From patchwork Thu Dec 21 02:42:57 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Herbert Xu X-Patchwork-Id: 758116 Received: from abb.hmeau.com (abb.hmeau.com [144.6.53.87]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id B7D044416; Thu, 21 Dec 2023 02:42:57 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dmarc=none (p=none dis=none) header.from=gondor.apana.org.au Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=gondor.apana.org.au Received: from loth.rohan.me.apana.org.au ([192.168.167.2]) by formenos.hmeau.com with smtp (Exim 4.94.2 #2 (Debian)) id 1rG91K-00DGnB-B3; Thu, 21 Dec 2023 10:42:47 +0800 Received: by loth.rohan.me.apana.org.au (sSMTP sendmail emulation); Thu, 21 Dec 2023 10:42:57 +0800 Date: Thu, 21 Dec 2023 10:42:57 +0800 From: Herbert Xu To: syzbot Cc: davem@davemloft.net, linux-crypto@vger.kernel.org, linux-kernel@vger.kernel.org, syzkaller-bugs@googlegroups.com, Edward Adam Davis Subject: [PATCH] crypto: skcipher - Pass statesize for simple lskcipher instances Message-ID: References: <000000000000d52e14060cc9c551@google.com> Precedence: bulk X-Mailing-List: linux-crypto@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Disposition: inline In-Reply-To: <000000000000d52e14060cc9c551@google.com> On Mon, Dec 18, 2023 at 06:43:27AM -0800, syzbot wrote: > > syzbot found the following issue on: > > HEAD commit: 17cb8a20bde6 Add linux-next specific files for 20231215 > git tree: linux-next > console+strace: https://syzkaller.appspot.com/x/log.txt?x=1129f3b6e80000 > kernel config: https://syzkaller.appspot.com/x/.config?x=ec104439b5dbc583 > dashboard link: https://syzkaller.appspot.com/bug?extid=8ffb0839a24e9c6bfa76 > compiler: gcc (Debian 12.2.0-14) 12.2.0, GNU ld (GNU Binutils for Debian) 2.40 > syz repro: https://syzkaller.appspot.com/x/repro.syz?x=17d23c01e80000 > C reproducer: https://syzkaller.appspot.com/x/repro.c?x=14cfe021e80000 ---8<--- When ecb is used to wrap an lskcipher, the statesize isn't set correctly. Fix this by making the simple instance creator set the statesize. Reported-by: syzbot+8ffb0839a24e9c6bfa76@syzkaller.appspotmail.com Reported-by: Edward Adam Davis Fixes: 662ea18d089b ("crypto: skcipher - Make use of internal state") Signed-off-by: Herbert Xu diff --git a/crypto/lskcipher.c b/crypto/lskcipher.c index a06008e112f3..0b6dd8aa21f2 100644 --- a/crypto/lskcipher.c +++ b/crypto/lskcipher.c @@ -642,6 +642,7 @@ struct lskcipher_instance *lskcipher_alloc_instance_simple( inst->alg.co.min_keysize = cipher_alg->co.min_keysize; inst->alg.co.max_keysize = cipher_alg->co.max_keysize; inst->alg.co.ivsize = cipher_alg->co.base.cra_blocksize; + inst->alg.co.statesize = cipher_alg->co.statesize; /* Use struct crypto_lskcipher * by default, can be overridden */ inst->alg.co.base.cra_ctxsize = sizeof(struct crypto_lskcipher *);