patch 'crypto/virtio: fix out-of-bounds access' has been queued to stable release 21.11.1

Kevin Traynor ktraynor at redhat.com
Tue Mar 1 11:41:47 CET 2022

Previous message (by thread): patch 'baseband/acc100: avoid out-of-bounds access' has been queued to stable release 21.11.1
Next message (by thread): patch 'crypto/ipsec_mb: check missing operation types' has been queued to stable release 21.11.1
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Hi,

FYI, your patch has been queued to stable release 21.11.1

Note it hasn't been pushed to http://dpdk.org/browse/dpdk-stable yet.
It will be pushed if I get no objections before 03/06/22. So please
shout if anyone has objections.

Also note that after the patch there's a diff of the upstream commit vs the
patch applied to the branch. This will indicate if there was any rebasing
needed to apply to the stable branch. If there were code changes for rebasing
(ie: not only metadata diffs), please double check that the rebase was
correctly done.

Queued patches are on a temporary branch at:
https://github.com/kevintraynor/dpdk-stable

This queued commit can be viewed at:
https://github.com/kevintraynor/dpdk-stable/commit/9c67637c8cd498e9275572170b5595c3c824015f

Thanks.

Kevin

---
>From 9c67637c8cd498e9275572170b5595c3c824015f Mon Sep 17 00:00:00 2001
From: Brian Dooley <brian.dooley at intel.com>
Date: Tue, 22 Feb 2022 09:54:51 +0000
Subject: [PATCH] crypto/virtio: fix out-of-bounds access

[ upstream commit a965e768065ae496c9a1c7a77545bc0f0f0e38e2 ]

Coverity flags an untrusted loop bound. Check length of session iv.

Coverity issue: 375802
Fixes: b063e843fa03 ("crypto/virtio: fix IV physical address")

Signed-off-by: Brian Dooley <brian.dooley at intel.com>
Acked-by: Fan Zhang <roy.fan.zhang at intel.com>
---
 drivers/crypto/virtio/virtio_rxtx.c | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/drivers/crypto/virtio/virtio_rxtx.c b/drivers/crypto/virtio/virtio_rxtx.c
index a65524a306..08359b3a39 100644
--- a/drivers/crypto/virtio/virtio_rxtx.c
+++ b/drivers/crypto/virtio/virtio_rxtx.c
@@ -265,4 +265,7 @@ virtqueue_crypto_sym_enqueue_xmit(
 			desc[idx].addr = cop->phys_addr + session->iv.offset;
 		else {
+			if (session->iv.length > VIRTIO_CRYPTO_MAX_IV_SIZE)
+				return -ENOMEM;
+
 			rte_memcpy(crypto_op_cookie->iv,
 					rte_crypto_op_ctod_offset(cop,
-- 
2.34.1

---
  Diff of the applied patch vs upstream commit (please double-check if non-empty:
---
--- -	2022-03-01 10:41:02.192034135 +0000
+++ 0031-crypto-virtio-fix-out-of-bounds-access.patch	2022-03-01 10:41:01.285244094 +0000
@@ -1 +1 @@
-From a965e768065ae496c9a1c7a77545bc0f0f0e38e2 Mon Sep 17 00:00:00 2001
+From 9c67637c8cd498e9275572170b5595c3c824015f Mon Sep 17 00:00:00 2001
@@ -5,0 +6,2 @@
+[ upstream commit a965e768065ae496c9a1c7a77545bc0f0f0e38e2 ]
+
@@ -10 +11,0 @@
-Cc: stable at dpdk.org

Previous message (by thread): patch 'baseband/acc100: avoid out-of-bounds access' has been queued to stable release 21.11.1
Next message (by thread): patch 'crypto/ipsec_mb: check missing operation types' has been queued to stable release 21.11.1
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the stable mailing list