feedc0de/wolfssl
1
0
Fork 0
forked from wolfSSL/wolfssl
Code Pull Requests Activity

linuxkm/lkcapi_aes_glue.c: add error path cleanups for dangling skcipher_walks.

Browse Source
This commit is contained in:
Daniel Pouzzner
2025-05-28 16:30:43 -05:00
parent 5c82757eb4
commit 5c0a278c7f
1 changed files with 86 additions and 31 deletions
Download Patch File Download Diff File Expand all files Collapse all files

117
linuxkm/lkcapi_aes_glue.c
View File

@@ -557,7 +557,7 @@ static int km_AesCbcEncrypt(struct skcipher_request *req)
struct skcipher_walk walk; struct skcipher_walk walk;
unsigned int nbytes = 0; unsigned int nbytes = 0;
int err; int err;
Aes *aes_copy; Aes *aes_copy = NULL;
tfm = crypto_skcipher_reqtfm(req); tfm = crypto_skcipher_reqtfm(req);
ctx = crypto_skcipher_ctx(tfm); ctx = crypto_skcipher_ctx(tfm);
@@ -569,7 +569,7 @@ static int km_AesCbcEncrypt(struct skcipher_request *req)
err = km_AesGet(ctx, 0 /* decrypt_p */, 1 /* copy_p */, &aes_copy); err = km_AesGet(ctx, 0 /* decrypt_p */, 1 /* copy_p */, &aes_copy);
if (unlikely(err)) { if (unlikely(err)) {
return err; goto out;
} }
err = wc_AesSetIV(aes_copy, walk.iv); err = wc_AesSetIV(aes_copy, walk.iv);
@@ -601,6 +601,9 @@ static int km_AesCbcEncrypt(struct skcipher_request *req)
out: out:
if (err && walk.nbytes)
(void)skcipher_walk_done(&walk, err);
km_AesFree(&aes_copy); km_AesFree(&aes_copy);
#ifdef WOLFKM_DEBUG_AES #ifdef WOLFKM_DEBUG_AES
@@ -618,7 +621,7 @@ static int km_AesCbcDecrypt(struct skcipher_request *req)
struct skcipher_walk walk; struct skcipher_walk walk;
unsigned int nbytes = 0; unsigned int nbytes = 0;
int err; int err;
Aes *aes_copy; Aes *aes_copy = NULL;
tfm = crypto_skcipher_reqtfm(req); tfm = crypto_skcipher_reqtfm(req);
ctx = crypto_skcipher_ctx(tfm); ctx = crypto_skcipher_ctx(tfm);
@@ -631,7 +634,7 @@ static int km_AesCbcDecrypt(struct skcipher_request *req)
err = km_AesGet(ctx, 1 /* decrypt_p */, 1 /* copy_p */, &aes_copy); err = km_AesGet(ctx, 1 /* decrypt_p */, 1 /* copy_p */, &aes_copy);
if (unlikely(err)) { if (unlikely(err)) {
return err; goto out;
} }
err = wc_AesSetIV(aes_copy, walk.iv); err = wc_AesSetIV(aes_copy, walk.iv);
@@ -664,6 +667,9 @@ static int km_AesCbcDecrypt(struct skcipher_request *req)
out: out:
if (err && walk.nbytes)
(void)skcipher_walk_done(&walk, err);
km_AesFree(&aes_copy); km_AesFree(&aes_copy);
#ifdef WOLFKM_DEBUG_AES #ifdef WOLFKM_DEBUG_AES
@@ -715,7 +721,7 @@ static int km_AesCfbEncrypt(struct skcipher_request *req)
struct km_AesCtx * ctx = NULL; struct km_AesCtx * ctx = NULL;
struct skcipher_walk walk; struct skcipher_walk walk;
int err; int err;
Aes *aes_copy; Aes *aes_copy = NULL;
tfm = crypto_skcipher_reqtfm(req); tfm = crypto_skcipher_reqtfm(req);
ctx = crypto_skcipher_ctx(tfm); ctx = crypto_skcipher_ctx(tfm);
@@ -730,7 +736,7 @@ static int km_AesCfbEncrypt(struct skcipher_request *req)
err = km_AesGet(ctx, 0 /* decrypt_p */, 1 /* copy_p */, &aes_copy); err = km_AesGet(ctx, 0 /* decrypt_p */, 1 /* copy_p */, &aes_copy);
if (unlikely(err)) { if (unlikely(err)) {
return err; goto out;
} }
