HomeFreeBSD

cryptodev: Fix some input validation bugs

Description

cryptodev: Fix some input validation bugs

  • When we do not have a separate IV, make sure that the IV length specified by the session is not larger than the payload size.
  • Disallow AEAD requests without a separate IV. crp_sanity() asserts that CRYPTO_F_IV_SEPARATE is set for AEAD requests, and some (but not all) drivers require it.
  • Return EINVAL for AEAD requests if an IV is specified but the transform does not expect one.

Reported by: syzbot+c9e8f6ff5cb7fa6a1250@syzkaller.appspotmail.com
Reported by: syzbot+007341439ae295cee74f@syzkaller.appspotmail.com
Reported by: syzbot+46e0cc42a428b3b0a40d@syzkaller.appspotmail.com
Reported by: syzbot+2c4d670173b8bdb947df@syzkaller.appspotmail.com
Reported by: syzbot+220faa5eeb4d47b23877@syzkaller.appspotmail.com
Reported by: syzbot+e83434b40f05843722f7@syzkaller.appspotmail.com
Reviewed by: jhb
MFC after: 3 days
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D30154

Details

Provenance
markjAuthored on May 11 2021, 9:36 PM
Reviewer
jhb
Differential Revision
D30154: cryptodev: Fix some input validation bugs
Parents
R10:b8f113cab91f: Implement cdev_device_add() and cdev_device_del() in the LinuxKPI.
Branches
Unknown
Tags
Unknown