Commit b68d913e authored by Chen Ridong's avatar Chen Ridong Committed by Huang Xiaojia
Browse files

crypto: bcm - add error check in the ahash_hmac_init function 

stable inclusion
from stable-v6.6.64
commit ae5253313e0ea5f00c06176074592b7f493c8546
category: bugfix
bugzilla: https://gitee.com/src-openeuler/kernel/issues/IBEDPO
CVE: CVE-2024-56681

Reference: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id=ae5253313e0ea5f00c06176074592b7f493c8546



--------------------------------

[ Upstream commit 19630cf57233e845b6ac57c9c969a4888925467b ]

The ahash_init functions may return fails. The ahash_hmac_init should
not return ok when ahash_init returns error. For an example, ahash_init
will return -ENOMEM when allocation memory is error.

Fixes: 9d12ba86 ("crypto: brcm - Add Broadcom SPU driver")
Signed-off-by: default avatarChen Ridong <chenridong@huawei.com>
Signed-off-by: default avatarHerbert Xu <herbert@gondor.apana.org.au>
Signed-off-by: default avatarSasha Levin <sashal@kernel.org>
Signed-off-by: default avatarHuang Xiaojia <huangxiaojia2@huawei.com>
parent 218f4d98

drivers/crypto/bcm/cipher.c

+4 −1
Original line number Diff line number Diff line
@@ -2415,6 +2415,7 @@ static int ahash_hmac_setkey(struct crypto_ahash *ahash, const u8 *key, 


static int ahash_hmac_init(struct ahash_request *req)

{

	int ret;

	struct iproc_reqctx_s *rctx = ahash_request_ctx(req);

	struct crypto_ahash *tfm = crypto_ahash_reqtfm(req);

	struct iproc_ctx_s *ctx = crypto_ahash_ctx(tfm);
@@ -2424,7 +2425,9 @@ static int ahash_hmac_init(struct ahash_request *req) 
	flow_log("ahash_hmac_init()\n");



	/* init the context as a hash */

	ahash_init(req);

	ret = ahash_init(req);

	if (ret)

		return ret;



	if (!spu_no_incr_hash(ctx)) {

		/* SPU-M can do incr hashing but needs sw for outer HMAC */