• Mikulas Patocka's avatar
    dm crypt: fix access beyond the end of allocated space · 15004af9
    Mikulas Patocka authored
    commit d49ec52f upstream.
    
    The DM crypt target accesses memory beyond allocated space resulting in
    a crash on 32 bit x86 systems.
    
    This bug is very old (it dates back to 2.6.25 commit 3a7f6c99 "dm
    crypt: use async crypto").  However, this bug was masked by the fact
    that kmalloc rounds the size up to the next power of two.  This bug
    wasn't exposed until 3.17-rc1 commit 298a9fa0 ("dm crypt: use per-bio
    data").  By switching to using per-bio data there was no longer any
    padding beyond the end of a dm-crypt allocated memory block.
    
    To minimize allocation overhead dm-crypt puts several structures into one
    block allocated with kmalloc.  The block holds struct ablkcipher_request,
    cipher-specific scratch pad (crypto_ablkcipher_reqsize(any_tfm(cc))),
    struct dm_crypt_request and an initialization vector.
    
    The variable dmreq_start is set to offset of struct dm_crypt_request
    within this memory block.  dm-crypt allocates the block with this size:
    cc->dmreq_start + sizeof(struct dm_crypt_request) + cc->iv_size.
    
    When accessing the initialization vector, dm-crypt uses the function
    iv_of_dmreq, which performs this calculation: ALIGN((unsigned long)(dmreq
    + 1), crypto_ablkcipher_alignmask(any_tfm(cc)) + 1).
    
    dm-crypt allocated "cc->iv_size" bytes beyond the end of dm_crypt_request
    structure.  However, when dm-crypt accesses the initialization vector, it
    takes a pointer to the end of dm_crypt_request, aligns it, and then uses
    it as the initialization vector.  If the end of dm_crypt_request is not
    aligned on a crypto_ablkcipher_alignmask(any_tfm(cc)) boundary the
    alignment causes the initialization vector to point beyond the allocated
    space.
    
    Fix this bug by calculating the variable iv_size_padding and adding it
    to the allocated size.
    
    Also correct the alignment of dm_crypt_request.  struct dm_crypt_request
    is specific to dm-crypt (it isn't used by the crypto subsystem at all),
    so it is aligned on __alignof__(struct dm_crypt_request).
    Signed-off-by: default avatarMikulas Patocka <mpatocka@redhat.com>
    Signed-off-by: default avatarBen Hutchings <ben@decadent.org.uk>
    15004af9
dm-crypt.c 44.1 KB