802 lines
25 KiB
Diff
802 lines
25 KiB
Diff
From 633569b273d63244fccf1a1e65acc8c8252c2f48 Mon Sep 17 00:00:00 2001
|
|
From: Ondrej Mosnacek <omosnace@redhat.com>
|
|
Date: Mon, 23 Jul 2018 08:39:32 +0200
|
|
Subject: [PATCH 01/16] apps: Check return code of fstat()
|
|
|
|
Found by Coverity.
|
|
|
|
Signed-off-by: Stephan Mueller <smueller@chronox.de>
|
|
---
|
|
apps/app-internal.c | 7 ++++++-
|
|
1 file changed, 6 insertions(+), 1 deletion(-)
|
|
|
|
diff --git a/apps/app-internal.c b/apps/app-internal.c
|
|
index 25cef80..e80c304 100644
|
|
--- a/apps/app-internal.c
|
|
+++ b/apps/app-internal.c
|
|
@@ -255,7 +255,12 @@ int read_complete(int fd, uint8_t *buf, uint32_t buflen)
|
|
|
|
int check_filetype(int fd, struct stat *sb, const char *filename)
|
|
{
|
|
- fstat(fd, sb);
|
|
+ int ret = fstat(fd, sb);
|
|
+ if (ret) {
|
|
+ dolog(KCAPI_LOG_ERR,
|
|
+ "fstat() failed: %s", strerror(errno));
|
|
+ return -errno;
|
|
+ }
|
|
|
|
/* Do not return an error in case we cannot validate the data. */
|
|
if ((sb->st_mode & S_IFMT) != S_IFREG &&
|
|
|
|
From bb1685801cf3f2c94c4591808a1a8499147b0249 Mon Sep 17 00:00:00 2001
|
|
From: Ondrej Mosnacek <omosnace@redhat.com>
|
|
Date: Mon, 23 Jul 2018 08:45:48 +0200
|
|
Subject: [PATCH 02/16] kcapi-hasher: Fix strerror() call
|
|
|
|
strerror() expects a nonnegative error number. Here we can just pass
|
|
errno instead of decoding the error from the return value of read().
|
|
|
|
Found by Coverity.
|
|
|
|
Signed-off-by: Stephan Mueller <smueller@chronox.de>
|
|
---
|
|
apps/kcapi-hasher.c | 2 +-
|
|
1 file changed, 1 insertion(+), 1 deletion(-)
|
|
|
|
diff --git a/apps/kcapi-hasher.c b/apps/kcapi-hasher.c
|
|
index 2fc3ddc..5769502 100644
|
|
--- a/apps/kcapi-hasher.c
|
|
+++ b/apps/kcapi-hasher.c
|
|
@@ -227,7 +227,7 @@ static int load_file(const char *filename, uint8_t **memory, uint32_t *size)
|
|
while ((rdbytes = read(fd, buffer + offset, buffer_size - offset)) != 0) {
|
|
if (rdbytes < 0) {
|
|
fprintf(stderr, "Error reading file %s: %s\n", filename,
|
|
- strerror((int)rdbytes));
|
|
+ strerror(errno));
|
|
ret = -EIO;
|
|
goto out;
|
|
}
|
|
|
|
From fadc3f42bbd44bd78f78f58c935ae7126b6eb2ce Mon Sep 17 00:00:00 2001
|
|
From: Ondrej Mosnacek <omosnace@redhat.com>
|
|
Date: Mon, 23 Jul 2018 08:50:36 +0200
|
|
Subject: [PATCH 03/16] kcapi-hasher: Fix fd leak in load_file()
|
|
|
|
Found by Coverity.
|
|
|
|
Signed-off-by: Stephan Mueller <smueller@chronox.de>
|
|
---
|
|
apps/kcapi-hasher.c | 2 ++
|
|
1 file changed, 2 insertions(+)
|
|
|
|
diff --git a/apps/kcapi-hasher.c b/apps/kcapi-hasher.c
|
|
index 5769502..52fca78 100644
|
|
--- a/apps/kcapi-hasher.c
|
|
+++ b/apps/kcapi-hasher.c
|
|
@@ -258,6 +258,8 @@ static int load_file(const char *filename, uint8_t **memory, uint32_t *size)
|
|
|
|
*memory = buffer;
|
|
*size = (uint32_t)offset;
|
|
+
|
|
+ close(fd);
|
|
return 0;
|
|
|
|
out:
|
|
|
|
From 5ee2bc94de5e70703ed6ad288b3c664a1cff4fcf Mon Sep 17 00:00:00 2001
|
|
From: Ondrej Mosnacek <omosnace@redhat.com>
|
|
Date: Mon, 23 Jul 2018 08:53:13 +0200
|
|
Subject: [PATCH 04/16] kcapi-hasher: Fix buffer overrun in process_checkfile()
|
|
|
|
The 'buf[(bsd_style - 4)]' access on line 593 can overrun the buffer if
|
|
bsd_style is exactly 3, which can theoretically happen if the BSD-style
|
|
separator is found at the very beginning of the line. Fix this by
|
|
starting to search for the separator at index 1 (it can't really be at
|
|
index 0 anyway).
|
|
|
|
Found by Coverity.
