From patchwork Thu Nov 2 04:09:25 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Yuran Pereira X-Patchwork-Id: 741131 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 1BBC1C4332F for ; Thu, 2 Nov 2023 04:10:23 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1348387AbjKBEKW (ORCPT ); Thu, 2 Nov 2023 00:10:22 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:44568 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1348268AbjKBEKV (ORCPT ); Thu, 2 Nov 2023 00:10:21 -0400 Received: from EUR05-VI1-obe.outbound.protection.outlook.com (mail-vi1eur05olkn2057.outbound.protection.outlook.com [40.92.90.57]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 4E90AA6; Wed, 1 Nov 2023 21:10:16 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=h0zb98I4ce7KaR+UVf71qO4ZgwLzhL6uDAiL59EZogcUTfkcEdpWZA0Y9Iiq6+/53sIC03p6Q7HhD4iUlnDLu9fmpv4gDRS2Kyq62OPhcEDUEDMxzZAU2WJJPuT9+osvCCoY9a5fTriTj7HmyVK/gu2+kW1rhz02GDoET+Zdh6/sx1q2076vX/UE7Xh45E9gJOg8GoY8VR91+DQGnqNIICncEnkqcN7c9WM7IVH2ncYY5db8UumbJdkliKMYdm/paOGMvBPXRwkE53CgsWsEnPsIKQ4ThnB3qlQyaEVqEWZgBv7NxVwDREcaiw7RUgouuoAZ2YzlIziuAL1jgxK2wA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=7wcOa+tsOZyxZpZEhWPM6+CTfXxj2CHGNX0aaU09gog=; b=jgYoddlUUOAT8CGwhCK9vWTEnGT0r1H99r3EHIquHdzON/jxwvLXVXMuWGLu9Q0tO6/FcNYNPF3yInXLiQperYDRrFdJSHvA5OqvUYjlBk7G3NWC06vw7EXGjxlZ2EXlecL+i3d5bxT8uYt4YhG4pw1/GImE7gxn2NgyiiUzjtF22mgus3kPEsXLML4VpwTbGddVakQOxNlck90dxQ5oN+hQsm2coOKBlBEZKAbE62VHG5qc9HuxH+vNTK44mQX+/b6fyvY7f4NGT/xIIW9Jt7WA+E1ljGGCzyt8Y3YrhRe1wRuQrlxMfgtIwjOaoYkRI/Tkk/+AaeDfyjWEChyXpg== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=none; dmarc=none; dkim=none; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=hotmail.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=7wcOa+tsOZyxZpZEhWPM6+CTfXxj2CHGNX0aaU09gog=; b=Bzwg34ioafKrS0/hs+f2yLAU4Ye/8jqDkahNLdFPWy5qISPNbMbOxdR5XHWdcTEEh9JhxkzQZEY8QK0Ap2G/h2LvyECi0UmzjIt3zFEsjwZ7ctFoueDrN+t5cm1yP4GAISQdDHl39i0uC6VhA/dDZsumARhdVMhKvOTWRw/FQAQ3zgle0Ulnr5zh44nge1JDDj+jdIYwItdTSC5LarKYwG6mRzTkCdtDFwPoMeDw2xjNUU2yG6t1iuU5LUXxyY/h2WoIG780m8JG2gJoRVo+pGNhVQv3rJu2bA5l41GCmgh8YBZs9ysxWzkPjwnzQQOqFy7mItLX9XDsfbuvzOTBvw== Received: from DB3PR10MB6835.EURPRD10.PROD.OUTLOOK.COM (2603:10a6:10:42a::7) by GV1PR10MB5868.EURPRD10.PROD.OUTLOOK.COM (2603:10a6:150:57::7) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6933.29; Thu, 2 Nov 2023 04:10:13 +0000 Received: from DB3PR10MB6835.EURPRD10.PROD.OUTLOOK.COM ([fe80::e2b0:8d7e:e293:bd97]) by DB3PR10MB6835.EURPRD10.PROD.OUTLOOK.COM ([fe80::e2b0:8d7e:e293:bd97%7]) with mapi id 15.20.6954.019; Thu, 2 Nov 2023 04:10:13 +0000 From: Yuran Pereira To: linux-crypto@vger.kernel.org, herbert@gondor.apana.org.au Cc: Yuran Pereira , davem@davemloft.net, tglx@linutronix.de, mingo@redhat.com, bp@alien8.de, dave.hansen@linux.intel.com, x86@kernel.org, hpa@zytor.com, linux-kernel@vger.kernel.org, linux-kernel-mentees@lists.linuxfoundation.org Subject: [PATCH 1/7] crypto: Fixes uninitialized skcipher_walk use in sm4_aesni_avx_glue Date: Thu, 2 Nov 2023 09:39:25 +0530 Message-ID: X-Mailer: git-send-email 2.25.1 In-Reply-To: References: X-TMN: [w6Syl30sjH5NK25I8YCUT1AkXkhAvwIu] X-ClientProxiedBy: JN3P275CA0004.ZAFP275.PROD.OUTLOOK.COM (2603:1086:0:70::14) To DB3PR10MB6835.EURPRD10.PROD.OUTLOOK.COM (2603:10a6:10:42a::7) X-Microsoft-Original-Message-ID: <20231102040931.1556061-1-yuran.pereira@hotmail.com> MIME-Version: 1.0 X-MS-Exchange-MessageSentRepresentingType: 1 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: DB3PR10MB6835:EE_|GV1PR10MB5868:EE_ X-MS-Office365-Filtering-Correlation-Id: db7faf61-55ca-461c-bf97-08dbdb599c80 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: FljDe8Yq3hSPZXikv7PwhCQDD/eECjeYoepF9TC7B6/8dSZFhH5uOCQ+C/wkHhq+he/sr9DoFQJUNgWjUp5DWfp79LSIlsJZMw8gOtK70yfhoacdZAADQaKnjLz93rP+vDvVSJwx3TAnTluqxttXgJ9JjEDvUFIV6QweiHOC0fXMwSrOUMcCsb1CCivUywTa9aBz909tX/R0+e8hbPQXg3jM1kpdk41p+fhsH6g4ARZk4Esi2Q0oB/wyRzFjs9hdy/XjQn42ttA0x2SKheKn38pqLnWoxaDnHmJc+zIOi0osb7rbzxR+S4rzrqfQ3BFaLGfX/hK92jA7Ei5rppInAFcZqLTH2gMVT4f4+A4MmTDtH13QKepBvX0jflKnxrLa6mxfpikvZHrLTvEhfG5oLVVcqJBBbbw1ItU9HAnC1Jdy5n3vPG9hyA/b13EyWP7RxAMAIROPBfq9T0IgNP+8zfKlF3bhVXAWsCzLKBaj6JZ3E6f8j95wizqCMgcgki5C+zrIimzvNPeuzyM8toK1XiO0qp176hsCHdifrlIJF9EuG67HbEa6L+fpewAGjxaloQKyWGfe1UH6zcfsdDAcJ0gDvNXGLIGi107FcpcgHCLitRX2btXQVwAc4VERXDAY