartman + +--- + drivers/crypto/talitos.c | 9 ++++----- + 1 file changed, 4 insertions(+), 5 deletions(-) + +--- a/drivers/crypto/talitos.c ++++ b/drivers/crypto/talitos.c +@@ -1232,12 +1232,11 @@ static int ipsec_esp(struct talitos_edes + sg_link_tbl_len += authsize; + } + +- sg_count = talitos_sg_map(dev, areq->src, cryptlen, edesc, +- &desc->ptr[4], sg_count, areq->assoclen, +- tbl_off); ++ ret = talitos_sg_map(dev, areq->src, cryptlen, edesc, &desc->ptr[4], ++ sg_count, areq->assoclen, tbl_off); + +- if (sg_count > 1) { +- tbl_off += sg_count; ++ if (ret > 1) { ++ tbl_off += ret; + sync_needed = true; + } + diff --git a/queue-4.14/crypto-talitos-fix-ctr-aes-talitos.patch b/queue-4.14/crypto-talitos-fix-ctr-aes-talitos.patch new file mode 100644 index 00000000000..cf0985c8a73 --- /dev/null +++ b/queue-4.14/crypto-talitos-fix-ctr-aes-talitos.patch @@ -0,0 +1,39 @@ +From 70d355ccea899dad47dc22d3a4406998f55143fd Mon Sep 17 00:00:00 2001 +From: LEROY Christophe +Date: Fri, 6 Oct 2017 15:04:43 +0200 +Subject: crypto: talitos - fix ctr-aes-talitos + +From: LEROY Christophe + +commit 70d355ccea899dad47dc22d3a4406998f55143fd upstream. + +ctr-aes-talitos test fails as follows on SEC2 + +[ 0.837427] alg: skcipher: Test 1 failed (invalid result) on encryption for ctr-aes-talitos +[ 0.845763] 00000000: 16 36 d5 ee 34 f8 06 25 d7 7f 8e 56 ca 88 43 45 +[ 0.852345] 00000010: f9 3f f7 17 2a b2 12 23 30 43 09 15 82 dd e1 97 +[ 0.858940] 00000020: a7 f7 32 b5 eb 25 06 13 9a ec f5 29 25 f8 4d 66 +[ 0.865366] 00000030: b0 03 5b 8e aa 9a 42 b6 19 33 8a e2 9d 65 96 95 + +This patch fixes the descriptor type which is special for CTR AES + +Fixes: 5e75ae1b3cef6 ("crypto: talitos - add new crypto modes") +Signed-off-by: Christophe Leroy +Signed-off-by: Herbert Xu +Signed-off-by: Greg Kroah-Hartman + +--- + drivers/crypto/talitos.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +--- a/drivers/crypto/talitos.c ++++ b/drivers/crypto/talitos.c +@@ -2635,7 +2635,7 @@ static struct talitos_alg_template drive + .ivsize = AES_BLOCK_SIZE, + } + }, +- .desc_hdr_template = DESC_HDR_TYPE_COMMON_NONSNOOP_NO_AFEU | ++ .desc_hdr_template = DESC_HDR_TYPE_AESU_CTR_NONSNOOP | + DESC_HDR_SEL0_AESU | + DESC_HDR_MODE0_AESU_CTR, + }, diff --git a/queue-4.14/crypto-talitos-fix-memory-corruption-on-sec2.patch b/queue-4.14/crypto-talitos-fix-memory-corruption-on-sec2.patch new file mode 100644 index 00000000000..32241a8dbe5 --- /dev/null +++ b/queue-4.14/crypto-talitos-fix-memory-corruption-on-sec2.patch @@ -0,0 +1,180 @@ +From e04a61bebc5da1535b6f194b464295b8d558e2fc Mon Sep 17 00:00:00 2001 +From: LEROY Christophe +Date: Fri, 6 Oct 2017 15:04:35 +0200 +Subject: crypto: talitos - fix memory corruption on SEC2 + +From: LEROY Christophe + +commit e04a61bebc5da1535b6f194b464295b8d558e2fc upstream. + +On SEC2, when using the old descriptors type (hmac snoop no afeu) +for doing IPsec, the CICV out pointeur points out of the allocated +memory. + +[ 2.502554] ============================================================================= +[ 2.510740] BUG dma-kmalloc-256 (Not tainted): Redzone overwritten +[ 2.516907] ----------------------------------------------------------------------------- +[ 2.516907] +[ 2.526535] Disabling lock debugging due to kernel taint +[ 2.531845] INFO: 0xde858108-0xde85810b. First byte 0xf8 instead of 0xcc +[ 2.538549] INFO: Allocated in 0x806181a9 age=0 cpu=0 pid=58 +[ 2.544229] __kmalloc+0x374/0x564 +[ 2.547649] talitos_edesc_alloc+0x17c/0x48c +[ 2.551929] aead_edesc_alloc+0x80/0x154 +[ 2.555863] aead_encrypt+0x30/0xe0 +[ 2.559368] __test_aead+0x5a0/0x1f3c +[ 2.563042] test_aead+0x2c/0x110 +[ 2.566371] alg_test_aead+0x5c/0xf4 +[ 2.569958] alg_test+0x1dc/0x5a0 +[ 2.573305] cryptomgr_test+0x50/0x70 +[ 2.576984] kthread+0xd8/0x134 +[ 2.580155] ret_from_kernel_thread+0x5c/0x64 +[ 2.584534] INFO: Freed in ipsec_esp_encrypt_done+0x130/0x240 age=6 cpu=0 pid=0 +[ 2.591839] ipsec_esp_encrypt_done+0x130/0x240 +[ 2.596395] flush_channel+0x1dc/0x488 +[ 2.600161] talitos2_done_4ch+0x30/0x200 +[ 2.604185] tasklet_action+0xa0/0x13c +[ 2.607948] __do_softirq+0x148/0x6cc +[ 2.611623] irq_exit+0xc0/0x124 +[ 2.614869] call_do_irq+0x24/0x3c +[ 2.618292] do_IRQ+0x78/0x108 +[ 2.621369] ret_from_except+0x0/0x14 +[ 2.625055] finish_task_switch+0x58/0x350 +[ 2.629165] schedule+0x80/0x134 +[ 2.632409] schedule_preempt_disabled+0x38/0xc8 +[ 2.637042] cpu_startup_entry+0xe4/0x190 +[ 2.641074] start_kernel+0x3f4/0x408 +[ 2.644741] 0x3438 +[ 2.646857] INFO: Slab 0xdffbdb00 objects=9 used=1 fp=0xde8581c0 flags=0x0080 +[ 2.653978] INFO: Object 0xde858008 @offset=8 fp=0xca4395df +[ 2.653978] +[ 2.661032] Redzone de858000: cc cc cc cc cc cc cc cc ........ +[ 2.669029] Object de858008: 00 00 00 02 00 00 00 02 00 6b 6b 6b 1e 83 ea 28 .........kkk...( +[ 2.677628] Object de858018: 00 00 00 70 1e 85 80 64 ff 73 1d 21 6b 6b 6b 6b ...p...d.s.!kkkk +[ 2.686228] Object de858028: 00 20 00 00 1e 84 17 24 00 10 00 00 1e 85 70 00 . .....$......p. +[ 2.694829] Object de858038: 00 18 00 00 1e 84 17 44 00 08 00 00 1e 83 ea 28 .......D.......( +[ 2.703430] Object de858048: 00 80 00 00 1e 84 f0 00 00 80 00 00 1e 85 70 10 ..............p. +[ 2.712030] Object de858058: 00 20 6b 00 1e 85 80 f4 6b 6b 6b 6b 00 80 02 00 . k.....kkkk.... +[ 2.720629] Object de858068: 1e 84 f0 00 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b ....kkkkkkkkkkkk +[ 2.729230] Object de858078: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk +[ 2.737830] Object de858088: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk +[ 2.746429] Object de858098: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk +[ 2.755029] Object de8580a8: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk +[ 2.763628] Object de8580b8: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk +[ 2.772229] Object de8580c8: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk +[ 2.780829] Object de8580d8: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk +[ 2.789430] Object de8580e8: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 73 b0 ea 9f kkkkkkkkkkkks... +[ 2.798030] Object de8580f8: e8 18 80 d6 56 38 44 c0 db e3 4f 71 f7 ce d1 d3 ....V8D...Oq.... +[ 2.806629] Redzone de858108: f8 bd 3e 4f ..>O +[ 2.814279] Padding de8581b0: 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZ +[ 2.822283] CPU: 0 PID: 0 Comm: swapper Tainted: G B 4.9.50-g995be12679 #179 +[ 2.831819] Call Trace: +[ 2.834301] [dffefd20] [c01aa9a8] check_bytes_and_report+0x100/0x194 (unreliable) +[ 2.841801] [dffefd50] [c01aac3c] check_object+0x200/0x530 +[ 2.847306] [dffefd80] [c01ae584] free_debug_processing+0x290/0x690 +[ 2.853585] [dffefde0] [c01aec8c] __slab_free+0x308/0x628 +[ 2.859000] [dffefe80] [c05057f4] ipsec_esp_encrypt_done+0x130/0x240 +[ 2.865378] [dffefeb0] [c05002c4] flush_channel+0x1dc/0x488 +[ 2.870968] [dffeff10] [c05007a8] talitos2_done_4ch+0x30/0x200 +[ 2.876814] [dffeff30] [c002fe38] tasklet_action+0xa0/0x13c +[ 2.882399] [dffeff60] [c002f118] __do_softirq+0x148/0x6cc +[ 2.887896] [dffeffd0] [c002f954] irq_exit+0xc0/0x124 +[ 2.892968] [dffefff0] [c0013adc] call_do_irq+0x24/0x3c +[ 2.898213] [c0d4be00] [c000757c] do_IRQ+0x78/0x108 +[ 2.903113] [c0d4be30] [c0015c08] ret_from_except+0x0/0x14 +[ 2.908634] --- interrupt: 501 at finish_task_switch+0x70/0x350 +[ 2.908634] LR = finish_task_switch+0x58/0x350 +[ 2.919327] [c0d4bf20] [c085e1d4] schedule+0x80/0x134 +[ 2.924398] [c0d4bf50] [c085e2c0] schedule_preempt_disabled+0x38/0xc8 +[ 2.930853] [c0d4bf60] [c007f064] cpu_startup_entry+0xe4/0x190 +[ 2.936707] [c0d4bfb0] [c096c434] start_kernel+0x3f4/0x408 +[ 2.942198] [c0d4bff0] [00003438] 0x3438 +[ 2.946137] FIX dma-kmalloc-256: Restoring 0xde858108-0xde85810b=0xcc +[ 2.946137] +[ 2.954158] FIX dma-kmalloc-256: Object at 0xde858008 not freed + +This patch reworks the handling of the CICV out in order +to properly handle all cases. + +Signed-off-by: Christophe Leroy +Signed-off-by: Herbert Xu +Signed-off-by: Greg Kroah-Hartman + +--- + drivers/crypto/talitos.c | 42 ++++++++++++++++++++++++++++-------------- + 1 file changed, 28 insertions(+), 14 deletions(-) + +--- a/drivers/crypto/talitos.c ++++ b/drivers/crypto/talitos.c +@@ -1247,14 +1247,15 @@ static int ipsec_esp(struct talitos_edes + dma_map_sg(dev, areq->dst, sg_count, DMA_FROM_DEVICE); + } + +- sg_count = talitos_sg_map(dev, areq->dst, cryptlen, edesc, +- &desc->ptr[5], sg_count, areq->assoclen, +- tbl_off); ++ ret = talitos_sg_map(dev, areq->dst, cryptlen, edesc, &desc->ptr[5], ++ sg_count, areq->assoclen, tbl_off); + + if (desc->hdr & DESC_HDR_TYPE_IPSEC_ESP) + to_talitos_ptr_ext_or(&desc->ptr[5], authsize, is_sec1); + +- if (sg_count > 1) { ++ /* ICV data */ ++ if (ret > 1) { ++ tbl_off += ret; + edesc->icv_ool = true; + sync_needed = true; + +@@ -1264,9 +1265,7 @@ static int ipsec_esp(struct talitos_edes + sizeof(struct talitos_ptr) + authsize; + + /* Add an entry to the link table for ICV data */ +- tbl_ptr += sg_count - 1; +- to_talitos_ptr_ext_set(tbl_ptr, 0, is_sec1); +- tbl_ptr++; ++ to_talitos_ptr_ext_set(tbl_ptr - 1, 0, is_sec1); + to_talitos_ptr_ext_set(tbl_ptr, DESC_PTR_LNKTBL_RETURN, + is_sec1); + to_talitos_ptr_len(tbl_ptr, authsize, is_sec1); +@@ -1274,18 +1273,33 @@ static int ipsec_esp(struct talitos_edes + /* icv data follows link tables */ + to_talitos_ptr(tbl_ptr, edesc->dma_link_tbl + offset, + is_sec1); ++ } else { ++ dma_addr_t addr = edesc->dma_link_tbl; ++ ++ if (is_sec1) ++ addr += areq->assoclen + cryptlen; ++ else ++ addr += sizeof(struct talitos_ptr) * tbl_off; ++ ++ to_talitos_ptr(&desc->ptr[6], addr, is_sec1); ++ to_talitos_ptr_len(&desc->ptr[6], authsize, is_sec1); ++ } ++ } else if (!(desc->hdr & DESC_HDR_TYPE_IPSEC_ESP)) { ++ ret = talitos_sg_map(dev, areq->dst, authsize, edesc, ++ &desc->ptr[6], sg_count, areq->assoclen + ++ cryptlen, ++ tbl_off); ++ if (ret > 1) { ++ tbl_off += ret; ++ edesc->icv_ool = true; ++ sync_needed = true; ++ } else { ++ edesc->icv_ool = false; + } + } else { + edesc->icv_ool = false; + } + +- /* ICV data */ +- if (!(desc->hdr & DESC_HDR_TYPE_IPSEC_ESP)) { +- to_talitos_ptr_len(&desc->ptr[6], authsize, is_sec1); +- to_talitos_ptr(&desc->ptr[6], edesc->dma_link_tbl + +- areq->assoclen + cryptlen, is_sec1); +- } +- + /* iv out */ + if (desc->hdr & DESC_HDR_TYPE_IPSEC_ESP) + map_single_talitos_ptr(dev, &desc->ptr[6], ivsize, ctx->iv, diff --git a/queue-4.14/crypto-talitos-fix-setkey-to-check-key-weakness.patch b/queue-4.14/crypto-talitos-fix-setkey-to-check-key-weakness.patch new file mode 100644 index 00000000000..0469c9edcc9 --- /dev/null +++ b/queue-4.14/crypto-talitos-fix-setkey-to-check-key-weakness.patch @@ -0,0 +1,47 @@ +From f384cdc4faf350fdb6ad93c5f26952b9ba7c7566 Mon Sep 17 00:00:00 2001 +From: LEROY Christophe +Date: Fri, 6 Oct 2017 15:04:37 +0200 +Subject: crypto: talitos - fix setkey to check key weakness + +From: LEROY Christophe + +commit f384cdc4faf350fdb6ad93c5f26952b9ba7c7566 upstream. + +Crypto manager test report the following failures: +[ 3.061081] alg: skcipher: setkey failed on test 5 for ecb-des-talitos: flags=100 +[ 3.069342] alg: skcipher-ddst: setkey failed on test 5 for ecb-des-talitos: flags=100 +[ 3.077754] alg: skcipher-ddst: setkey failed on test 5 for ecb-des-talitos: flags=100 + +This is due to setkey being expected to detect weak keys. + +Signed-off-by: Christophe Leroy +Signed-off-by: Herbert Xu +Signed-off-by: Greg Kroah-Hartman + +--- + drivers/crypto/talitos.c | 8 ++++++++ + 1 file changed, 8 insertions(+) + +--- a/drivers/crypto/talitos.c ++++ b/drivers/crypto/talitos.c +@@ -1507,12 +1507,20 @@ static int ablkcipher_setkey(struct cryp + const u8 *key, unsigned int keylen) + { + struct talitos_ctx *ctx = crypto_ablkcipher_ctx(cipher); ++ u32 tmp[DES_EXPKEY_WORDS]; + + if (keylen > TALITOS_MAX_KEY_SIZE) { + crypto_ablkcipher_set_flags(cipher, CRYPTO_TFM_RES_BAD_KEY_LEN); + return -EINVAL; + } + ++ if (unlikely(crypto_ablkcipher_get_flags(cipher) & ++ CRYPTO_TFM_REQ_WEAK_KEY) && ++ !des_ekey(tmp, key)) { ++ crypto_ablkcipher_set_flags(cipher, CRYPTO_TFM_RES_WEAK_KEY); ++ return -EINVAL; ++ } ++ + memcpy(&ctx->key, key, keylen); + ctx->keylen = keylen; + diff --git a/queue-4.14/crypto-talitos-fix-use-of-sg_link_tbl_len.patch b/queue-4.14/crypto-talitos-fix-use-of-sg_link_tbl_len.patch new file mode 100644 index 00000000000..8c96ad93db2 --- /dev/null +++ b/queue-4.14/crypto-talitos-fix-use-of-sg_link_tbl_len.patch @@ -0,0 +1,33 @@ +From fbb22137c4d9bab536958b152d096fb3f98020ea Mon Sep 17 00:00:00 2001 +From: LEROY Christophe +Date: Fri, 6 Oct 2017 15:04:41 +0200 +Subject: crypto: talitos - fix use of sg_link_tbl_len + +From: LEROY Christophe + +commit fbb22137c4d9bab536958b152d096fb3f98020ea upstream. + +sg_link_tbl_len shall be used instead of cryptlen, otherwise +SECs which perform HW CICV verification will fail. + +Signed-off-by: Christophe Leroy +Signed-off-by: Herbert Xu +Signed-off-by: Greg Kroah-Hartman + +--- + drivers/crypto/talitos.c | 4 ++-- + 1 file changed, 2 insertions(+), 2 deletions(-) + +--- a/drivers/crypto/talitos.c ++++ b/drivers/crypto/talitos.c +@@ -1232,8 +1232,8 @@ static int ipsec_esp(struct talitos_edes + sg_link_tbl_len += authsize; + } + +- ret = talitos_sg_map(dev, areq->src, cryptlen, edesc, &desc->ptr[4], +- sg_count, areq->assoclen, tbl_off); ++ ret = talitos_sg_map(dev, areq->src, sg_link_tbl_len, edesc, ++ &desc->ptr[4], sg_count, areq->assoclen, tbl_off); + + if (ret > 1) { + tbl_off += ret; diff --git a/queue-4.14/series b/queue-4.14/series index bfe1922f91c..e5cca29cff5 100644 --- a/queue-4.14/series +++ b/queue-4.14/series @@ -94,3 +94,11 @@ bus-arm-ccn-fix-use-of-smp_processor_id-in-preemptible-context.patch bus-arm-ccn-fix-module-unloading-error-removing-state-147-which-has-instances-left.patch ib-core-avoid-unnecessary-return-value-check.patch ib-core-only-enforce-security-for-infiniband.patch +crypto-talitos-fix-aead-test-failures.patch +crypto-talitos-fix-memory-corruption-on-sec2.patch +crypto-talitos-fix-setkey-to-check-key-weakness.patch +crypto-talitos-fix-aead-for-sha224-on-non-sha224-capable-chips.patch +crypto-talitos-fix-use-of-sg_link_tbl_len.patch +crypto-talitos-fix-ctr-aes-talitos.patch +arm-bug-if-jumping-to-usermode-address-in-kernel-mode.patch +arm-avoid-faulting-on-qemu.patch -- 2.47.3