|
|
|
|
Signed-off-by: Stephan Mueller <smueller@chronox.de>
|
|
---
|
|
apps/kcapi-hasher.c | 2 +-
|
|
1 file changed, 1 insertion(+), 1 deletion(-)
|
|
|
|
diff --git a/apps/kcapi-hasher.c b/apps/kcapi-hasher.c
|
|
index 52fca78..daab735 100644
|
|
--- a/apps/kcapi-hasher.c
|
|
+++ b/apps/kcapi-hasher.c
|
|
@@ -544,7 +544,7 @@ static int process_checkfile(const struct hash_params *params,
|
|
break;
|
|
}
|
|
|
|
- for (i = 0; i < linelen; i++) {
|
|
+ for (i = 1; i < linelen; i++) {
|
|
/*
|
|
* Check for BSD-style separator between file name and
|
|
* hash value.
|
|
|
|
From 1520fca1f9b2231bcb5101eab32e8e859b33a66c Mon Sep 17 00:00:00 2001
|
|
From: Ondrej Mosnacek <omosnace@redhat.com>
|
|
Date: Mon, 23 Jul 2018 09:05:45 +0200
|
|
Subject: [PATCH 05/16] docproc: Use correct sizeof() argument for clarity
|
|
|
|
Found by Coverity.
|
|
|
|
Signed-off-by: Stephan Mueller <smueller@chronox.de>
|
|
---
|
|
lib/doc/bin/docproc.c | 3 ++-
|
|
1 file changed, 2 insertions(+), 1 deletion(-)
|
|
|
|
diff --git a/lib/doc/bin/docproc.c b/lib/doc/bin/docproc.c
|
|
index 4e52c1b..2313592 100644
|
|
--- a/lib/doc/bin/docproc.c
|
|
+++ b/lib/doc/bin/docproc.c
|
|
@@ -154,7 +154,8 @@ int symfilecnt = 0;
|
|
static void add_new_symbol(struct symfile *sym, char * symname)
|
|
{
|
|
sym->symbollist =
|
|
- realloc(sym->symbollist, (sym->symbolcnt + 1) * sizeof(char *));
|
|
+ realloc(sym->symbollist,
|
|
+ (sym->symbolcnt + 1) * sizeof(struct symbols));
|
|
sym->symbollist[sym->symbolcnt++].name = strdup(symname);
|
|
}
|
|
|
|
|
|
From ed6c64434d42ba43efd839d4b0c693623442968f Mon Sep 17 00:00:00 2001
|
|
From: Ondrej Mosnacek <omosnace@redhat.com>
|
|
Date: Mon, 23 Jul 2018 09:09:44 +0200
|
|
Subject: [PATCH 06/16] docproc: Fail early on malloc/realloc failures
|
|
|
|
Found by Coverity.
|
|
|
|
Signed-off-by: Stephan Mueller <smueller@chronox.de>
|
|
---
|
|
lib/doc/bin/docproc.c | 16 ++++++++++++++++
|
|
1 file changed, 16 insertions(+)
|
|
|
|
diff --git a/lib/doc/bin/docproc.c b/lib/doc/bin/docproc.c
|
|
index 2313592..9a0a931 100644
|
|
--- a/lib/doc/bin/docproc.c
|
|
+++ b/lib/doc/bin/docproc.c
|
|
@@ -156,6 +156,10 @@ static void add_new_symbol(struct symfile *sym, char * symname)
|
|
sym->symbollist =
|
|
realloc(sym->symbollist,
|
|
(sym->symbolcnt + 1) * sizeof(struct symbols));
|
|
+ if (!sym->symbollist) {
|
|
+ perror("realloc");
|
|
+ exit(1);
|
|
+ }
|
|
sym->symbollist[sym->symbolcnt++].name = strdup(symname);
|
|
}
|
|
|
|
@@ -391,12 +395,20 @@ static void find_all_symbols(char *filename)
|
|
default:
|
|
close(pipefd[1]);
|
|
data = malloc(4096);
|
|
+ if (!data) {
|
|
+ perror("malloc");
|
|
+ exit(1);
|
|
+ }
|
|
do {
|
|
while ((ret = read(pipefd[0],
|
|
data + data_len,
|
|
4096)) > 0) {
|
|
data_len += ret;
|
|
data = realloc(data, data_len + 4096);
|
|
+ if (!data) {
|
|
+ perror("realloc");
|
|
+ exit(1);
|
|
+ }
|
|
}
|
|
} while (ret == -EAGAIN);
|
|
if (ret != 0) {
|
|
@@ -421,6 +433,10 @@ static void find_all_symbols(char *filename)
|
|
start = all_list_len;
|
|
all_list_len += count;
|
|
all_list = realloc(all_list, sizeof(char *) * all_list_len);
|
|
+ if (!all_list) {
|
|
+ perror("realloc");
|
|
+ exit(1);
|
|
+ }
|
|
str = data;
|
|
for (i = 0; i < (int)data_len && start != all_list_len; i++) {
|
|
if (data[i] == '\0') {
|
|
|
|
From 1beccc4fa0af3ce57e0ff21d42907e774c4eb8fe Mon Sep 17 00:00:00 2001
|
|
From: Ondrej Mosnacek <omosnace@redhat.com>
|
|
Date: Mon, 23 Jul 2018 09:15:36 +0200
|
|
Subject: [PATCH 07/16] cryptoperf: Fix check of return value of open()
|
|
|
|
Found by Coverity.