err = wc_AesSetIV(aes_copy, walk.iv); err = wc_AesSetIV(aes_copy, walk.iv);
@@ -758,7 +764,7 @@ static int km_AesCfbEncrypt(struct skcipher_request *req)
if (unlikely(err)) { if (unlikely(err)) {
pr_err("%s: skcipher_walk_done failed: %d\n", pr_err("%s: skcipher_walk_done failed: %d\n",
crypto_tfm_alg_driver_name(crypto_skcipher_tfm(tfm)), err); crypto_tfm_alg_driver_name(crypto_skcipher_tfm(tfm)), err);
return err; goto out;
} }
} }
@@ -767,6 +773,9 @@ static int km_AesCfbEncrypt(struct skcipher_request *req)
out: out:
if (err && walk.nbytes)
(void)skcipher_walk_done(&walk, err);
km_AesFree(&aes_copy); km_AesFree(&aes_copy);
#ifdef WOLFKM_DEBUG_AES #ifdef WOLFKM_DEBUG_AES
@@ -783,7 +792,7 @@ static int km_AesCfbDecrypt(struct skcipher_request *req)
struct km_AesCtx * ctx = NULL; struct km_AesCtx * ctx = NULL;
struct skcipher_walk walk; struct skcipher_walk walk;
int err; int err;
Aes *aes_copy; Aes *aes_copy = NULL;
tfm = crypto_skcipher_reqtfm(req); tfm = crypto_skcipher_reqtfm(req);
ctx = crypto_skcipher_ctx(tfm); ctx = crypto_skcipher_ctx(tfm);
@@ -798,7 +807,7 @@ static int km_AesCfbDecrypt(struct skcipher_request *req)
err = km_AesGet(ctx, 1 /* decrypt_p */, 1 /* copy_p */, &aes_copy); err = km_AesGet(ctx, 1 /* decrypt_p */, 1 /* copy_p */, &aes_copy);
if (unlikely(err)) { if (unlikely(err)) {
return err; goto out;
} }
err = wc_AesSetIV(aes_copy, walk.iv); err = wc_AesSetIV(aes_copy, walk.iv);
@@ -836,6 +845,9 @@ static int km_AesCfbDecrypt(struct skcipher_request *req)
out: out:
if (err && walk.nbytes)
(void)skcipher_walk_done(&walk, err);
km_AesFree(&aes_copy); km_AesFree(&aes_copy);
#ifdef WOLFKM_DEBUG_AES #ifdef WOLFKM_DEBUG_AES
@@ -1043,7 +1055,7 @@ static int AesGcmCrypt_1(struct aead_request *req, int decrypt_p, int rfc4106_p)
unsigned int assoclen = req->assoclen; unsigned int assoclen = req->assoclen;
u8 * assoc = NULL; u8 * assoc = NULL;
u8 * assocmem = NULL; u8 * assocmem = NULL;
Aes *aes_copy; Aes *aes_copy = NULL;
tfm = crypto_aead_reqtfm(req); tfm = crypto_aead_reqtfm(req);
ctx = crypto_aead_ctx(tfm); ctx = crypto_aead_ctx(tfm);
@@ -1069,15 +1081,17 @@ static int AesGcmCrypt_1(struct aead_request *req, int decrypt_p, int rfc4106_p)
err = km_AesGet(ctx, decrypt_p, 1 /* copy_p */, &aes_copy); err = km_AesGet(ctx, decrypt_p, 1 /* copy_p */, &aes_copy);
if (unlikely(err)) { if (unlikely(err)) {
return err; goto out;
} }
#ifdef LINUXKM_LKCAPI_REGISTER_AESGCM_RFC4106 #ifdef LINUXKM_LKCAPI_REGISTER_AESGCM_RFC4106
if (rfc4106_p) { if (rfc4106_p) {
byte rfc4106_iv[12]; byte rfc4106_iv[12];
if (unlikely(assoclen != 16 && assoclen != 20)) if (unlikely(assoclen != 16 && assoclen != 20)) {
return -EINVAL; err = -EINVAL;
goto out;
}
assoclen -= 8; assoclen -= 8;
memcpy(rfc4106_iv, ctx->rfc4106_nonce, 4); memcpy(rfc4106_iv, ctx->rfc4106_nonce, 4);
@@ -1112,6 +1126,9 @@ static int AesGcmCrypt_1(struct aead_request *req, int decrypt_p, int rfc4106_p)
pr_err("%s: scatterwalk_map failed: %ld\n", pr_err("%s: scatterwalk_map failed: %ld\n",
crypto_tfm_alg_driver_name(crypto_aead_tfm(tfm)), crypto_tfm_alg_driver_name(crypto_aead_tfm(tfm)),