X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1 X-MS-Exchange-AntiSpam-MessageData-0: EPrxYWE/6lN1hFzYvbF6PaKvmr7LAZ+ygmEEGytO8lCs0Rb5JppVVZYwFIl4oMy1SjOtiOaWxIZWc4p6cUjZGcMp/8DyHCInGBxe7ZIlheBooWBNN+YdcNTGjXo4TDqpi6uP7xpUgutkDP9OyKzC/L5d3UjhPihxDgox6s/la6CoKpOHM/xAQ6urHzajqGz7uEcC/wfdTKl/Y7Brt9Vn47ff74eR/w0Y0fpugk6KriNwxov/uwZ3y+p9gKJxjoGavlYFpqPNGPI/vTgAdmWtdPklEQvlBwk/Gfihj3Yh2wwLmBVHUcSag6hJSwY+dUkPyw7xE9Qrouwo+X/+cbYoGaLOI2R/qSJ2aMeZdBqIjk11TwaNJ2fsdnVbN+gSdGlmmSk5uUMVuzTMrJZPI5oP062BpZJSsRsJ1EMzagwIdnQUshPYKiapStwvXxg+/SgRqdRYPfzJAJw/7lBSsM3EsqslT1drQVlC8vKHwfCUO2Ku7/Z2k2LrLvd+JjY4EehLPq7LB8b09BFDeI6PQjSVFFcwZDeCTVITo/W6/saBZvS8ziF6LZzAlS80cN5/qLi4hSAO6ZspI47imiRU5p8+mQDYEUcZJeiAPVJktMl7SExB/oyEYiVjlNVQdpfe4Q/lVUn9tInzLP1BGe6rVhXSfKz9b3V/hZho4CAtHA23+D6wrMKB/yzqfmUMzgBOQVYRVoeCc3oaVHr7ipD06dAnnrKhEPMpZn4nc7zlvd1jyyun0T3VGb4HgDW6pvMpHtzg5llgj8TE85LvkVbpkySJ1l1SOgNGxgp6BBW5i9XlJyzTPXBrqQ1cN/QZCA83UC1BcjbZATa2oNm+YD22nHN9R+4fTPSA7DdAvZ7u96qf61a/i163mzo/ZqMh2Dv5Tr0XYZ/kH1heF391liB47RTKl6bvwHMtzWsM9mdYed+IchXob6Ja5KWN5EnltjHUMLNMvKatWR4osOxLW0lsuvoXdXbTQd3y+TXgmj8IQXEILCnqyJNW4ZIO8Os3egD2bQrnmjAJH60TpaBhAVvuzkFGXk8YSXYHtmJLRLERiWxaYqtJyLTRKjxqTXpDUIifUz9Xjllqhxn66TBMvfwou1dR7bS8+7CLZtHR4sntnv6i6JfuSH6WarhlQ9UpQauiIibplTwhHhqZBg4Plukx9ycqN/c/OYSpsczrIzV8jGHTgSE7Mnd/mWPy8+fgZqV5zGUwm+wbqfQdzWefCl8eJ4n5aW7bidBJ2VzeErANAUCpdHM= X-OriginatorOrg: sct-15-20-4755-11-msonline-outlook-6b909.templateTenant X-MS-Exchange-CrossTenant-Network-Message-Id: db7faf61-55ca-461c-bf97-08dbdb599c80 X-MS-Exchange-CrossTenant-AuthSource: DB3PR10MB6835.EURPRD10.PROD.OUTLOOK.COM X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 02 Nov 2023 04:10:13.2634 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 84df9e7f-e9f6-40af-b435-aaaaaaaaaaaa X-MS-Exchange-CrossTenant-RMS-PersistedConsumerOrg: 00000000-0000-0000-0000-000000000000 X-MS-Exchange-Transport-CrossTenantHeadersStamped: GV1PR10MB5868 Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org In the following functions: - `sm4_avx_ctr_crypt` - `sm4_avx_cfb_decrypt` - `sm4_cfb_encrypt` - `sm4_cbc_encrypt` - `sm4_avx_cbc_decrypt` - `ecb_do_crypt` `struct skcipher_walk *walk` is not fully initialized before its use. Although the call to `skcipher_walk_virt()` and subsequent functions that this function calls seem to initialize some fields of this struct, there is a chance that `skcipher_walk_virt()` returns without fully clearing or properly initializing the `->flags` field which means that the following flags: `SKCIPHER_WALK_DIFF`, `SKCIPHER_WALK_COPY`, `SKCIPHER_WALK_SLOW` could be storing junk values by the time `skcipher_walk_done()` is called. This could lead to buggy or undefined behaviour since these flags are checked in `skcipher_walk_done()`: ```C int skcipher_walk_done(struct skcipher_walk *walk, int err) { ... if (likely(!(walk->flags & (SKCIPHER_WALK_PHYS | SKCIPHER_WALK_SLOW | SKCIPHER_WALK_COPY | SKCIPHER_WALK_DIFF)))) { ... } ``` To prevent this, this patch ensures that instances of `struct skcipher_walk` are correctly initialized prior to their use. Addresses-Coverity-IDs: 1491520, 1491533, 1491610, 1491651, 1491715, 1491774 ("Unintialized scalar variable") Signed-off-by: Yuran Pereira --- arch/x86/crypto/sm4_aesni_avx_glue.c | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/arch/x86/crypto/sm4_aesni_avx_glue.c b/arch/x86/crypto/sm4_aesni_avx_glue.c index 7800f77d68ad..4117c6f787e2 100644 --- a/arch/x86/crypto/sm4_aesni_avx_glue.c +++ b/arch/x86/crypto/sm4_aesni_avx_glue.c @@ -11,6 +11,7 @@ #include #include #include +#include #include #include #include @@ -44,6 +45,7 @@ static int ecb_do_crypt(struct skcipher_request *req, const u32 *rkey) unsigned int nbytes; int err; + memset(&walk, 0, sizeof(walk)); err = skcipher_walk_virt(&walk, req, false); while ((nbytes = walk.nbytes) > 0) { @@ -98,6 +100,7 @@ int sm4_cbc_encrypt(struct skcipher_request *req) unsigned int nbytes; int err; + memset(&walk, 0, sizeof(walk)); err = skcipher_walk_virt(&walk, req, false); while ((nbytes = walk.nbytes) > 0) { @@ -132,6 +135,7 @@ int