cryptodev: prevent speculative load related leak
Jeetesh Burman [Thu, 15 Feb 2018 07:30:39 +0000 (12:30 +0530)]
Data can be speculatively loaded from memory and stay in cache even
when bound check fails. This can lead to unintended information
disclosure via side-channel analysis.

To mitigate this problem, insert speculation barrier.

bug 2039126
CVE-2017-5753

Change-Id: Id85eb9c91932f358dd999b28dd53d7788b37ea04
Signed-off-by: David Gilhooley <dgilhooley@nvidia.com>
Reviewed-on: https://git-master.nvidia.com/r/1640356
Signed-off-by: James Huang <jamehuang@nvidia.com>
Reviewed-on: https://git-master.nvidia.com/r/1650014
Signed-off-by: Jeetesh Burman <jburman@nvidia.com>
(cherry picked from commit 25bd9436b11f41e23048c9515deae97900a46669)
Reviewed-on: https://git-master.nvidia.com/r/1660780
Reviewed-by: Winnie Hsu <whsu@nvidia.com>
Tested-by: Winnie Hsu <whsu@nvidia.com>

drivers/misc/tegra-cryptodev.c

index 4dc6ca6..2c0d391 100644 (file)
@@ -33,6 +33,7 @@
 #include <linux/tegra-soc.h>
 #include <crypto/rng.h>
 #include <crypto/hash.h>
+#include <asm/barrier.h>
 
 #include "tegra-cryptodev.h"
 
@@ -282,6 +283,8 @@ static int process_crypt_req(struct tegra_crypto_ctx *ctx, struct tegra_crypt_re
        const u8 *key = NULL;
        struct tegra_crypto_completion tcrypt_complete;
 
+       speculation_barrier();
+
        if (crypt_req->op & TEGRA_CRYPTO_ECB) {
                req = ablkcipher_request_alloc(ctx->ecb_tfm, GFP_KERNEL);
                tfm = ctx->ecb_tfm;
@@ -930,6 +933,9 @@ rng_out:
                                rsa_req.algo);
                        return -EINVAL;
                }
+
+               speculation_barrier();
+
                ret = tegra_crypt_rsa(ctx, &rsa_req);
                break;