PTR_ERR(assoc)); PTR_ERR(assoc));
#if LINUX_VERSION_CODE >= KERNEL_VERSION(6, 15, 0)
scatterwalk_unmap(&assocSgWalk);
#endif
goto out; goto out;
} }
} }
@@ -1225,6 +1242,9 @@ static int AesGcmCrypt_1(struct aead_request *req, int decrypt_p, int rfc4106_p)
out: out:
if (err && walk.nbytes)
(void)skcipher_walk_done(&walk, err);
km_AesFree(&aes_copy); km_AesFree(&aes_copy);
#ifdef WOLFKM_DEBUG_AES #ifdef WOLFKM_DEBUG_AES
@@ -1250,7 +1270,7 @@ static int AesGcmCrypt_1(struct aead_request *req, int decrypt_p, int rfc4106_p)
unsigned int assoclen = req->assoclen; unsigned int assoclen = req->assoclen;
u8 * assoc = NULL; u8 * assoc = NULL;
u8 * sg_buf = NULL; u8 * sg_buf = NULL;
Aes *aes_copy; Aes *aes_copy = NULL;
u8 * in_text = NULL; u8 * in_text = NULL;
u8 * out_text = NULL; u8 * out_text = NULL;
#ifdef LINUXKM_LKCAPI_REGISTER_AESGCM_RFC4106 #ifdef LINUXKM_LKCAPI_REGISTER_AESGCM_RFC4106
@@ -1281,13 +1301,15 @@ static int AesGcmCrypt_1(struct aead_request *req, int decrypt_p, int rfc4106_p)
err = km_AesGet(ctx, decrypt_p, 1 /* copy_p */, &aes_copy); err = km_AesGet(ctx, decrypt_p, 1 /* copy_p */, &aes_copy);
if (unlikely(err)) { if (unlikely(err)) {
return err; goto out;
} }
#ifdef LINUXKM_LKCAPI_REGISTER_AESGCM_RFC4106 #ifdef LINUXKM_LKCAPI_REGISTER_AESGCM_RFC4106
if (rfc4106_p) { if (rfc4106_p) {
if (unlikely(assoclen != 16 && assoclen != 20)) if (unlikely(assoclen != 16 && assoclen != 20)) {
return -EINVAL; err = -EINVAL;
goto out;
}
assoclen -= 8; assoclen -= 8;
memcpy(rfc4106_iv, ctx->rfc4106_nonce, 4); memcpy(rfc4106_iv, ctx->rfc4106_nonce, 4);
@@ -1311,7 +1333,9 @@ static int AesGcmCrypt_1(struct aead_request *req, int decrypt_p, int rfc4106_p)
pr_err("%s: scatterwalk_map failed: %ld\n", pr_err("%s: scatterwalk_map failed: %ld\n",
crypto_tfm_alg_driver_name(crypto_aead_tfm(tfm)), crypto_tfm_alg_driver_name(crypto_aead_tfm(tfm)),
PTR_ERR(assoc)); PTR_ERR(assoc));
#if LINUX_VERSION_CODE < KERNEL_VERSION(6, 15, 0)
in_map = NULL; in_map = NULL;
#endif
goto out; goto out;
} }
assoc = in_map; assoc = in_map;
@@ -1328,7 +1352,9 @@ static int AesGcmCrypt_1(struct aead_request *req, int decrypt_p, int rfc4106_p)
pr_err("%s: scatterwalk_map failed: %ld\n", pr_err("%s: scatterwalk_map failed: %ld\n",
crypto_tfm_alg_driver_name(crypto_aead_tfm(tfm)), crypto_tfm_alg_driver_name(crypto_aead_tfm(tfm)),
PTR_ERR(assoc)); PTR_ERR(assoc));
#if LINUX_VERSION_CODE < KERNEL_VERSION(6, 15, 0)
out_map = NULL; out_map = NULL;
#endif
goto out; goto out;
} }
out_text = out_map + req->assoclen; out_text = out_map + req->assoclen;
@@ -1406,6 +1432,9 @@ static int AesGcmCrypt_1(struct aead_request *req, int decrypt_p, int rfc4106_p)
out: out:
if (sk_walk.nbytes)
(void)skcipher_walk_done(&sk_walk, -EINVAL); /* force summary cleanup */
if (sg_buf) { if (sg_buf) {
free(sg_buf); free(sg_buf);
} }
@@ -1902,7 +1931,7 @@ static int km_AesCtrEncrypt(struct skcipher_request *req)
struct km_AesCtx * ctx = NULL; struct km_AesCtx * ctx = NULL;
struct skcipher_walk walk; struct skcipher_walk walk;
int err; int err;