sm4_avx_cbc_decrypt(struct skcipher_request *req, unsigned int nbytes; int err; + memset(&walk, 0, sizeof(walk)); err = skcipher_walk_virt(&walk, req, false); while ((nbytes = walk.nbytes) > 0) { @@ -196,6 +200,7 @@ int sm4_cfb_encrypt(struct skcipher_request *req) unsigned int nbytes; int err; + memset(&walk, 0, sizeof(walk)); err = skcipher_walk_virt(&walk, req, false); while ((nbytes = walk.nbytes) > 0) { @@ -238,6 +243,7 @@ int sm4_avx_cfb_decrypt(struct skcipher_request *req, unsigned int nbytes; int err; + memset(&walk, 0, sizeof(walk)); err = skcipher_walk_virt(&walk, req, false); while ((nbytes = walk.nbytes) > 0) { @@ -307,6 +313,7 @@ int sm4_avx_ctr_crypt(struct skcipher_request *req, unsigned int nbytes; int err; + memset(&walk, 0, sizeof(walk)); err = skcipher_walk_virt(&walk, req, false); while ((nbytes = walk.nbytes) > 0) { From patchwork Thu Nov 2 04:09:27 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Yuran Pereira X-Patchwork-Id: 741130 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 9939DC4167D for ; Thu, 2 Nov 2023 04:10:31 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1348433AbjKBEKa (ORCPT ); Thu, 2 Nov 2023 00:10:30 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:44594 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1348417AbjKBEKZ (ORCPT ); Thu, 2 Nov 2023 00:10:25 -0400 Received: from EUR05-VI1-obe.outbound.protection.outlook.com (mail-vi1eur05olkn2015.outbound.protection.outlook.com [40.92.90.15]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 9B7E3E7; Wed, 1 Nov 2023 21:10:22 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=ViQnfXBjCLbcwAds1Lf54T9dg6oYnldCqp0+X32OXfIpOTpGyEC7E8OqqtMVU93J7CaWKLCbSE/3Ys5gGhUlMHzFuvo8UmV44z50wnuqwFC8NVGutmHjQFW/wYcP2N/MKVDuxPnhPMJqrwfJG9vlazsLkw1tK20QibYS47ZeyX4DhVX8MfMPYLqCNc1MUVsEngtHU2BgM2XeIufRz4n4WrEqZowiWsX9dIv3qMnnc8Z03va6VqjMlkSwdY1IVTHGuRrb0OCyLCSc+BvxeHAu7IPbKN5lV3lygPSy1qqUAUwlSw1pexbhTk9dNLZvUNfMBWo3G2qyzJc8N166rbSYmg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=hIu1e8gkymo0Mjuye5ETqHD4PRNOFa8JkqTLKQmZWKI=; b=ktgGkR97SPXTESlv//EaMjAXLsI0ha2VeSwTxydtRyc6GC9okWvQ+1/FrSOJ+yFD7cqUVUq54UiRAB2grPZXeen7Tspp5OPHhfSNeSO3+dbWCmbZnjudGBjdXgVIyjq6KPv6qk09oO7+5OH2RQ/lMGfcKSm2GzC9o+qvWzYYTGpndcFCdz3elxUrkjaJHyzI7s3ZPU+xlIOKdeOZfnHfdLGEq+2e7XzQDkEWjgXdwdIPWGDF2XRX287bdGMUhG4UczQ7W/Ac1gcLcTJQI86E59vN1NDf65LAScSJOcZM4kdZFUljLw0ifKUClSlDrW8ZgOAjvzsk2XSj+z9NO4V5fQ== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=none; dmarc=none; dkim=none; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=hotmail.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=hIu1e8gkymo0Mjuye5ETqHD4PRNOFa8JkqTLKQmZWKI=; b=iui/8T0nCc2cBudsBZAEu9q/0jBT40O59Hb5ldVOTco6bCYDNGrb9bubhHacW2FU+sZGxIDr9EwBFGh8bPkNqA69djRPV59PJ4BLdxSiPcC1M7VFs1pkBdt84fZt/2r0gWuyL0XtbltGInGJwiHpfaP4OdiERo+CraolrkaNtKgpovb5QLbOWPUz/siiK5XX8xNmDNChcWzOMhRCzaXICco9xZslPFYyV4+TekM0SosfMMSxBJOMGMN7Kirwi64ZeHbuF3sHxBZsngBj3dLTHWW5PJenZ2ARdn5nzE/TEaN5EJcoA7pGm8f/tB3f5KXViNhZNftQ4L3iaeQgGVjKuA== Received: from DB3PR10MB6835.EURPRD10.PROD.OUTLOOK.COM (2603:10a6:10:42a::7) by GV1PR10MB5868.EURPRD10.PROD.OUTLOOK.COM (2603:10a6:150:57::7) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6933.29; Thu, 2 Nov 2023 04:10:20 +0000 Received: from DB3PR10MB6835.EURPRD10.PROD.OUTLOOK.COM ([fe80::e2b0:8d7e:e293:bd97]) by DB3PR10MB6835.EURPRD10.PROD.OUTLOOK.COM ([fe80::e2b0:8d7e:e293:bd97%7]) with mapi id 15.20.6954.019; Thu, 2 Nov 2023 04:10:20 +0000 From: Yuran Pereira To: linux-crypto@vger.kernel.org, herbert@gondor.apana.org.au Cc: Yuran Pereira , davem@davemloft.net, tglx@linutronix.de, mingo@redhat.com, bp@alien8.de, dave.hansen@linux.intel.com, x86@kernel.org, hpa@zytor.com, linux-kernel@vger.kernel.org, linux-kernel-mentees@lists.linuxfoundation.org Subject: [PATCH 3/7] crypto: Fixes uninitialized skcipher_walk use in chacha_glue Date: Thu, 2 Nov 2023 09:39:27 +0530 Message-ID: X-Mailer: git-send-email 2.25.1 In-Reply-To: <20231102040931.1556061-1-yuran.pereira@hotmail.com> References: <20231102040931.1556061-1-yuran.pereira@hotmail.com> X-TMN: [aXHX50crGI1B+8V5f6WJd548W5WSNB2g] X-ClientProxiedBy: JN3P275CA0004.ZAFP275.PROD.OUTLOOK.COM (2603:1086:0:70::14) To