From 0469dede0eeeefe12a9a2fd76078f4a266513457 Mon Sep 17 00:00:00 2001 From: Mian Yousaf Kaukab Date: Wed, 21 Jul 2021 10:39:05 +0200 Subject: crypto: ecc - handle unaligned input buffer in ecc_swap_digits MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit ecdsa_set_pub_key() makes an u64 pointer at 1 byte offset of the key. This results in an unaligned u64 pointer. This pointer is passed to ecc_swap_digits() which assumes natural alignment. This causes a kernel crash on an armv7 platform: [ 0.409022] Unhandled fault: alignment exception (0x001) at 0xc2a0a6a9 ... [ 0.416982] PC is at ecdsa_set_pub_key+0xdc/0x120 ... [ 0.491492] Backtrace: [ 0.492059] [] (ecdsa_set_pub_key) from [] (test_akcipher_one+0xf4/0x6c0) Handle unaligned input buffer in ecc_swap_digits() by replacing be64_to_cpu() to get_unaligned_be64(). Change type of in pointer to void to reflect it doesn’t necessarily need to be aligned. Fixes: 4e6602916bc6 ("crypto: ecdsa - Add support for ECDSA signature verification") Reported-by: Guillaume Gardet Suggested-by: Takashi Iwai Signed-off-by: Mian Yousaf Kaukab Tested-by: Stefan Berger Signed-off-by: Herbert Xu --- crypto/ecc.h | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) (limited to 'crypto') diff --git a/crypto/ecc.h b/crypto/ecc.h index a006132646a4..1350e8eb6ac2 100644 --- a/crypto/ecc.h +++ b/crypto/ecc.h @@ -27,6 +27,7 @@ #define _CRYPTO_ECC_H #include +#include /* One digit is u64 qword. */ #define ECC_CURVE_NIST_P192_DIGITS 3 @@ -46,13 +47,13 @@ * @out: Output array * @ndigits: Number of digits to copy */ -static inline void ecc_swap_digits(const u64 *in, u64 *out, unsigned int ndigits) +static inline void ecc_swap_digits(const void *in, u64 *out, unsigned int ndigits) { const __be64 *src = (__force __be64 *)in; int i; for (i = 0; i < ndigits; i++) - out[i] = be64_to_cpu(src[ndigits - 1 - i]); + out[i] = get_unaligned_be64(&src[ndigits - 1 - i]); } /** -- cgit v1.2.3