|
|
|
|
Signed-off-by: Stephan Mueller <smueller@chronox.de>
|
|
---
|
|
speed-test/cryptoperf-base.c | 2 +-
|
|
1 file changed, 1 insertion(+), 1 deletion(-)
|
|
|
|
diff --git a/speed-test/cryptoperf-base.c b/speed-test/cryptoperf-base.c
|
|
index 55cd7ea..b564e19 100644
|
|
--- a/speed-test/cryptoperf-base.c
|
|
+++ b/speed-test/cryptoperf-base.c
|
|
@@ -179,7 +179,7 @@ int cp_read_random(unsigned char *buf, size_t buflen)
|
|
size_t len = 0;
|
|
|
|
fd = open("/dev/urandom", O_RDONLY|O_CLOEXEC);
|
|
- if(0 >= fd)
|
|
+ if(0 > fd)
|
|
return fd;
|
|
do {
|
|
ret = read(fd, (buf + len), (buflen - len));
|
|
|
|
From d41a21125e72e9ad611451bb9753489a1f96af5e Mon Sep 17 00:00:00 2001
|
|
From: Ondrej Mosnacek <omosnace@redhat.com>
|
|
Date: Mon, 23 Jul 2018 09:30:01 +0200
|
|
Subject: [PATCH 08/16] cryptoperf: Fix buffer overrun in cp_print_status()
|
|
|
|
Found by Coverity.
|
|
|
|
Signed-off-by: Stephan Mueller <smueller@chronox.de>
|
|
---
|
|
speed-test/cryptoperf-base.c | 2 +-
|
|
1 file changed, 1 insertion(+), 1 deletion(-)
|
|
|
|
diff --git a/speed-test/cryptoperf-base.c b/speed-test/cryptoperf-base.c
|
|
index b564e19..c56c2ce 100644
|
|
--- a/speed-test/cryptoperf-base.c
|
|
+++ b/speed-test/cryptoperf-base.c
|
|
@@ -159,7 +159,7 @@ char *cp_print_status(struct cp_test *test, int raw)
|
|
|
|
memset(byteseconds, 0, sizeof(byteseconds));
|
|
cp_bytes2string((processed_bytes / totaltime), byteseconds,
|
|
- (VALLEN + 1));
|
|
+ VALLEN);
|
|
snprintf(str, 120, "%-24s|%s|%8lu bytes|%*s/s|%lu ops/s",
|
|
test->testname,
|
|
test->enc ? "e" : "d",
|
|
|
|
From 5d17c564f7edae17b355f8cec7fa4c9685b10422 Mon Sep 17 00:00:00 2001
|
|
From: Ondrej Mosnacek <omosnace@redhat.com>
|
|
Date: Mon, 23 Jul 2018 10:05:50 +0200
|
|
Subject: [PATCH 09/16] test/cryptoperf: Check the return value of sysconf()
|
|
|
|
Found by Coverity.
|
|
|
|
Signed-off-by: Stephan Mueller <smueller@chronox.de>
|
|
---
|
|
speed-test/cryptoperf-aead.c | 10 ++++++--
|
|
speed-test/cryptoperf-skcipher.c | 8 +++++-
|
|
test/kcapi-main.c | 53 +++++++++++++++++++---------------------
|
|
3 files changed, 40 insertions(+), 31 deletions(-)
|
|
|
|
diff --git a/speed-test/cryptoperf-aead.c b/speed-test/cryptoperf-aead.c
|
|
index b2c0010..5a0446a 100644
|
|
--- a/speed-test/cryptoperf-aead.c
|
|
+++ b/speed-test/cryptoperf-aead.c
|
|
@@ -36,6 +36,12 @@ static int cp_aead_init_test(struct cp_test *test, int enc, int ccm)
|
|
unsigned char ivrand[MAX_KEYLEN];
|
|
unsigned char *ivdata = NULL;
|
|
uint32_t ivlen = 0;
|
|
+ long pagesize = sysconf(_SC_PAGESIZE);
|
|
+
|
|
+ if (pagesize < 0) {
|
|
+ printf(DRIVER_NAME": unable to determine the page size\n");
|
|
+ return -errno;
|
|
+ }
|
|
|
|
dbg("Initializing AEAD test %s\n", test->testname);
|
|
if (!test->driver_name) {
|
|
@@ -97,14 +103,14 @@ static int cp_aead_init_test(struct cp_test *test, int enc, int ccm)
|
|
test->u.aead.assoclen, TAGLEN);
|
|
}
|
|
|
|
- if (posix_memalign((void *)&input, sysconf(_SC_PAGESIZE),
|
|
+ if (posix_memalign((void *)&input, pagesize,
|
|
test->u.aead.indatalen *
|
|
(params->aio ? params->aio : 1))) {
|
|
printf(DRIVER_NAME": could not allocate input buffer for "
|
|
"%s\n", test->driver_name);
|
|
goto out;
|
|
}
|
|
- if (posix_memalign((void *)&output, sysconf(_SC_PAGESIZE),
|
|
+ if (posix_memalign((void *)&output, pagesize,
