crypto: acomp - Fix CFI failure due to type punning

Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git

kernel os linux

To avoid a crash when control flow integrity is enabled, make the
workspace ("stream") free function use a consistent type, and call it
through a function pointer that has that same type.

Fixes: 42d9f6c77479 ("crypto: acomp - Move scomp stream allocation code into acomp")
Cc: stable@vger.kernel.org
Signed-off-by: Eric Biggers <ebiggers@kernel.org>
Reviewed-by: Giovanni Cabiddu <giovanni.cabiddu@intel.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>

authored by

Eric Biggers and committed by

Herbert Xu 8 months ago 962ddc5a 3d9eb180

+13 -6

3 changed files

expand all

crypto

deflate.c

zstd.c

include

crypto

internal

acompress.h

+6 -1

crypto/deflate.c

··· 48 48 return ctx; 49 49 } 50 50 51 + static void deflate_free_stream(void *ctx) 52 + { 53 + kvfree(ctx); 54 + } 55 + 51 56 static struct crypto_acomp_streams deflate_streams = { 52 57 .alloc_ctx = deflate_alloc_stream, 53 - .cfree_ctx = kvfree, 58 + .free_ctx = deflate_free_stream, 54 59 }; 55 60 56 61 static int deflate_compress_one(struct acomp_req *req,

+6 -1

crypto/zstd.c

··· 54 54 return ctx; 55 55 } 56 56 57 + static void zstd_free_stream(void *ctx) 58 + { 59 + kvfree(ctx); 60 + } 61 + 57 62 static struct crypto_acomp_streams zstd_streams = { 58 63 .alloc_ctx = zstd_alloc_stream, 59 - .cfree_ctx = kvfree, 64 + .free_ctx = zstd_free_stream, 60 65 }; 61 66 62 67 static int zstd_init(struct crypto_acomp *acomp_tfm)

+1 -4

include/crypto/internal/acompress.h

··· 63 63 struct crypto_acomp_streams { 64 64 /* These must come first because of struct scomp_alg. */ 65 65 void *(*alloc_ctx)(void); 66 - union { 67 - void (*free_ctx)(void *); 68 - void (*cfree_ctx)(const void *); 69 - }; 66 + void (*free_ctx)(void *); 70 67 71 68 struct crypto_acomp_stream __percpu *streams; 72 69 struct work_struct stream_work;