Module Name: src
Committed By: riastradh
Date: Sun May 22 11:34:29 UTC 2022
Modified Files:
src/sys/opencrypto: cryptodev.c
Log Message:
crypto(4): Refuse crypto operations with nothing in them earlier.
This way we avoid passing 0 to crypto_getreq -- makes it easier to
reason about everything downstream.
To generate a diff of this commit:
cvs rdiff -u -r1.117 -r1.118 src/sys/opencrypto/cryptodev.c
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/sys/opencrypto/cryptodev.c
diff -u src/sys/opencrypto/cryptodev.c:1.117 src/sys/opencrypto/cryptodev.c:1.118
--- src/sys/opencrypto/cryptodev.c:1.117 Sun May 22 11:30:41 2022
+++ src/sys/opencrypto/cryptodev.c Sun May 22 11:34:29 2022
@@ -1,4 +1,4 @@
-/* $NetBSD: cryptodev.c,v 1.117 2022/05/22 11:30:41 riastradh Exp $ */
+/* $NetBSD: cryptodev.c,v 1.118 2022/05/22 11:34:29 riastradh Exp $ */
/* $FreeBSD: src/sys/opencrypto/cryptodev.c,v 1.4.2.4 2003/06/03 00:09:02 sam Exp $ */
/* $OpenBSD: cryptodev.c,v 1.53 2002/07/10 22:21:30 mickey Exp $ */
@@ -64,7 +64,7 @@
*/
#include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: cryptodev.c,v 1.117 2022/05/22 11:30:41 riastradh Exp $");
+__KERNEL_RCSID(0, "$NetBSD: cryptodev.c,v 1.118 2022/05/22 11:34:29 riastradh Exp $");
#include <sys/param.h>
#include <sys/systm.h>
@@ -471,6 +471,9 @@ cryptodev_op(struct csession *cse, struc
return EINVAL;
}
+ if (cse->tcomp == NULL && cse->txform == NULL && cse->thash == NULL)
+ return EINVAL;
+
DPRINTF("cryptodev_op[%u]: iov_len %d\n",
CRYPTO_SESID2LID(cse->sid), iov_len);
if ((cse->tcomp) && cop->dst_len) {
@@ -1131,6 +1134,13 @@ cryptodev_mop(struct fcrypt *fcr,
}
}
+ if (cse->txform == NULL &&
+ cse->thash == NULL &&
+ cse->tcomp == NULL) {
+ cnop[req].status = EINVAL;
+ goto bail;
+ }
+
/* sanitize */
if (cnop[req].len <= 0) {
cnop[req].status = ENOMEM;