DB3PR10MB6835.EURPRD10.PROD.OUTLOOK.COM (2603:10a6:10:42a::7) X-Microsoft-Original-Message-ID: <20231102040931.1556061-3-yuran.pereira@hotmail.com> MIME-Version: 1.0 X-MS-Exchange-MessageSentRepresentingType: 1 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: DB3PR10MB6835:EE_|GV1PR10MB5868:EE_ X-MS-Office365-Filtering-Correlation-Id: a3fac163-5017-4033-0b5e-08dbdb59a0d3 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: a1G76ybKfrAUrMoH8nOUosnKQggPtVX7magy1yHc6xbZPMOUNO9B1E1xgkt5MMgGxrvGx7sQVPSqRmPdNAWdVeMJvqQF22eEPIoYB59TluxTJBpkoeWc3whtFWu0Wo426wP52RydDDQp8aiSpbA9BSn2xTMurS+5f+tlOBNpsoSPpfELjildo24UNcao91hLc3QyE6y/M5K6UtVGSUNQWjqZzvXAkTubcG98uvlslGTcv1qHN+XtpKEgqhbVeMwUKqNZ0QLygqL8KWslgPOb2fmzuYL9mtc9N4FuGwIbq9Dl/alhgf1MDgqGmov9OiQ5FyV2kcFdTGk/lONN44DILObOO+T6f89sZUIkorh4zh10VO60KX8JjjsffERJHDEi45QDAaL4Y+tbGp1VDonz7teBvgwzxLXOfsWer00EnEjz0dRjDjs2W0cw5W2hVqbZycWG88Kk76TAoyz/6ArZMESCQMthVDq7fgtlgwIOIMDNoZqUGRIdppCpkLQ+3jvq/s3ljVca+L4z9cBPUOQs7j1tx5FDD99lOpJozpkL2VtjXSmCTOOTIE6Je9DH9yA0/2II8ot302aA0WD+TsPIJt4K8+NYu5RfBW5FcszPqUHO5LwHjMp71lMbCdw446rD X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1 X-MS-Exchange-AntiSpam-MessageData-0: AHL6xGGpys684XOThfHNsYJTN4jvWerIyG//4diq0MNa/Q2j8y04xvIwcEfBQyj5xHNPIOwyDADV3recGJV0qVX3JpWmApESo3cTV+h8MiQlm3f3bIPt3aD332NyGL9p1/d6BdCxYNu6tbVmc4UV3X5Q+tEhcGpAGvMIUnFgZEyyKRQtPeUP+/dACWM2W4Wgc57bm+iJz2oWe2Kt49rcbnrYWxC+IVk9HvyYIzIc85xHl0xFDdqJTlIO+sbWsoHaMbU1YyoANbRG4CjiISbUkLH23v3MN0Qxk47IoP+G/SIwTPNLi7hUwFhcYIhcWALLfuxFN05YOIk8yNMXcUqwEPm2SiTgearh280c2XLXwTyBptrlwJEZp+iUEOsCLHu/5E45jQIXZlz4k2809Aezvf5rVy6YMyulnl7/firid+0jiGRM9nt3dCM6Wcmf8n6H1N1bDBIbTo6Wr3aNRy/0i7UppGIOrGf+rWs1Tui0d7n1z9usIW6ya83xLoM+8HdGU4N09PmhPjiaWfrUItg29mnmxYnZ1ok5Yni5G2XdRN4EHPfB3sksiafsP/D/7KM4p5r1JD7hGXrK9PiVHDl2QNE5Q9QIFI2VL1rzvnT8a6Q5JWIRNRtVbAfjiCLf+MwOy0UF97eQI7dbIRky+qymH+xtGs59V/bY7k2c3+83J8zSD2fNrRS+FsiPIgMtKodyz9tR/U9rb+Bwi5Mo+AGFR9xZP6afD4GGPJ+lBoo/SdHCUnepUjdbATzcsq/S1IA2VLxWTzR6pyDiDPT7nC5WTu5/aC/qDxGUaECys9Em7x+4FbPU/7XWoPSt+GCOFi3Wjh8F/UgqECO5/DmjKAITzAUfL/xZP+MCZLnu7jwRpoEDnifDKtfZveD9S25XXp6jAiaITkxipe8WWRUKxtlzRuzELsILlhqVeCTaFB5MAFlAjOQu5pnSWke3PnoCFG2de0NF07VB8AjZfcFoaA2VpcUvxaTAXN/dD5rubtwvNk/+HgXN/vJCB3yXpaBOXxa+V9gXiMITPE1Ry0yUjQOJE9lfrLl0Ulx4UxRBjVdtO9dq5QfHQPcuZ7FxxP75plUfDbaZ7Leq9z9SIT7recNKeT/CGJblq7mhuJdYPGrOB9IbSXPpyn9JKtkCH0esZG6iDKPi/qPNX/Yy2iMaSjtJndUn0jidkRi3UjHg7Mj55/vnAsgGL0ibnXivxn7Lv7evTbsF3r5EEQNFdnHqaQgRCNllaJ4y9vdZBER6N5S1lAc= X-OriginatorOrg: sct-15-20-4755-11-msonline-outlook-6b909.templateTenant X-MS-Exchange-CrossTenant-Network-Message-Id: a3fac163-5017-4033-0b5e-08dbdb59a0d3 X-MS-Exchange-CrossTenant-AuthSource: DB3PR10MB6835.EURPRD10.PROD.OUTLOOK.COM X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 02 Nov 2023 04:10:20.3040 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 84df9e7f-e9f6-40af-b435-aaaaaaaaaaaa X-MS-Exchange-CrossTenant-RMS-PersistedConsumerOrg: 00000000-0000-0000-0000-000000000000 X-MS-Exchange-Transport-CrossTenantHeadersStamped: GV1PR10MB5868 Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org In `chacha_simd_stream_xor()`, `struct skcipher_walk *walk` is not fully initialized before its use. Although the call to `skcipher_walk_virt()` and subsequent functions that this function calls seem to initialize some fields of this struct, there is a chance that `skcipher_walk_virt()` returns without fully clearing or properly initializing the `->flags` field which means that the following flags: `SKCIPHER_WALK_DIFF`, `SKCIPHER_WALK_COPY`, `SKCIPHER_WALK_SLOW` could be storing junk values by the time `skcipher_walk_done()` is called. This could lead to buggy or undefined behaviour since these flags are checked in `skcipher_walk_done()`: ```C int skcipher_walk_done(struct skcipher_walk *walk, int err) { ... if (likely(!(walk->flags & (SKCIPHER_WALK_PHYS | SKCIPHER_WALK_SLOW | SKCIPHER_WALK_COPY | SKCIPHER_WALK_DIFF)))) { ... } ``` To prevent this, this patch ensures that instances of `struct skcipher_walk` are correctly initialized prior to their use. Addresses-Coverity-IDs: 1456799 ("Unintialized scalar variable") Signed-off-by: Yuran Pereira --- arch/x86/crypto/chacha_glue.