Mirrors_Framework/nuttx
1
0
Fork 0
mirror of https://github.com/apache/nuttx.git synced 2026-05-30 21:36:28 +08:00
Code Issues Actions 2 Packages Projects Releases Wiki Activity

crypto/cryptodev: fix async callback

Browse Source 
Fix incorrect memory management for asynchronous process callbacks.

Ensure callback memory is self-managed to prevent leaks or use-after-free issues.

Signed-off-by: makejian <makejian@xiaomi.com>
This commit is contained in:
makejian
2025-07-30 11:36:23 +08:00
committed by Xiang Xiao
parent 791e223001
commit 3b151ae44b
2 changed files with 29 additions and 18 deletions
Download Patch File Download Diff File Expand all files Collapse all files
crypto/cryptodev.c
+27 -18
View File
@@ -501,6 +501,7 @@ static int cryptodev_op(FAR struct csession *cse,
static int cryptodev_key(FAR struct fcrypt *fcr, FAR struct crypt_kop *kop) static int cryptodev_key(FAR struct fcrypt *fcr, FAR struct crypt_kop *kop)
{ {
FAR struct cryptkop *krp_async = NULL;
FAR struct cryptkop *krp = NULL; FAR struct cryptkop *krp = NULL;
int error = -EINVAL; int error = -EINVAL;
int in; int in;
@@ -686,8 +687,20 @@ static int cryptodev_key(FAR struct fcrypt *fcr, FAR struct crypt_kop *kop)
krp->krp_status = 0; krp->krp_status = 0;
krp->krp_flags = kop->crk_flags; krp->krp_flags = kop->crk_flags;
krp->krp_reqid = kop->crk_reqid; krp->krp_reqid = kop->crk_reqid;
krp->krp_fcr = fcr;
krp->krp_callback = cryptodevkey_cb; if (krp->krp_flags & CRYPTO_F_CBIMM)
{
if (kop->crk_arg == NULL)
{
error = -EINVAL;
goto fail;
}
krp_async = (FAR struct cryptkop *)kop->crk_arg;
krp_async->krp_fcr = fcr;
krp_async->krp_callback = cryptodevkey_cb;
krp->krp_opaque = krp_async;
}
for (i = 0; i < CRK_MAXPARAM; i++) for (i = 0; i < CRK_MAXPARAM; i++)
{ {
@@ -783,11 +796,20 @@ static int cryptodev_getkeystatus(struct fcrypt *fcr, struct crypt_kop *ret)
return -EAGAIN; return -EAGAIN;
} }
/* return the result in task list to the upper layer */ TAILQ_FOREACH(krp, &fcr->crpk_ret, krp_next)
{
if (krp->krp_reqid == ret->crk_reqid)
{
break;
}
}
if (krp == NULL)
{
return -EINVAL;
}
krp = TAILQ_FIRST(&fcr->crpk_ret);
TAILQ_REMOVE(&fcr->crpk_ret, krp, krp_next); TAILQ_REMOVE(&fcr->crpk_ret, krp, krp_next);
ret->crk_op = krp->krp_op; ret->crk_op = krp->krp_op;
ret->crk_status = krp->krp_status; ret->crk_status = krp->krp_status;
ret->crk_iparams = krp->krp_iparams; ret->crk_iparams = krp->krp_iparams;
@@ -806,19 +828,6 @@ static int cryptodev_getkeystatus(struct fcrypt *fcr, struct crypt_kop *ret)
memcpy(ret->crk_param[i].crp_p, krp->krp_param[i].crp_p, size); memcpy(ret->crk_param[i].crp_p, krp->krp_param[i].crp_p, size);
} }
/* free asynchronous result */
for (i = 0; i < CRK_MAXPARAM; i++)
{
if (krp->krp_param[i].crp_p)
{
explicit_bzero(krp->krp_param[i].crp_p,
(krp->krp_param[i].crp_nbits + 7) / 8);
kmm_free(krp->krp_param[i].crp_p);
}
}
kmm_free(krp);
return OK; return OK;
} }
include/crypto/cryptodev.h
+2
View File
@@ -262,6 +262,7 @@ struct crypt_kop
u_int crk_flags; u_int crk_flags;
struct crparam crk_param[CRK_MAXPARAM]; struct crparam crk_param[CRK_MAXPARAM];
uint32_t crk_reqid; uint32_t crk_reqid;
FAR void *crk_arg; /* callback parameter */
}; };
#define CRK_MOD_EXP 0 #define CRK_MOD_EXP 0
@@ -333,6 +334,7 @@ struct cryptkop
FAR struct fcrypt *krp_fcr; FAR struct fcrypt *krp_fcr;
u_int krp_flags; /* same as cryptop */ u_int krp_flags; /* same as cryptop */
uint32_t krp_reqid; /* distinguish tasks in asynchronous calling */ uint32_t krp_reqid; /* distinguish tasks in asynchronous calling */
FAR void *krp_opaque;
}; };
/* Crypto capabilities structure */ /* Crypto capabilities structure */