|
|
test->u.aead.outdatalen *
|
|
(params->aio ? params->aio : 1))) {
|
|
printf(DRIVER_NAME": could not allocate output buffer for "
|
|
diff --git a/speed-test/cryptoperf-skcipher.c b/speed-test/cryptoperf-skcipher.c
|
|
index a2db369..fb7123b 100644
|
|
--- a/speed-test/cryptoperf-skcipher.c
|
|
+++ b/speed-test/cryptoperf-skcipher.c
|
|
@@ -34,6 +34,12 @@ static int cp_skcipher_init_test(struct cp_test *test)
|
|
unsigned char *ivdata = NULL;
|
|
unsigned int bs;
|
|
int err;
|
|
+ long pagesize = sysconf(_SC_PAGESIZE);
|
|
+
|
|
+ if (pagesize < 0) {
|
|
+ printf(DRIVER_NAME": unable to determine the page size\n");
|
|
+ return -errno;
|
|
+ }
|
|
|
|
dbg("Initializing symmetric test %s\n", test->testname);
|
|
if (!test->driver_name) {
|
|
@@ -75,7 +81,7 @@ static int cp_skcipher_init_test(struct cp_test *test)
|
|
cp_read_random(ivdata, kcapi_cipher_blocksize(test->u.skcipher.handle));
|
|
test->u.skcipher.iv = ivdata;
|
|
|
|
- err = posix_memalign((void *)&scratchpad, sysconf(_SC_PAGESIZE),
|
|
+ err = posix_memalign((void *)&scratchpad, pagesize,
|
|
kcapi_cipher_blocksize(test->u.skcipher.handle) * params->len *
|
|
(params->aio ? params->aio : 1));
|
|
if (err) {
|
|
diff --git a/test/kcapi-main.c b/test/kcapi-main.c
|
|
index c167b7f..b0ec2ca 100644
|
|
--- a/test/kcapi-main.c
|
|
+++ b/test/kcapi-main.c
|
|
@@ -86,6 +86,8 @@ struct kcapi_cavs {
|
|
uint32_t outlen;
|
|
};
|
|
|
|
+static long pagesize;
|
|
+
|
|
static char hex_char_map_l[] = { '0', '1', '2', '3', '4', '5', '6', '7',
|
|
'8', '9', 'a', 'b', 'c', 'd', 'e', 'f' };
|
|
static char hex_char_map_u[] = { '0', '1', '2', '3', '4', '5', '6', '7',
|
|
@@ -808,8 +810,7 @@ static int cavs_sym(struct kcapi_cavs *cavs_test, uint32_t loops,
|
|
outbuflen = cavs_test->ctlen;
|
|
}
|
|
if (cavs_test->aligned) {
|
|
- if (posix_memalign((void *)&outbuf, sysconf(_SC_PAGESIZE),
|
|
- outbuflen))
|
|
+ if (posix_memalign((void *)&outbuf, pagesize, outbuflen))
|
|
goto out;
|
|
memset(outbuf, 0, outbuflen);
|
|
} else {
|
|
@@ -918,12 +919,10 @@ static int cavs_sym_stream(struct kcapi_cavs *cavs_test, uint32_t loops,
|
|
outbuflen = cavs_test->ctlen;
|
|
}
|
|
if (cavs_test->aligned) {
|
|
- if (posix_memalign((void *)&outbuf, sysconf(_SC_PAGESIZE),
|
|
- outbuflen))
|
|
+ if (posix_memalign((void *)&outbuf, pagesize, outbuflen))
|
|
goto out;
|
|
memset(outbuf, 0, outbuflen);
|
|
- if (posix_memalign((void *)&outbuf2, sysconf(_SC_PAGESIZE),
|
|
- outbuflen))
|
|
+ if (posix_memalign((void *)&outbuf2, pagesize, outbuflen))
|
|
goto out;
|
|
memset(outbuf2, 0, outbuflen);
|
|
} else {
|
|
@@ -1072,7 +1071,7 @@ static int cavs_sym_aio(struct kcapi_cavs *cavs_test, uint32_t loops,
|
|
return -ENOMEM;
|
|
|
|
if (cavs_test->aligned) {
|
|
- if (posix_memalign((void *)&outbuf, sysconf(_SC_PAGESIZE), outbuflen))
|
|
+ if (posix_memalign((void *)&outbuf, pagesize, outbuflen))
|
|
goto out;
|
|
memset(outbuf, 0, outbuflen);
|
|
} else {
|
|
@@ -1241,7 +1240,7 @@ static int cavs_aead(struct kcapi_cavs *cavs_test, uint32_t loops,
|
|
fullbuflen = (inbuflen > outbuflen) ? inbuflen : outbuflen;
|
|
|
|
if (cavs_test->aligned) {
|
|
- if (posix_memalign((void *)&inbuf, sysconf(_SC_PAGESIZE), fullbuflen))
|
|
+ if (posix_memalign((void *)&inbuf, pagesize, fullbuflen))
|
|
goto out;
|
|
memset(inbuf, 0, fullbuflen);
|
