Commit 8a8e1fad authored by Chen Ridong's avatar Chen Ridong Committed by Huang Xiaojia
Browse files

crypto: bcm - add error check in the ahash_hmac_init function 

stable inclusion
from stable-v5.10.231
commit 28f8ffa945f7d7150463e15097ea73b19529d6f5
category: bugfix
bugzilla: https://gitee.com/src-openeuler/kernel/issues/IBEDPO
CVE: CVE-2024-56681

Reference: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id=28f8ffa945f7d7150463e15097ea73b19529d6f5



--------------------------------

[ Upstream commit 19630cf57233e845b6ac57c9c969a4888925467b ]

The ahash_init functions may return fails. The ahash_hmac_init should
not return ok when ahash_init returns error. For an example, ahash_init
will return -ENOMEM when allocation memory is error.

Fixes: 9d12ba86 ("crypto: brcm - Add Broadcom SPU driver")
Signed-off-by: default avatarChen Ridong <chenridong@huawei.com>
Signed-off-by: default avatarHerbert Xu <herbert@gondor.apana.org.au>
Signed-off-by: default avatarSasha Levin <sashal@kernel.org>
Signed-off-by: default avatarHuang Xiaojia <huangxiaojia2@huawei.com>
parent df71fa5a

drivers/crypto/bcm/cipher.c

+4 −1
Original line number Diff line number Diff line
@@ -2418,6 +2418,7 @@ static int ahash_hmac_setkey(struct crypto_ahash *ahash, const u8 *key, 


static int ahash_hmac_init(struct ahash_request *req)

{

	int ret;

	struct iproc_reqctx_s *rctx = ahash_request_ctx(req);

	struct crypto_ahash *tfm = crypto_ahash_reqtfm(req);

	struct iproc_ctx_s *ctx = crypto_ahash_ctx(tfm);
@@ -2427,7 +2428,9 @@ static int ahash_hmac_init(struct ahash_request *req) 
	flow_log("ahash_hmac_init()\n");



	/* init the context as a hash */

	ahash_init(req);

	ret = ahash_init(req);

	if (ret)

		return ret;



	if (!spu_no_incr_hash(ctx)) {

		/* SPU-M can do incr hashing but needs sw for outer HMAC */