Aes *aes_copy; Aes *aes_copy = NULL;
tfm = crypto_skcipher_reqtfm(req); tfm = crypto_skcipher_reqtfm(req);
ctx = crypto_skcipher_ctx(tfm); ctx = crypto_skcipher_ctx(tfm);
@@ -1917,8 +1946,10 @@ static int km_AesCtrEncrypt(struct skcipher_request *req)
/* Copy the cipher state to mitigate races on Aes.reg and Aes.tmp. */ /* Copy the cipher state to mitigate races on Aes.reg and Aes.tmp. */
aes_copy = (struct Aes *)malloc(sizeof(Aes)); aes_copy = (struct Aes *)malloc(sizeof(Aes));
if (aes_copy == NULL) if (aes_copy == NULL) {
return -ENOMEM; err = -ENOMEM;
goto out;
}
XMEMCPY(aes_copy, ctx->aes_encrypt, sizeof(Aes)); XMEMCPY(aes_copy, ctx->aes_encrypt, sizeof(Aes));
err = wc_AesSetIV(aes_copy, walk.iv); err = wc_AesSetIV(aes_copy, walk.iv);
@@ -1955,6 +1986,9 @@ static int km_AesCtrEncrypt(struct skcipher_request *req)
out: out:
if (err && walk.nbytes)
(void)skcipher_walk_done(&walk, err);
km_AesFree(&aes_copy); km_AesFree(&aes_copy);
#ifdef WOLFKM_DEBUG_AES #ifdef WOLFKM_DEBUG_AES
@@ -1971,7 +2005,7 @@ static int km_AesCtrDecrypt(struct skcipher_request *req)
struct km_AesCtx * ctx = NULL; struct km_AesCtx * ctx = NULL;
struct skcipher_walk walk; struct skcipher_walk walk;
int err; int err;
Aes *aes_copy; Aes *aes_copy = NULL;
tfm = crypto_skcipher_reqtfm(req); tfm = crypto_skcipher_reqtfm(req);
ctx = crypto_skcipher_ctx(tfm); ctx = crypto_skcipher_ctx(tfm);
@@ -1986,8 +2020,10 @@ static int km_AesCtrDecrypt(struct skcipher_request *req)
/* Copy the cipher state to mitigate races on Aes.reg and Aes.tmp. */ /* Copy the cipher state to mitigate races on Aes.reg and Aes.tmp. */
aes_copy = (struct Aes *)malloc(sizeof(Aes)); aes_copy = (struct Aes *)malloc(sizeof(Aes));
if (aes_copy == NULL) if (aes_copy == NULL) {
return -ENOMEM; err = -ENOMEM;
goto out;
}
XMEMCPY(aes_copy, ctx->aes_encrypt, sizeof(Aes)); /* CTR uses the same XMEMCPY(aes_copy, ctx->aes_encrypt, sizeof(Aes)); /* CTR uses the same
* schedule for encrypt * schedule for encrypt
* and decrypt. * and decrypt.
@@ -2029,6 +2065,9 @@ static int km_AesCtrDecrypt(struct skcipher_request *req)
out: out:
if (err && walk.nbytes)
(void)skcipher_walk_done(&walk, err);
km_AesFree(&aes_copy); km_AesFree(&aes_copy);
#ifdef WOLFKM_DEBUG_AES #ifdef WOLFKM_DEBUG_AES
@@ -2080,7 +2119,7 @@ static int km_AesOfbEncrypt(struct skcipher_request *req)
struct km_AesCtx * ctx = NULL; struct km_AesCtx * ctx = NULL;
struct skcipher_walk walk; struct skcipher_walk walk;
int err; int err;
Aes *aes_copy; Aes *aes_copy = NULL;
tfm = crypto_skcipher_reqtfm(req); tfm = crypto_skcipher_reqtfm(req);
ctx = crypto_skcipher_ctx(tfm); ctx = crypto_skcipher_ctx(tfm);
@@ -2095,8 +2134,10 @@ static int km_AesOfbEncrypt(struct skcipher_request *req)
/* Copy the cipher state to mitigate races on Aes.reg and Aes.tmp. */ /* Copy the cipher state to mitigate races on Aes.reg and Aes.tmp. */
aes_copy = (struct Aes *)malloc(sizeof(Aes)); aes_copy = (struct Aes *)malloc(sizeof(Aes));
if (aes_copy == NULL) if (aes_copy == NULL) {
return -ENOMEM; err = -ENOMEM;
goto out;
}