|
} else {
|
|
@@ -1425,8 +1424,7 @@ static int cavs_aead_aio(struct kcapi_cavs *cavs_test, uint32_t loops,
|
|
maxbuflen = (inbuflen > outbuflen) ? inbuflen : outbuflen;
|
|
|
|
if (cavs_test->aligned) {
|
|
- if (posix_memalign((void *)&inbuf, sysconf(_SC_PAGESIZE),
|
|
- loops * maxbuflen))
|
|
+ if (posix_memalign((void *)&inbuf, pagesize, loops * maxbuflen))
|
|
goto out;
|
|
memset(inbuf, 0, loops * maxbuflen);
|
|
} else {
|
|
@@ -1596,7 +1594,7 @@ static int cavs_aead_stream(struct kcapi_cavs *cavs_test, uint32_t loops,
|
|
|
|
maxbuflen = (inbuflen > outbuflen) ? inbuflen : outbuflen;
|
|
if (cavs_test->aligned) {
|
|
- if (posix_memalign((void *)&outbuf, sysconf(_SC_PAGESIZE), maxbuflen))
|
|
+ if (posix_memalign((void *)&outbuf, pagesize, maxbuflen))
|
|
goto out;
|
|
memset(outbuf, 0, maxbuflen);
|
|
} else {
|
|
@@ -1830,9 +1828,9 @@ static int cavs_aead_large(int stream, uint32_t loops, int splice)
|
|
test.keylen = len / 2;
|
|
|
|
len = strlen(aad);
|
|
- if (posix_memalign((void *)&test.assoc, sysconf(_SC_PAGESIZE), (16 * sysconf(_SC_PAGESIZE))))
|
|
+ if (posix_memalign((void *)&test.assoc, pagesize, (16 * pagesize)))
|
|
goto out;
|
|
- hex2bin(aad, len, test.assoc, (sysconf(_SC_PAGESIZE) * 16));
|
|
+ hex2bin(aad, len, test.assoc, (pagesize * 16));
|
|
test.assoclen = len / 2;
|
|
|
|
test.taglen = 16;
|
|
@@ -2052,8 +2050,7 @@ static int cavs_asym(struct kcapi_cavs *cavs_test, uint32_t loops,
|
|
}
|
|
|
|
if (cavs_test->aligned) {
|
|
- if (posix_memalign((void *)&outbuf, sysconf(_SC_PAGESIZE),
|
|
- maxsize))
|
|
+ if (posix_memalign((void *)&outbuf, pagesize, maxsize))
|
|
goto out;
|
|
memset(outbuf, 0, maxsize);
|
|
} else {
|
|
@@ -2164,11 +2161,10 @@ static int cavs_asym_aio(struct kcapi_cavs *cavs_test, uint32_t loops,
|
|
}
|
|
|
|
if (cavs_test->aligned) {
|
|
- if (posix_memalign((void *)&outbuf, sysconf(_SC_PAGESIZE),
|
|
- maxsize * loops))
|
|
+ if (posix_memalign((void *)&outbuf, pagesize, maxsize * loops))
|
|
goto out;
|
|
memset(outbuf, 0, maxsize * loops);
|
|
- if (posix_memalign((void *)&inbuf, sysconf(_SC_PAGESIZE),
|
|
+ if (posix_memalign((void *)&inbuf, pagesize,
|
|
cavs_test->ptlen * loops))
|
|
goto out;
|
|
memset(outbuf, 0, cavs_test->ptlen * loops);
|
|
@@ -2294,10 +2290,10 @@ static int cavs_asym_stream(struct kcapi_cavs *cavs_test, uint32_t loops,
|
|
}
|
|
|
|
if (cavs_test->aligned) {
|
|
- if (posix_memalign((void *)&outbuf, sysconf(_SC_PAGESIZE), maxsize * NUMIOVECS))
|
|
+ if (posix_memalign((void *)&outbuf, pagesize, maxsize * NUMIOVECS))
|
|
goto out;
|
|
memset(outbuf, 0, maxsize);
|
|
- if (posix_memalign((void *)&inbuf, sysconf(_SC_PAGESIZE), inbuflen))
|
|
+ if (posix_memalign((void *)&inbuf, pagesize, inbuflen))
|
|
goto out;
|
|
memset(inbuf, 0, inbuflen);
|
|
} else {
|
|
@@ -2489,8 +2485,7 @@ static int cavs_kdf_common(struct kcapi_cavs *cavs_test, uint32_t loops)
|
|
uint32_t i = 0;
|
|
|
|
if (cavs_test->aligned) {
|
|
- if (posix_memalign((void *)&outbuf, sysconf(_SC_PAGESIZE),
|
|
- cavs_test->outlen))
|
|
+ if (posix_memalign((void *)&outbuf, pagesize, cavs_test->outlen))
|
|
return -ENOMEM;
|
|
memset(outbuf, 0, cavs_test->outlen);
|
|
} else {
|
|
@@ -2571,8 +2566,7 @@ static int cavs_hkdf(struct kcapi_cavs *cavs_test, uint32_t loops)
|
|
}
|
|
|
|
if (cavs_test->aligned) {
|
|