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/arch/x86/crypto/chacha_glue.c b/arch/x86/crypto/chacha_glue.c index 7b3a1cf0984b..be8dc756d205 100644 --- a/arch/x86/crypto/chacha_glue.c +++ b/arch/x86/crypto/chacha_glue.c @@ -13,6 +13,7 @@ #include #include #include +#include #include asmlinkage void chacha_block_xor_ssse3(u32 *state, u8 *dst, const u8 *src, @@ -167,6 +168,7 @@ static int chacha_simd_stream_xor(struct skcipher_request *req, struct skcipher_walk walk; int err; + memset(&walk, 0, sizeof(walk)); err = skcipher_walk_virt(&walk, req, false); chacha_init_generic(state, ctx->key, iv); From patchwork Thu Nov 2 04:09:29 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Yuran Pereira X-Patchwork-Id: 741129 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id BF024C4332F for ; Thu, 2 Nov 2023 04:10:56 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1348465AbjKBEKz (ORCPT ); Thu, 2 Nov 2023 00:10:55 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:53782 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1348442AbjKBEKe (ORCPT ); Thu, 2 Nov 2023 00:10:34 -0400 Received: from EUR05-VI1-obe.outbound.protection.outlook.com (mail-vi1eur05olkn2041.outbound.protection.outlook.com [40.92.90.41]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 276D8135; Wed, 1 Nov 2023 21:10:30 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=SeNIs+BpAoCRBLVZGPPJrBsMiA5CxJUck7B0ZTy8V0GnhHluVK3hQqtR2mKXcA7FAdubIl+cDd2XFA+NleGc9M76qCaJfFRPI3UpofBlL2r0yxnEzLfSDy2udjuIGeCquVXb5xotjFReVCx47ZB23m0NA4YNWElguNaP6klkNs3VlqOnFrK3diSdijH511JN4s9ahUtOXKjdNiIPKcnKpsf/Gp2UuvX5CE+FzFXqBDYg4ydgKUhbxuUVmB5pRliDy/jNcDm1V2qtyq/p7MJgM0hlCCNWcILMDO5L0mLN8fhskw3qXpMaeOC74rxlKlvrUd8z4b6sW+C2dVu00U7yTg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=PVgUGACtvY7WDUA2hHugJ5W8C6yESqMEAaFLZ1yJWzc=; b=ik0bdU/BNswuTXh2afH/H1lsHK1AknEVHHbM7hvIBSZjDr/FV2LvOSYOnerlvCWlbJrKfr8WWfbOwy4h/GHQLdyNiMQ6hLPyp+h+J0Tedxd3SPOOfdHU0n6mASFqCMowtGxqGhNcejeCdytLDVxqoWDa97hYEcLus4byp2vsMR35HQTXvVsGNMppDWwnso960DwQfuxwq0nuzFb4x/dSq5ObIbNSY6JbfDPhpd4UgfXafh79MJL9+0rS275IUVLBZtHnSdlt5qsCIAG6psUdUoTq+ROvkY5WTEoPEZ520q1E8/yDHGW/fpChK6nT3aoV8zeJNhDmpFKOrLGwDM7vCg== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=none; dmarc=none; dkim=none; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=hotmail.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=PVgUGACtvY7WDUA2hHugJ5W8C6yESqMEAaFLZ1yJWzc=; b=rgGMeSlO3rhUMHvdlH+16VSgMMAP3Rap62TsL9krF/iEj+exMyspWd2JnQ5uSpdpsq+XfbSPEpo4FEcfAD9psC+6Dr5PbZtb7FUabNr0aK2rssLogMkxSDzZvYQj+SNEhuDuxUdmr9Qngj2OMtKbNxCQwhoiL4bvniwxBLxxpyRo//uuNNofEKa9HHk4rc3tU/5J+846AkhWNFYPZSYyxXabgR7XsyJTEAOfdJ6wqjqE1u5XzvRB+KjC3XuNRhUXqX++kAC6tDUs2LQaQrPPC8DjsxBiRGHqCrIyrIqd6xv8I4FEnM5UFeYIIWhQDUu9PQnvO07nEwfihUS2BPkuDg== Received: from DB3PR10MB6835.EURPRD10.PROD.OUTLOOK.COM (2603:10a6:10:42a::7) by GV1PR10MB5868.EURPRD10.PROD.OUTLOOK.COM (2603:10a6:150:57::7) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6933.29; Thu, 2 Nov 2023 04:10:27 +0000 Received: from DB3PR10MB6835.EURPRD10.PROD.OUTLOOK.COM ([fe80::e2b0:8d7e:e293:bd97]) by DB3PR10MB6835.EURPRD10.PROD.OUTLOOK.COM ([fe80::e2b0:8d7e:e293:bd97%7]) with mapi id 15.20.6954.019; Thu, 2 Nov 2023 04:10:27 +0000 From: Yuran Pereira To: linux-crypto@vger.kernel.org, herbert@gondor.apana.org.au Cc: Yuran Pereira , davem@davemloft.net, tglx@linutronix.de, mingo@redhat.com, bp@alien8.de, dave.hansen@linux.intel.com, x86@kernel.org, hpa@zytor.com, linux-kernel@vger.kernel.org, linux-kernel-mentees@lists.linuxfoundation.org Subject: [PATCH 5/7] crypto: Fixes uninitialized skcipher_walk use in aria_aesni_avx2_glue Date: Thu, 2 Nov 2023 09:39:29 +0530 Message-ID: X-Mailer: git-send-email 2.25.1 In-Reply-To: <20231102040931.1556061-1-yuran.pereira@hotmail.com> References: <20231102040931.1556061-1-yuran.pereira@hotmail.com> X-TMN: [7tSm00vf8YSkeSkPCo63A419TA4evxex] X-ClientProxiedBy: JN3P275CA0004.ZAFP275.PROD.OUTLOOK.COM (2603:1086:0:70::14) To DB3PR10MB6835.EURPRD10.PROD.OUTLOOK.COM (2603:10a6:10:42a::7) X-Microsoft-Original-Message-ID: <20231102040931.1556061-5-yuran.pereira@hotmail.com> MIME-Version: 1.0 X-MS-Exchange-MessageSentRepresentingType: 1 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: DB3PR10MB6835:EE_|GV1PR10MB5868:EE_ X-MS-Office365-Filtering-Correlation-Id: 21f3d836-d820-4e3c-da47-08dbdb59a4f0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: z/Pb3e3Q+LurF8MF7/MF7wZpHA+hLNP77ggyVwuysWq5R1ukJLktt2nlMJXIxCmAR8cHQL74kpjlDfeKm1CNFYwlRceGJr6GcLdr88v4FZ6zosnbGkt0oljUk7NpwxXG4IdonTQcKnx5HCBqLRVGqrdmenhx6xSD7ZZzbrkKcuh7Kcmwwz+S51PGxPdV6fxal785z5HIWVRGovlKRGfQ/iQW1MBS3lv3NIK134R9trB8i1ajims8lj6byndMQ/Fbjc6gG4g0kfJFWl4A/i4cw2hOFPu9rNrbQka6Sea/REsmycNW308xKWTgWc1VooCqrTimNVIM2mcrjFaq00xaRH2Hn33yVdsafXHqTgePm+Ys5YGl8wdRfY+vJ6qL9EOz1+qPuYnqqZglcpbKvkzJ7tICzpUAcBIfJrwWEOBGkehA7BQBO41KR9flzK0C0S/aTDO0fIyeuBIr+dUEOTXRpVRb0b7f+vcBh0l7hRaJdIrW851pcfIUWCqIOlvXKbNo3YLvk+D4OkFQ2GyJq077luiPKPhUekelfWJzFvGSsPYp6nrKOsPdXhOxF7Lvw6YLL/a5dcOo/uDLIUTDurk71WalcJ8PyZ3dPeX7gepmuOTLHM+/lHzvSZRcjMwtoljM X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1 X-MS-Exchange-AntiSpam-MessageData-0: +M65OmRVKqTw+dHqAFB9ugBeT82L1jnq7sDEnbYhTtOoIGmRV9yIsM1KxLO5KZMZRAlTUYW5Eh0YlqCvJ8vILiqzr5L9pof6z3WcZVLgzXfpZuHfD2aHkjH/weHbjO08AkKTbL+JXt+ECwcSlCHW3Ox03+f4JFqSs4vjmrkOvL7X8Wq+YOty80IJsS48VDitPZslsCqcZ0b+4o2riw7zRBeh1RRB4t8XOhLnx4eCv3HYouNIvwXcREunAhP5UflHhIbONLpCZZDJGpB45EajeZP1eRR3Xa4qUr0lO3jHYpnsdwynyObjfSouyCBtWIj3l0AkEZ00++bnfHY4vhdXJVc8ngDOiR+kJqXh9KfseHqygUTZCIxysCjctdcP+SecWtaqiO7g9BTndAyWoZvmvh7A1XlAZJ+yA9Uk52hxOiB/50FOZWEqpWJHrFe7/EGVXv/Wc4SUMw7Xe8Wr7UMUyKvDubUfY9LfFN/ff7+JdhnVh7ERgFgiakxoIDTrqVNTYxdExDpzlQfU//BjZtb5GkC4ZX/3Knj1fbvHV5MZHGRUH6eIJ+FMFnuZPUI9f3NimzMkApYLj9lFh9VUHrg8iNWCMvjdtaVPaZmkRj8dFtvCrsUa9Ej04cpOjB+hdlKm21aIzNwC6+7HS9iOkWy9aXkUyM6hc+huw+OP0E4JHSubeMBiu0AY7JDOuz62ZxJU3LDZJaZHknNZ3dDo5m+IAE3CIjsYsZ+54yRHeIKVQMvyosMtrnB3ZQfTNH80Tcp2frMy+ehadekhOzHytT1jkHhANTlzLE2B5nWPZnlZ20xuWw+bGfHpDdV1i/sYPp/PigqRdfA1V5Hg0P88WMBNCTU4lemFaPLwDgHRdpzu03KV0y1A6P8S/oH/YZTGZrDvmmUCsBymyXEUo5dxa0fT3wNzLZD7VvuKCkwyPH42HMsa7T8mKOzlHMBY2ACFr4EyNfUjToNpN/FoLfOpewHAHqBJHRnzN2nwbBz4/Qtucp4bgpw2F9hERLStUcganA2u20qEBnAobXHv8LmoSVLrnEJBXGzamy+oDLSmMiswzUJJsMMHLBAVm9JHvUMw/noEU5N7PwGFLl2FMxjJ8GP1EsWtMF/1wCHlYEE4qwi1odb1EVfHzAg5PRWJvEhXwbe7Vbli/3nM5gVIcN9pBLt/C6FgTlWsrJKRs0zuudS9rhjy9pWF9ddL3vPT+ZE3OSJnkmKjVA9ForMch4ZjbsLyod3c9r8NkqpGcP/G69flgZk= X-OriginatorOrg: sct-15-20-4755-11-msonline-outlook-6b909.templateTenant X-MS-Exchange-CrossTenant-Network-Message-Id: 21f3d836-d820-4e3c-da47-08dbdb59a4f0 X-MS-Exchange-CrossTenant-AuthSource: DB3PR10MB6835.EURPRD10.PROD.OUTLOOK.COM X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 02 Nov 2023 04:10:27.2100 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 84df9e7f-e9f6-40af-b435-aaaaaaaaaaaa X-MS-Exchange-CrossTenant-RMS-PersistedConsumerOrg: 00000000-0000-0000-0000-000000000000 X-MS-Exchange-Transport-CrossTenantHeadersStamped: GV1PR10MB5868 Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org In `aria_avx2_ctr_encrypt()`, `struct skcipher_walk *walk` is not fully initialized before its use. Although the call to `skcipher_walk_virt()` and subsequent functions that this function calls seem to initialize some fields of this struct, there is a chance that `skcipher_walk_virt()` returns without fully clearing or properly initializing the `->flags` field which means that the following flags: `SKCIPHER_WALK_DIFF`, `SKCIPHER_WALK_COPY`, `SKCIPHER_WALK_SLOW` could be storing junk values by the time `skcipher_walk_done()` is called. This could lead to buggy or undefined behaviour since these flags are checked in `skcipher_walk_done()`: ```C int skcipher_walk_done(struct skcipher_walk *walk, int err) { ... if (likely(!(walk->flags & (SKCIPHER_WALK_PHYS | SKCIPHER_WALK_SLOW | SKCIPHER_WALK_COPY | SKCIPHER_WALK_DIFF)))) { ... } ``` To prevent this, this patch ensures that instances of `struct skcipher_walk` are correctly initialized prior to their use. Addresses-Coverity-IDs: 1521842 ("Unintialized scalar variable") Signed-off-by: Yuran Pereira --- arch/x86/crypto/aria_aesni_avx2_glue.