crypto: hash - Fix the pointer voodoo in unaligned ahash
Add documentation for the pointer voodoo that is happening in crypto/ahash.c in ahash_op_unaligned(). This code is quite confusing, so add a beefy chunk of documentation. Moreover, make sure the mangled request is completely restored after finishing this unaligned operation. This means restoring all of .result, .base.data and .base.complete . Also, remove the crypto_completion_t complete = ... line present in the ahash_op_unaligned_done() function. This type actually declares a function pointer, which is very confusing. Finally, yet very important nonetheless, make sure the req->priv is free()'d only after the original request is restored in ahash_op_unaligned_done(). The req->priv data must not be free()'d before that in ahash_op_unaligned_finish(), since we would be accessing previously free()'d data in ahash_op_unaligned_done() and cause corruption. Signed-off-by: Marek Vasut <marex@denx.de> Cc: David S. Miller <davem@davemloft.net> Cc: Fabio Estevam <fabio.estevam@freescale.com> Cc: Herbert Xu <herbert@gondor.apana.org.au> Cc: Shawn Guo <shawn.guo@linaro.org> Cc: Tom Lendacky <thomas.lendacky@amd.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
This commit is contained in:
parent
85e0da925b
commit
ab6bf4e5e5
@ -201,22 +201,34 @@ static void ahash_op_unaligned_finish(struct ahash_request *req, int err)
|
||||
memcpy(priv->result, req->result,
|
||||
crypto_ahash_digestsize(crypto_ahash_reqtfm(req)));
|
||||
|
||||
/* Restore the original crypto request. */
|
||||
req->result = priv->result;
|
||||
req->base.complete = priv->complete;
|
||||
req->base.data = priv->data;
|
||||
req->priv = NULL;
|
||||
|
||||
/* Free the req->priv.priv from the ADJUSTED request. */
|
||||
kzfree(priv);
|
||||
}
|
||||
|
||||
static void ahash_op_unaligned_done(struct crypto_async_request *req, int err)
|
||||
{
|
||||
struct ahash_request *areq = req->data;
|
||||
struct ahash_request_priv *priv = areq->priv;
|
||||
crypto_completion_t complete = priv->complete;
|
||||
void *data = priv->data;
|
||||
|
||||
/*
|
||||
* Restore the original request, see ahash_op_unaligned() for what
|
||||
* goes where.
|
||||
*
|
||||
* The "struct ahash_request *req" here is in fact the "req.base"
|
||||
* from the ADJUSTED request from ahash_op_unaligned(), thus as it
|
||||
* is a pointer to self, it is also the ADJUSTED "req" .
|
||||
*/
|
||||
|
||||
/* First copy areq->result into areq->priv.result */
|
||||
ahash_op_unaligned_finish(areq, err);
|
||||
|
||||
areq->base.complete = complete;
|
||||
areq->base.data = data;
|
||||
|
||||
complete(&areq->base, err);
|
||||
/* Complete the ORIGINAL request. */
|
||||
areq->base.complete(&areq->base, err);
|
||||
}
|
||||
|
||||
static int ahash_op_unaligned(struct ahash_request *req,
|
||||
@ -234,9 +246,39 @@ static int ahash_op_unaligned(struct ahash_request *req,
|
||||
if (!priv)
|
||||
return -ENOMEM;
|
||||
|
||||
/*
|
||||
* WARNING: Voodoo programming below!
|
||||
*
|
||||
* The code below is obscure and hard to understand, thus explanation
|
||||
* is necessary. See include/crypto/hash.h and include/linux/crypto.h
|
||||
* to understand the layout of structures used here!
|
||||
*
|
||||
* The code here will replace portions of the ORIGINAL request with
|
||||
* pointers to new code and buffers so the hashing operation can store
|
||||
* the result in aligned buffer. We will call the modified request
|
||||
* an ADJUSTED request.
|
||||
*
|
||||
* The newly mangled request will look as such:
|
||||
*
|
||||
* req {
|
||||
* .result = ADJUSTED[new aligned buffer]
|
||||
* .base.complete = ADJUSTED[pointer to completion function]
|
||||
* .base.data = ADJUSTED[*req (pointer to self)]
|
||||
* .priv = ADJUSTED[new priv] {
|
||||
* .result = ORIGINAL(result)
|
||||
* .complete = ORIGINAL(base.complete)
|
||||
* .data = ORIGINAL(base.data)
|
||||
* }
|
||||
*/
|
||||
|
||||
priv->result = req->result;
|
||||
priv->complete = req->base.complete;
|
||||
priv->data = req->base.data;
|
||||
/*
|
||||
* WARNING: We do not backup req->priv here! The req->priv
|
||||
* is for internal use of the Crypto API and the
|
||||
* user must _NOT_ _EVER_ depend on it's content!
|
||||
*/
|
||||
|
||||
req->result = PTR_ALIGN((u8 *)priv->ubuf, alignmask + 1);
|
||||
req->base.complete = ahash_op_unaligned_done;
|
||||
|
Loading…
Reference in New Issue
Block a user