- if (posix_memalign((void *)&outbuf, sysconf(_SC_PAGESIZE),
|
|
- cavs_test->outlen))
|
|
+ if (posix_memalign((void *)&outbuf, pagesize, cavs_test->outlen))
|
|
return -ENOMEM;
|
|
memset(outbuf, 0, cavs_test->outlen);
|
|
} else {
|
|
@@ -2671,8 +2665,7 @@ static int cavs_pbkdf(struct kcapi_cavs *cavs_test, uint32_t loops)
|
|
}
|
|
|
|
if (cavs_test->aligned) {
|
|
- if (posix_memalign((void *)&outbuf, sysconf(_SC_PAGESIZE),
|
|
- cavs_test->outlen))
|
|
+ if (posix_memalign((void *)&outbuf, pagesize, cavs_test->outlen))
|
|
return -ENOMEM;
|
|
memset(outbuf, 0, cavs_test->outlen);
|
|
} else {
|
|
@@ -2928,7 +2921,7 @@ static int kpp(struct kcapi_cavs *cavs_test, uint32_t loops, int splice)
|
|
|
|
outbuflen = ret;
|
|
if (cavs_test->aligned) {
|
|
- if (posix_memalign((void *)&outbuf, sysconf(_SC_PAGESIZE), ret))
|
|
+ if (posix_memalign((void *)&outbuf, pagesize, ret))
|
|
return -ENOMEM;
|
|
memset(outbuf, 0, ret);
|
|
} else {
|
|
@@ -3001,7 +2994,7 @@ static int kpp_aio(struct kcapi_cavs *cavs_test, uint32_t loops, int splice)
|
|
|
|
outbuflen = ret;
|
|
if (cavs_test->aligned) {
|
|
- if (posix_memalign((void *)&outbuf, sysconf(_SC_PAGESIZE), ret))
|
|
+ if (posix_memalign((void *)&outbuf, pagesize, ret))
|
|
return -ENOMEM;
|
|
memset(outbuf, 0, ret);
|
|
} else {
|
|
@@ -3072,6 +3065,10 @@ int main(int argc, char *argv[])
|
|
int splice = KCAPI_ACCESS_SENDMSG;
|
|
struct kcapi_cavs cavs_test;
|
|
|
|
+ pagesize = sysconf(_SC_PAGESIZE);
|
|
+ if (pagesize < 0)
|
|
+ return 1;
|
|
+
|
|
memset(&cavs_test, 0, sizeof(struct kcapi_cavs));
|
|
kcapi_set_verbosity(KCAPI_LOG_WARN);
|
|
|
|
|
|
From 4c904fbf621b0fb01d79c1b01d28c296f36e6d8a Mon Sep 17 00:00:00 2001
|
|
From: Ondrej Mosnacek <omosnace@redhat.com>
|
|
Date: Wed, 25 Jul 2018 11:10:01 +0200
|
|
Subject: [PATCH 10/16] docproc: Fix memory leak
|
|
|
|
Found by Coverity.
|
|
|
|
Signed-off-by: Stephan Mueller <smueller@chronox.de>
|
|
---
|
|
lib/doc/bin/docproc.c | 1 +
|
|
1 file changed, 1 insertion(+)
|
|
|
|
diff --git a/lib/doc/bin/docproc.c b/lib/doc/bin/docproc.c
|
|
index 9a0a931..ad8d3a0 100644
|
|
--- a/lib/doc/bin/docproc.c
|
|
+++ b/lib/doc/bin/docproc.c
|
|
@@ -445,6 +445,7 @@ static void find_all_symbols(char *filename)
|
|
start++;
|
|
}
|
|
}
|
|
+ free(data);
|
|
}
|
|
|
|
/*
|
|
|
|
From 6092ff27886b7d40ea056f6c02a9c3fd5803df0d Mon Sep 17 00:00:00 2001
|
|
From: Ondrej Mosnacek <omosnace@redhat.com>
|
|
Date: Wed, 25 Jul 2018 11:10:35 +0200
|
|
Subject: [PATCH 11/16] kcapi-aead: Remove an unreachable statement
|
|
|
|
Found by Coverity.
|
|
|
|
Signed-off-by: Stephan Mueller <smueller@chronox.de>
|
|
---
|
|
lib/kcapi-aead.c | 2 --
|
|
1 file changed, 2 deletions(-)
|
|
|
|
diff --git a/lib/kcapi-aead.c b/lib/kcapi-aead.c
|
|
index 7f8348f..d32c1e4 100644
|
|
--- a/lib/kcapi-aead.c
|
|
+++ b/lib/kcapi-aead.c
|
|
@@ -249,8 +249,6 @@ int32_t kcapi_aead_encrypt_aio(struct kcapi_handle *handle, struct iovec *iniov,
|
|
|
|
return _kcapi_aead_encrypt_aio_fallback(handle, iniov, outiov, iovlen,
|
|
iv);
|
|
-
|
|
- return ret;
|
|
}
|
|
|
|
DSO_PUBLIC
|
|
|
|
From 41a64a4363da4cce0f8de654f7dceef5c3fd6285 Mon Sep 17 00:00:00 2001
|
|
From: Ondrej Mosnacek <omosnace@redhat.com>
|
|
Date: Wed, 25 Jul 2018 12:23:18 +0200
|
|
Subject: [PATCH 12/16] kcapi-kdf: Fix buffer overruns in error paths
|
|
|
|
Found by Coverity.
