Bug 206049 - alg: skcipher: p8_aes_xts encryption unexpectedly succeeded on test vector "random: len=0 klen=64"; expected_error=-22, cfg="random: inplace may_sleep use_finup src_divs=[<flush>66.99%@+10, 33.1%@alignmask+1155]
Summary: alg: skcipher: p8_aes_xts encryption unexpectedly succeeded on test vector "r...
Status: RESOLVED CODE_FIX
Alias: None
Product: Platform Specific/Hardware
Classification: Unclassified
Component: PPC-64 (show other bugs)
Hardware: PPC-64 Linux
: P1 normal
Assignee: platform_ppc-64
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2020-01-01 18:32 UTC by Erhard F.
Modified: 2020-01-08 23:19 UTC (History)
2 users (show)

See Also:
Kernel Version: 5.4.7
Tree: Mainline
Regression: No


Attachments
dmesg (5.4.7, Talos II) (70.08 KB, text/plain)
2020-01-01 18:32 UTC, Erhard F.
Details
kernel .config (5.4.7, Talos II) (98.02 KB, text/plain)
2020-01-01 18:33 UTC, Erhard F.
Details

Description Erhard F. 2020-01-01 18:32:09 UTC
Created attachment 286557 [details]
dmesg (5.4.7, Talos II)

# dmesg | grep -i aes
[    5.589319] alg: skcipher: p8_aes_xts encryption unexpectedly succeeded on test vector "random: len=0 klen=64"; expected_error=-22, cfg="random: inplace may_sleep use_finup src_divs=[<flush>66.99%@+10, 33.1%@alignmask+1155]"

# inxi -b
System:    Kernel: 5.4.7-gentoo ppc64 bits: 64 Console: tty 1 Distro: Gentoo Base System release 2.6 
Machine:   Type: PowerPC Device System: T2P9D01 REV 1.01 details: PowerNV T2P9D01 REV 1.01 rev: 2.2 (pvr 004e 1202) 
CPU:       32-Core: POWER9 altivec supported type: MCP speed: 2785 MHz min/max: 2154/3800 MHz 
Graphics:  Device-1: Advanced Micro Devices [AMD/ATI] Caicos [Radeon HD 6450/7450/8450 / R5 230 OEM] driver: radeon v: kernel 
           Device-2: ASPEED Graphics Family driver: N/A 
           Device-3: NVIDIA GK208B [GeForce GT 710] driver: N/A 
           Display: server: X.org 1.20.5 driver: radeon tty: 211x53 
           Message: Advanced graphics data unavailable in console for root. 
Network:   Device-1: Broadcom and subsidiaries NetXtreme BCM5719 Gigabit Ethernet PCIe driver: tg3 
           Device-2: Broadcom and subsidiaries NetXtreme BCM5719 Gigabit Ethernet PCIe driver: tg3
Comment 1 Erhard F. 2020-01-01 18:33:05 UTC
Created attachment 286559 [details]
kernel .config (5.4.7, Talos II)
Comment 2 Daniel Axtens 2020-01-07 02:55:28 UTC
Hi Erhard,

I'm having a look. Does this reproduce reliably/often? Or was it a one-off?

Regards,
Daniel
Comment 3 Michael Ellerman 2020-01-07 11:03:28 UTC
Looks like other implementations check the size, can you try this:

diff --git a/drivers/crypto/vmx/aes_xts.c b/drivers/crypto/vmx/aes_xts.c
index d59e736882f6..9fee1b1532a4 100644
--- a/drivers/crypto/vmx/aes_xts.c
+++ b/drivers/crypto/vmx/aes_xts.c
@@ -84,6 +84,9 @@ static int p8_aes_xts_crypt(struct skcipher_request *req, int enc)
 	u8 tweak[AES_BLOCK_SIZE];
 	int ret;
 
+	if (req->cryptlen < AES_BLOCK_SIZE)
+		return -EINVAL;
+
 	if (!crypto_simd_usable() || (req->cryptlen % XTS_BLOCK_SIZE) != 0) {
 		struct skcipher_request *subreq = skcipher_request_ctx(req);
Comment 4 Erhard F. 2020-01-07 11:58:27 UTC
(In reply to Daniel Axtens from comment #2)
> Hi Erhard,
> 
> I'm having a look. Does this reproduce reliably/often? Or was it a one-off?
Hi Daniel,

This shows up every time booting the Talos II. I have yet to try Michaels patch.

Regards,
Erhard
Comment 5 Erhard F. 2020-01-07 23:02:34 UTC
(In reply to Michael Ellerman from comment #3)
> Looks like other implementations check the size, can you try this:
> 
> diff --git a/drivers/crypto/vmx/aes_xts.c b/drivers/crypto/vmx/aes_xts.c
> index d59e736882f6..9fee1b1532a4 100644
> --- a/drivers/crypto/vmx/aes_xts.c
> +++ b/drivers/crypto/vmx/aes_xts.c
> @@ -84,6 +84,9 @@ static int p8_aes_xts_crypt(struct skcipher_request *req,
> int enc)
>       u8 tweak[AES_BLOCK_SIZE];
>       int ret;
>  
> +     if (req->cryptlen < AES_BLOCK_SIZE)
> +             return -EINVAL;
> +
>       if (!crypto_simd_usable() || (req->cryptlen % XTS_BLOCK_SIZE) != 0) {
>               struct skcipher_request *subreq = skcipher_request_ctx(req);
Your patch fixed it, thanks! Applied it on top of kernel 5.4.8 and the p8_aes_xts error did not show up in subsequent reboots.
Comment 6 Daniel Axtens 2020-01-08 05:14:30 UTC
Patch sent: https://patchwork.ozlabs.org/patch/1219350/

Note You need to log in before you can comment on or make changes to this bug.