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/arch/x86/crypto/aria_aesni_avx2_glue.c b/arch/x86/crypto/aria_aesni_avx2_glue.c index 87a11804fc77..d5a8077f9f96 100644 --- a/arch/x86/crypto/aria_aesni_avx2_glue.c +++ b/arch/x86/crypto/aria_aesni_avx2_glue.c @@ -12,6 +12,7 @@ #include #include #include +#include #include "ecb_cbc_helpers.h" #include "aria-avx.h" @@ -94,6 +95,7 @@ static int aria_avx2_ctr_encrypt(struct skcipher_request *req) unsigned int nbytes; int err; + memset(&walk, 0, sizeof(walk)); err = skcipher_walk_virt(&walk, req, false); while ((nbytes = walk.nbytes) > 0) { From patchwork Thu Nov 2 04:09:31 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Yuran Pereira X-Patchwork-Id: 741128 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 0A6F8C4332F for ; Thu, 2 Nov 2023 04:11:19 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1348512AbjKBELS (ORCPT ); Thu, 2 Nov 2023 00:11:18 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:43250 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1348477AbjKBEK7 (ORCPT ); Thu, 2 Nov 2023 00:10:59 -0400 Received: from EUR05-VI1-obe.outbound.protection.outlook.com (mail-vi1eur05olkn2041.outbound.protection.outlook.com [40.92.90.41]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 2CD7319A; Wed, 1 Nov 2023 21:10:36 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=IKb4SRmxA6I3nvMSF+R0JLcgNcImiJE2rKf9m+KTDYOwPBs8F7Zr/G45a/BHWCw/gB1ZuStHXtjwSkqGizI51vfeX5YcJAxlxxkTbor+iVaZZVazuUhpVnXQPsedVDZzNWe4QJZQ7afPJy7JU0hdgOGZb+a0AspQtLrhdFTQ8t2JAoXQ+nrlT7i0oF71qI3deZ0Sb9VtGe+TLrJFi3XFIIq65qSU5r2RkI+aH0HdAB2X6b0V0LOPAetsH7Oc6uPqADzpigzG5OgTlAqzQg+AOES8mxAYQSlDssr01dXJNTXi4OKp16aUjn7wbEJzbj1Qyeb3hR5IurMFXhVFLTGNMw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=Uc5vsEu7OhZHqKrkUwNVd+nJqpbzW3IxrMNjLdrTwS4=; b=XOAPpDL6JSHXevQrQxyUeR/cxDa1wflUPOIftQM/M9WDdmc0KwLbH6oAtwsLZc2i/v62gXzyoQ8kga8GDQPHOrYkf6uohEui1kyLwGzPlt8ZhUKGwHK/6neYenBPDtewhwtnb5rNit/TpU4vVpGhLQw3mRv5OACzWvOD4Oww3m3Dm+Ikpv6Cy0BSIgXodgx8YdRe9+eV+6Vul2r7vrChgUUFRbNTyo/NTDLZUB5U6miuWeTtbsEJVvseY88wSXOUZWog3hUuD3HfvBoE15jny2SGRtr8hOaRx6NH3gHuxGPUpyL208ANyvH1UfqGsvI4/ihplYQqQDo7dGDOlBdKkw== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=none; dmarc=none; dkim=none; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=hotmail.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=Uc5vsEu7OhZHqKrkUwNVd+nJqpbzW3IxrMNjLdrTwS4=; b=FA8Hg3Z+Bk2HeHzdpOxUqvk5vCPSLnuoGPDavQtB8HuN+UPo4a/M/I49nXDx9u7mrxYLOAcdRHruEufBzmJdUbGW8LyhVMZ0i959pgMpKR7uuUbOs7qpW3IPohogYVyUwtqffVtGqvIMHfba+0RHwils+DUCKVJ/BjuVYPD8ojDbl12hZ1sivFevVXAAoNXHKzWP4FdilAkvK/N5w5kC9sBMA6KKt7+CglyE8oY+ZnNpBhEAx1CqgwwsL9aLOAvOzhzcRa30+Tyi8KSmkPJoiYuCTArWxvj1di6Ii5IdDRqGJnAyiy39+fJbxYoeBBVFPLR70IgHNRnZLD+1PLeVSg== Received: from DB3PR10MB6835.EURPRD10.PROD.OUTLOOK.COM (2603:10a6:10:42a::7) by GV1PR10MB5868.EURPRD10.PROD.OUTLOOK.COM (2603:10a6:150:57::7) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6933.29; Thu, 2 Nov 2023 04:10:34 +0000 Received: from DB3PR10MB6835.EURPRD10.PROD.OUTLOOK.COM ([fe80::e2b0:8d7e:e293:bd97]) by DB3PR10MB6835.EURPRD10.PROD.OUTLOOK.COM ([fe80::e2b0:8d7e:e293:bd97%7]) with mapi id 15.20.6954.019; Thu, 2 Nov 2023 04:10:34 +0000 From: Yuran Pereira To: linux-crypto@vger.kernel.org, herbert@gondor.apana.org.au Cc: Yuran Pereira , davem@davemloft.net, tglx@linutronix.de, mingo@redhat.com, bp@alien8.de, dave.hansen@linux.intel.com, x86@kernel.org, hpa@zytor.com, linux-kernel@vger.kernel.org, linux-kernel-mentees@lists.linuxfoundation.org Subject: [PATCH 7/7] crypto: Fixes uninitialized skcipher_walk use in aria_gfni_avx512_glue Date: Thu, 2 Nov 2023 09:39:31 +0530 Message-ID: X-Mailer: git-send-email 2.25.1 In-Reply-To: <20231102040931.1556061-1-yuran.pereira@hotmail.com> References: <20231102040931.1556061-1-yuran.pereira@hotmail.com> X-TMN: [o36x/O7uf/nht7Ig5bRnI78OlfKLR1hS] X-ClientProxiedBy: JN3P275CA0004.ZAFP275.PROD.OUTLOOK.COM (2603:1086:0:70::14) To DB3PR10MB6835.EURPRD10.PROD.OUTLOOK.COM (2603:10a6:10:42a::7) X-Microsoft-Original-Message-ID: <20231102040931.1556061-7-yuran.pereira@hotmail.com> MIME-Version: 1.0 X-MS-Exchange-MessageSentRepresentingType: 1 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: DB3PR10MB6835:EE_|GV1PR10MB5868:EE_ X-MS-Office365-Filtering-Correlation-Id: 0ba7efec-bbbb-456b-100e-08dbdb59a94f X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: oyy60I2u8CRqhb7c52SHBJgS896bopYObtB+JvUU5lEcGta/aO7Rve/9/DgIUw9TOWrMtR80SfjC71V0GhOjbMONdJwHLH6O8Wn0mbl45DZNnNXD55BLgzUYxqW6GXYVw02C5iz2ySVemrgWRxdy38/4rXlut6efzWQyR3lHhxS40k5WUEmmHkgXrlkRknWTR9j28dqtTysvtZKd2bi+1DMLt7M5G3f/sT0d7uAHFQM4RsyhB2d9Cf/GGNKRcD7vv6h458SDEIr2T6EnpeLiLneDXX94kSd7NY/uLnNfxCaa5YH0DBBxjz8Lm+rGB0HKsc3dYXy5JGCV2QqTDRMwvXffaRv56z5+9oDNwrFdgyrd0pv5zucndwykKiH1o7bzZGEeJ2Wg/3Oh6HowgU6XOpCNqrsY2tI01gYker/xWD5tymtnfz0z8vN+fDCW0EpVbHj8wDa5MZ8mmPG3Tm6is1fqGfoJ3Y06d0bzFOx/h4EVas9F+cZHLwLlaA4Hf6Tw8ZnbX5X0L2Xjflr4OS1jsJArWJy3A9oQFg1jJd+/6Bxu1SvsD8elkugrJpIQrGi6Y3x0w9M0Ue+nRULULdR6r3l/3tlansg+81qWcgT16Wd+2Gx/Jd/HbZ7J3TZSxJch X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1 X-MS-Exchange-AntiSpam-MessageData-0: 3mnrAZBn3Jfe+bYhCiGDBLIi05dNocamSJHC0POx9kmIcripDyqGkcU5Fn9iZ9ns+iRaXLkYLLxdXsnFsnQs00rdal/iezOdwxt9iIJKiEq4l4+FFuKSEevJDjDu+KEfP0vKNjF2JX0mFnAUmM8xea0KjT7pjNhuty5kPk5dpN+sCsSgUiHoNn1ihw7bWnT8hXaGwTOs7w1D9c+wOqvZYxjFTZaD6lsQO8g7NBH2IbKpl68UKpwien9NxZaAq6iy2usgWg030i4z4UjWXadEbYTIi23LZXsQa/YFHB/DPQBIHmEOVRo/nfCvRxm30/kDnbf5BX+FEMN34opAv35tIrH2yHBet3dtCCoxBflmgcVJ7t0YqBX+u55at6rAiJa79HllameLi96UNrf3pO+4YEi+XyLc+Di++9a2hhRZAW2nwz0YmHXkt5g6vQCu71LaNSsJSE/ow850Dt2ccwVRmXhoGzaVKtTpEWB4r63BjYRL30chrcait6M1T/wjBAnqxRH5GjEKB/BRxR8CF3oERaVGSeHcaFluDXdyXURFvvHdd/y2OSU9/tw7Tk++58oWW41lk/Jjrff/5UKHjcr9S3v5EW466iDN2QlYS7376SwZsKuaMwwRcgqy2cTXpczR6yeg3stbwgX8wF7S1WauAcPmHmHJlv8hJ7NUbF/g/jVWNCXo3wgxb6NEW17A3gz63fun6ctMrn62t9SeI0Cub1y3j83lMHmtzbgCfi0YLTvNDv5FV9vitM6yik0Uce+KuqUPV0HZli3WqK9HCAf2w8+zv61olEAmdHhW/BI6OUsrHrCu7rvxoG+CZxi4zGOIdDX5yXJr7Jjhqln7BG0f3mr5rsdH5KP9yQzRcf98i10T9ui/14oanZXPi4epznJMmYn3GhgjmC8hEzfssJycuOgCMBdV06CIL6M+HWjTfCr6i6jX2LV94GEL3JlY0vq8kRmZjtPXXY+Uc2vCUBelyYlPiCqgce4VoAOCLPeHq60dnFs0BGY24aIeZTu09onsEDO20ImW82LPs2YyBoveW5BPuvncCYsSOT5vDfLr408d/nTyN8EuVT5geKjK/s2xCaIHYftB3S9ZmbsfHhAEn1G1Ix6W1yZdYFbRcjDFboB9EtJBGoI6eawc7W8DwzswYvuVS+uNCuTroRIZe+vWIaVQuEAyeZN0Fncoq+weiJOj9Z70oZV6bkLmbsEAyZ/e2lzX1/MK8eRiLIv02l0NmjxkFbHfylKd1xVU86cEobg= X-OriginatorOrg: sct-15-20-4755-11-msonline-outlook-6b909.templateTenant X-MS-Exchange-CrossTenant-Network-Message-Id: 0ba7efec-bbbb-456b-100e-08dbdb59a94f X-MS-Exchange-CrossTenant-AuthSource: DB3PR10MB6835.EURPRD10.PROD.OUTLOOK.COM X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 02 Nov 2023 04:10:34.7547 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 84df9e7f-e9f6-40af-b435-aaaaaaaaaaaa X-MS-Exchange-CrossTenant-RMS-PersistedConsumerOrg: 00000000-0000-0000-0000-000000000000 X-MS-Exchange-Transport-CrossTenantHeadersStamped: GV1PR10MB5868 Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org In `aria_avx512_ctr_encrypt`, `struct skcipher_walk *walk` is not fully initialized before its use. Although the call to `skcipher_walk_virt()` and subsequent functions that this function calls seem to initialize some fields of this struct, there is a chance that `skcipher_walk_virt()` returns without fully clearing or properly initializing the `->flags` field which means that the following flags: `SKCIPHER_WALK_DIFF`, `SKCIPHER_WALK_COPY`, `SKCIPHER_WALK_SLOW` could be storing junk values by the time `skcipher_walk_done()` is called. This could lead to buggy or undefined behaviour since these flags are checked in `skcipher_walk_done()`: ```C int skcipher_walk_done(struct skcipher_walk *walk, int err) { ... if (likely(!(walk->flags & (SKCIPHER_WALK_PHYS | SKCIPHER_WALK_SLOW | SKCIPHER_WALK_COPY | SKCIPHER_WALK_DIFF)))) { ... } ``` To prevent this, this patch ensures that instances of `struct skcipher_walk` are correctly initialized prior to their use. Addresses-Coverity-IDs: 15916159 ("Unintialized scalar variable") Signed-off-by: Yuran Pereira --- arch/x86/crypto/aria_gfni_avx512_glue.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/arch/x86/crypto/aria_gfni_avx512_glue.c b/arch/x86/crypto/aria_gfni_avx512_glue.c index f4a2208d2638..cf689cc880df 100644 --- a/arch/x86/crypto/aria_gfni_avx512_glue.c +++ b/arch/x86/crypto/aria_gfni_avx512_glue.c @@ -12,6 +12,7 @@ #include #include #include +#include #include "ecb_cbc_helpers.h" #include "aria-avx.h" @@ -81,6 +82,7 @@ static int aria_avx512_ctr_encrypt(struct skcipher_request *req) unsigned int nbytes; int err; + memset(&walk, 0, sizeof(walk)); err = skcipher_walk_virt(&walk, req, false); while ((nbytes = walk.nbytes) > 0) {