|
|
|
|
Signed-off-by: Stephan Mueller <smueller@chronox.de>
|
|
---
|
|
lib/kcapi-kdf.c | 2 ++
|
|
1 file changed, 2 insertions(+)
|
|
|
|
diff --git a/lib/kcapi-kdf.c b/lib/kcapi-kdf.c
|
|
index bf150c1..78a7e0d 100644
|
|
--- a/lib/kcapi-kdf.c
|
|
+++ b/lib/kcapi-kdf.c
|
|
@@ -336,6 +336,7 @@ int32_t kcapi_hkdf(const char *hashname,
|
|
if (h > HKDF_MAXHASH) {
|
|
kcapi_dolog(KCAPI_LOG_ERR,
|
|
"Null salt size too small for hash\n");
|
|
+ h = HKDF_MAXHASH;
|
|
err = -EFAULT;
|
|
goto err;
|
|
}
|
|
@@ -570,6 +571,7 @@ int32_t kcapi_pbkdf(const char *hashname,
|
|
kcapi_dolog(KCAPI_LOG_ERR,
|
|
"Programming error in file %s at line %u\n",
|
|
__FILE__, __LINE__);
|
|
+ h = MAX_DIGESTSIZE;
|
|
err = -EFAULT;
|
|
goto err;
|
|
}
|
|
|
|
From 33c3b71ba5577c0b2bcdf8eb880642e0ab461079 Mon Sep 17 00:00:00 2001
|
|
From: Ondrej Mosnacek <omosnace@redhat.com>
|
|
Date: Wed, 25 Jul 2018 12:26:55 +0200
|
|
Subject: [PATCH 13/16] kcapi-kernel-if: Simplify iovec validity check
|
|
|
|
Current check is awkward, just checking iov for NULL seems to make CLang
|
|
happy.
|
|
|
|
Found by Coverity.
|
|
|
|
Signed-off-by: Stephan Mueller <smueller@chronox.de>
|
|
---
|
|
lib/kcapi-kernel-if.c | 8 ++++----
|
|
1 file changed, 4 insertions(+), 4 deletions(-)
|
|
|
|
diff --git a/lib/kcapi-kernel-if.c b/lib/kcapi-kernel-if.c
|
|
index 807cbfe..595ce68 100644
|
|
--- a/lib/kcapi-kernel-if.c
|
|
+++ b/lib/kcapi-kernel-if.c
|
|
@@ -257,11 +257,11 @@ int32_t _kcapi_common_vmsplice_iov(struct kcapi_handle *handle,
|
|
uint32_t inlen = 0;
|
|
unsigned long i;
|
|
|
|
- for (i = 0; i < iovlen; i++) {
|
|
- if (!(iov + i))
|
|
- return -EINVAL;
|
|
+ if (iovlen && !iov)
|
|
+ return -EINVAL;
|
|
+
|
|
+ for (i = 0; i < iovlen; i++)
|
|
inlen += iov[i].iov_len;
|
|
- }
|
|
|
|
/* kernel processes input data with max size of one page */
|
|
handle->processed_sg += ((inlen + sysconf(_SC_PAGESIZE) - 1) /
|
|
|
|
From c1f82d3b78031037f7098bd26b5da00eceecc00a Mon Sep 17 00:00:00 2001
|
|
From: Ondrej Mosnacek <omosnace@redhat.com>
|
|
Date: Wed, 25 Jul 2018 12:37:15 +0200
|
|
Subject: [PATCH 14/16] test: Allocate name even if size is zero
|
|
|
|
We still need one byte for the terminating null character.
|
|
|
|
Found by Coverity.
|
|
|
|
Signed-off-by: Stephan Mueller <smueller@chronox.de>
|
|
---
|
|
test/kcapi-main.c | 10 ++++------
|
|
1 file changed, 4 insertions(+), 6 deletions(-)
|
|
|
|
diff --git a/test/kcapi-main.c b/test/kcapi-main.c
|
|
index b0ec2ca..d20e74c 100644
|
|
--- a/test/kcapi-main.c
|
|
+++ b/test/kcapi-main.c
|
|
@@ -275,13 +275,11 @@ static int fuzz_init_test(unsigned int size)
|
|
|
|
kcapi_set_verbosity(KCAPI_LOG_NONE);
|
|
|
|
- if (size) {
|
|
- name = calloc(1, size + 1);
|
|
+ name = calloc(1, size + 1);
|
|
|
|
- if (!name) {
|
|
- printf("Allocation of %u bytes failed", size);
|
|
- return 1;
|
|
- }
|
|
+ if (!name) {
|
|
+ printf("Allocation of %u bytes failed", size);
|
|
+ return 1;
|
|
}
|
|
|
|
if (get_random(name, size, 0)) {
|
|
|
|
From 698fcb68572b5d315b27294bd3e9ee2c058920f6 Mon Sep 17 00:00:00 2001
|
|
From: Ondrej Mosnacek <omosnace@redhat.com>
|
|
Date: Wed, 25 Jul 2018 12:41:37 +0200
|
|
Subject: [PATCH 15/16] test: Fix resource leak and error handling
|
|
|
|
The fuzz_cipher() and fuzz_aead() functions did not always return error
|
|
when it should and it did not always release the cipher handle on
|
|
return. This patch fixes both issues.
|
|
|
|
Found by Coverity.