XMEMCPY(aes_copy, ctx->aes_encrypt, sizeof(Aes)); XMEMCPY(aes_copy, ctx->aes_encrypt, sizeof(Aes));
err = wc_AesSetIV(aes_copy, walk.iv); err = wc_AesSetIV(aes_copy, walk.iv);
@@ -2133,6 +2174,9 @@ static int km_AesOfbEncrypt(struct skcipher_request *req)
out: out:
if (err && walk.nbytes)
(void)skcipher_walk_done(&walk, err);
km_AesFree(&aes_copy); km_AesFree(&aes_copy);
#ifdef WOLFKM_DEBUG_AES #ifdef WOLFKM_DEBUG_AES
@@ -2149,7 +2193,7 @@ static int km_AesOfbDecrypt(struct skcipher_request *req)
struct km_AesCtx * ctx = NULL; struct km_AesCtx * ctx = NULL;
struct skcipher_walk walk; struct skcipher_walk walk;
int err; int err;
Aes *aes_copy; Aes *aes_copy = NULL;
tfm = crypto_skcipher_reqtfm(req); tfm = crypto_skcipher_reqtfm(req);
ctx = crypto_skcipher_ctx(tfm); ctx = crypto_skcipher_ctx(tfm);
@@ -2164,8 +2208,10 @@ static int km_AesOfbDecrypt(struct skcipher_request *req)
/* Copy the cipher state to mitigate races on Aes.reg and Aes.tmp. */ /* Copy the cipher state to mitigate races on Aes.reg and Aes.tmp. */
aes_copy = (struct Aes *)malloc(sizeof(Aes)); aes_copy = (struct Aes *)malloc(sizeof(Aes));
if (aes_copy == NULL) if (aes_copy == NULL) {
return -ENOMEM; err = -ENOMEM;
goto out;
}
XMEMCPY(aes_copy, ctx->aes_encrypt, sizeof(Aes)); /* OFB uses the same XMEMCPY(aes_copy, ctx->aes_encrypt, sizeof(Aes)); /* OFB uses the same
* schedule for encrypt * schedule for encrypt
* and decrypt. * and decrypt.
@@ -2206,6 +2252,9 @@ static int km_AesOfbDecrypt(struct skcipher_request *req)
out: out:
if (err && walk.nbytes)
(void)skcipher_walk_done(&walk, err);
km_AesFree(&aes_copy); km_AesFree(&aes_copy);
#ifdef WOLFKM_DEBUG_AES #ifdef WOLFKM_DEBUG_AES
@@ -2271,7 +2320,7 @@ static int km_AesEcbEncrypt(struct skcipher_request *req)
err = km_AesGet(ctx, 0 /* decrypt_p */, 0 /* copy_p */, &aes); err = km_AesGet(ctx, 0 /* decrypt_p */, 0 /* copy_p */, &aes);
if (unlikely(err)) { if (unlikely(err)) {
return err; goto out;
} }
while ((nbytes = walk.nbytes) != 0) { while ((nbytes = walk.nbytes) != 0) {
@@ -2291,6 +2340,9 @@ static int km_AesEcbEncrypt(struct skcipher_request *req)
out: out:
if (err && walk.nbytes)
(void)skcipher_walk_done(&walk, err);
#ifdef WOLFKM_DEBUG_AES #ifdef WOLFKM_DEBUG_AES
pr_info("info: exiting km_AesEcbEncrypt: err %d, cryptlen %d\n", err, pr_info("info: exiting km_AesEcbEncrypt: err %d, cryptlen %d\n", err,
req->cryptlen); req->cryptlen);
@@ -2319,7 +2371,7 @@ static int km_AesEcbDecrypt(struct skcipher_request *req)
err = km_AesGet(ctx, 1 /* decrypt_p */, 0 /* copy_p */, &aes); err = km_AesGet(ctx, 1 /* decrypt_p */, 0 /* copy_p */, &aes);
if (unlikely(err)) { if (unlikely(err)) {
return err; goto out;
} }
while ((nbytes = walk.nbytes) != 0) { while ((nbytes = walk.nbytes) != 0) {
@@ -2339,6 +2391,9 @@ static int km_AesEcbDecrypt(struct skcipher_request *req)
out: out:
if (err && walk.nbytes)
(void)skcipher_walk_done(&walk, err);
#ifdef WOLFKM_DEBUG_AES #ifdef WOLFKM_DEBUG_AES
pr_info("info: exiting km_AesEcbDecrypt: err %d, cryptlen %d\n", err, pr_info("info: exiting km_AesEcbDecrypt: err %d, cryptlen %d\n", err,
req->cryptlen); req->cryptlen);