|
|
|
|
Signed-off-by: Stephan Mueller <smueller@chronox.de>
|
|
---
|
|
test/kcapi-main.c | 16 ++++++++--------
|
|
1 file changed, 8 insertions(+), 8 deletions(-)
|
|
|
|
diff --git a/test/kcapi-main.c b/test/kcapi-main.c
|
|
index d20e74c..b3f6ae9 100644
|
|
--- a/test/kcapi-main.c
|
|
+++ b/test/kcapi-main.c
|
|
@@ -352,11 +352,11 @@ static int fuzz_cipher(struct kcapi_cavs *cavs_test, unsigned long flags,
|
|
uint8_t indata[4096];
|
|
uint8_t outdata[4096];
|
|
unsigned int i;
|
|
- int ret = 0;
|
|
+ int ret = 1;
|
|
|
|
if (kcapi_cipher_init(&handle, cavs_test->cipher, 0)) {
|
|
printf("Allocation of %s cipher failed\n", cavs_test->cipher);
|
|
- return -EFAULT;
|
|
+ return 1;
|
|
}
|
|
|
|
/* Set key */
|
|
@@ -366,7 +366,7 @@ static int fuzz_cipher(struct kcapi_cavs *cavs_test, unsigned long flags,
|
|
for (i = 0; i < sizeof(key); i++) {
|
|
if (get_random(key, i, 0)) {
|
|
printf("get_random call failed\n");
|
|
- return 1;
|
|
+ goto out;
|
|
}
|
|
kcapi_cipher_setkey(handle, key, i);
|
|
}
|
|
@@ -388,7 +388,7 @@ static int fuzz_cipher(struct kcapi_cavs *cavs_test, unsigned long flags,
|
|
|
|
if (get_random(indata, i, 0)) {
|
|
printf("get_random call failed\n");
|
|
- return 1;
|
|
+ goto out;
|
|
}
|
|
|
|
if (flags & FUZZ_LESSOUT)
|
|
@@ -429,11 +429,11 @@ static int fuzz_aead(struct kcapi_cavs *cavs_test, unsigned long flags,
|
|
uint8_t indata[4096];
|
|
uint8_t outdata[4096];
|
|
unsigned int i;
|
|
- int ret = 0;
|
|
+ int ret = 1;
|
|
|
|
if (kcapi_aead_init(&handle, cavs_test->cipher, 0)) {
|
|
printf("Allocation of %s cipher failed\n", cavs_test->cipher);
|
|
- return -EFAULT;
|
|
+ return 1;
|
|
}
|
|
|
|
/* Set key */
|
|
@@ -443,7 +443,7 @@ static int fuzz_aead(struct kcapi_cavs *cavs_test, unsigned long flags,
|
|
for (i = 0; i < sizeof(key); i++) {
|
|
if (get_random(key, i, 0)) {
|
|
printf("get_random call failed\n");
|
|
- return 1;
|
|
+ goto out;
|
|
}
|
|
kcapi_aead_setkey(handle, key, i);
|
|
}
|
|
@@ -479,7 +479,7 @@ static int fuzz_aead(struct kcapi_cavs *cavs_test, unsigned long flags,
|
|
|
|
if (get_random(indata, i, 0)) {
|
|
printf("get_random call failed\n");
|
|
- return 1;
|
|
+ goto out;
|
|
}
|
|
|
|
if (flags & FUZZ_LESSOUT)
|
|
|
|
From ec9c36216623b94684c9e5ca8be26455b490bdef Mon Sep 17 00:00:00 2001
|
|
From: Ondrej Mosnacek <omosnace@redhat.com>
|
|
Date: Wed, 25 Jul 2018 16:52:13 +0200
|
|
Subject: [PATCH 16/16] test: Clean up after NULL string fix
|
|
|
|
Signed-off-by: Stephan Mueller <smueller@chronox.de>
|
|
---
|
|
test/kcapi-main.c | 10 ++++------
|
|
1 file changed, 4 insertions(+), 6 deletions(-)
|
|
|
|
diff --git a/test/kcapi-main.c b/test/kcapi-main.c
|
|
index b3f6ae9..3cba467 100644
|
|
--- a/test/kcapi-main.c
|
|
+++ b/test/kcapi-main.c
|
|
@@ -271,14 +271,12 @@ static int fuzz_init_test(unsigned int size)
|
|
{
|
|
struct kcapi_handle *handle;
|
|
int ret = 0;
|
|
- uint8_t *name = NULL;
|
|
+ uint8_t *name = calloc(1, size + 1);
|
|
|
|
kcapi_set_verbosity(KCAPI_LOG_NONE);
|
|
|
|
- name = calloc(1, size + 1);
|
|
-
|
|
if (!name) {
|
|
- printf("Allocation of %u bytes failed", size);
|
|
+ printf("Allocation of %u bytes failed", size + 1);
|
|
return 1;
|
|
}
|
|
|
|
@@ -317,10 +315,10 @@ static int fuzz_init_test(unsigned int size)
|
|
|
|
fail:
|
|
fprintf(stdout, "allocation success of nonsense string ");
|
|
- if (name)
|
|
+ if (size)
|
|
bin2print(name, size);
|
|
else
|
|
- fprintf(stdout, "NULL\n");
|
|
+ fprintf(stdout, "EMPTY\n");
|
|
free(name);
|
|
return 1;
|
|
}
|