e55cfcddec
This commit updates the last PR patch (one of the commits was not accepted upstream) and adds new fixes that have been added in the meantime (including an alternative version of the patch that had been dropped).
802 lines
25 KiB
Diff
802 lines
25 KiB
Diff
From 633569b273d63244fccf1a1e65acc8c8252c2f48 Mon Sep 17 00:00:00 2001
|
|
From: Ondrej Mosnacek <omosnace@redhat.com>
|
|
Date: Mon, 23 Jul 2018 08:39:32 +0200
|
|
Subject: [PATCH 01/16] apps: Check return code of fstat()
|
|
|
|
Found by Coverity.
|
|
|
|
Signed-off-by: Stephan Mueller <smueller@chronox.de>
|
|
---
|
|
apps/app-internal.c | 7 ++++++-
|
|
1 file changed, 6 insertions(+), 1 deletion(-)
|
|
|
|
diff --git a/apps/app-internal.c b/apps/app-internal.c
|
|
index 25cef80..e80c304 100644
|
|
--- a/apps/app-internal.c
|
|
+++ b/apps/app-internal.c
|
|
@@ -255,7 +255,12 @@ int read_complete(int fd, uint8_t *buf, uint32_t buflen)
|
|
|
|
int check_filetype(int fd, struct stat *sb, const char *filename)
|
|
{
|
|
- fstat(fd, sb);
|
|
+ int ret = fstat(fd, sb);
|
|
+ if (ret) {
|
|
+ dolog(KCAPI_LOG_ERR,
|
|
+ "fstat() failed: %s", strerror(errno));
|
|
+ return -errno;
|
|
+ }
|
|
|
|
/* Do not return an error in case we cannot validate the data. */
|
|
if ((sb->st_mode & S_IFMT) != S_IFREG &&
|
|
|
|
From bb1685801cf3f2c94c4591808a1a8499147b0249 Mon Sep 17 00:00:00 2001
|
|
From: Ondrej Mosnacek <omosnace@redhat.com>
|
|
Date: Mon, 23 Jul 2018 08:45:48 +0200
|
|
Subject: [PATCH 02/16] kcapi-hasher: Fix strerror() call
|
|
|
|
strerror() expects a nonnegative error number. Here we can just pass
|
|
errno instead of decoding the error from the return value of read().
|
|
|
|
Found by Coverity.
|
|
|
|
Signed-off-by: Stephan Mueller <smueller@chronox.de>
|
|
---
|
|
apps/kcapi-hasher.c | 2 +-
|
|
1 file changed, 1 insertion(+), 1 deletion(-)
|
|
|
|
diff --git a/apps/kcapi-hasher.c b/apps/kcapi-hasher.c
|
|
index 2fc3ddc..5769502 100644
|
|
--- a/apps/kcapi-hasher.c
|
|
+++ b/apps/kcapi-hasher.c
|
|
@@ -227,7 +227,7 @@ static int load_file(const char *filename, uint8_t **memory, uint32_t *size)
|
|
while ((rdbytes = read(fd, buffer + offset, buffer_size - offset)) != 0) {
|
|
if (rdbytes < 0) {
|
|
fprintf(stderr, "Error reading file %s: %s\n", filename,
|
|
- strerror((int)rdbytes));
|
|
+ strerror(errno));
|
|
ret = -EIO;
|
|
goto out;
|
|
}
|
|
|
|
From fadc3f42bbd44bd78f78f58c935ae7126b6eb2ce Mon Sep 17 00:00:00 2001
|
|
From: Ondrej Mosnacek <omosnace@redhat.com>
|
|
Date: Mon, 23 Jul 2018 08:50:36 +0200
|
|
Subject: [PATCH 03/16] kcapi-hasher: Fix fd leak in load_file()
|
|
|
|
Found by Coverity.
|
|
|
|
Signed-off-by: Stephan Mueller <smueller@chronox.de>
|
|
---
|
|
apps/kcapi-hasher.c | 2 ++
|
|
1 file changed, 2 insertions(+)
|
|
|
|
diff --git a/apps/kcapi-hasher.c b/apps/kcapi-hasher.c
|
|
index 5769502..52fca78 100644
|
|
--- a/apps/kcapi-hasher.c
|
|
+++ b/apps/kcapi-hasher.c
|
|
@@ -258,6 +258,8 @@ static int load_file(const char *filename, uint8_t **memory, uint32_t *size)
|
|
|
|
*memory = buffer;
|
|
*size = (uint32_t)offset;
|
|
+
|
|
+ close(fd);
|
|
return 0;
|
|
|
|
out:
|
|
|
|
From 5ee2bc94de5e70703ed6ad288b3c664a1cff4fcf Mon Sep 17 00:00:00 2001
|
|
From: Ondrej Mosnacek <omosnace@redhat.com>
|
|
Date: Mon, 23 Jul 2018 08:53:13 +0200
|
|
Subject: [PATCH 04/16] kcapi-hasher: Fix buffer overrun in process_checkfile()
|
|
|
|
The 'buf[(bsd_style - 4)]' access on line 593 can overrun the buffer if
|
|
bsd_style is exactly 3, which can theoretically happen if the BSD-style
|
|
separator is found at the very beginning of the line. Fix this by
|
|
starting to search for the separator at index 1 (it can't really be at
|
|
index 0 anyway).
|
|
|
|
Found by Coverity.
|
|
|
|
Signed-off-by: Stephan Mueller <smueller@chronox.de>
|
|
---
|
|
apps/kcapi-hasher.c | 2 +-
|
|
1 file changed, 1 insertion(+), 1 deletion(-)
|
|
|
|
diff --git a/apps/kcapi-hasher.c b/apps/kcapi-hasher.c
|
|
index 52fca78..daab735 100644
|
|
--- a/apps/kcapi-hasher.c
|
|
+++ b/apps/kcapi-hasher.c
|
|
@@ -544,7 +544,7 @@ static int process_checkfile(const struct hash_params *params,
|
|
break;
|
|
}
|
|
|
|
- for (i = 0; i < linelen; i++) {
|
|
+ for (i = 1; i < linelen; i++) {
|
|
/*
|
|
* Check for BSD-style separator between file name and
|
|
* hash value.
|
|
|
|
From 1520fca1f9b2231bcb5101eab32e8e859b33a66c Mon Sep 17 00:00:00 2001
|
|
From: Ondrej Mosnacek <omosnace@redhat.com>
|
|
Date: Mon, 23 Jul 2018 09:05:45 +0200
|
|
Subject: [PATCH 05/16] docproc: Use correct sizeof() argument for clarity
|
|
|
|
Found by Coverity.
|
|
|
|
Signed-off-by: Stephan Mueller <smueller@chronox.de>
|
|
---
|
|
lib/doc/bin/docproc.c | 3 ++-
|
|
1 file changed, 2 insertions(+), 1 deletion(-)
|
|
|
|
diff --git a/lib/doc/bin/docproc.c b/lib/doc/bin/docproc.c
|
|
index 4e52c1b..2313592 100644
|
|
--- a/lib/doc/bin/docproc.c
|
|
+++ b/lib/doc/bin/docproc.c
|
|
@@ -154,7 +154,8 @@ int symfilecnt = 0;
|
|
static void add_new_symbol(struct symfile *sym, char * symname)
|
|
{
|
|
sym->symbollist =
|
|
- realloc(sym->symbollist, (sym->symbolcnt + 1) * sizeof(char *));
|
|
+ realloc(sym->symbollist,
|
|
+ (sym->symbolcnt + 1) * sizeof(struct symbols));
|
|
sym->symbollist[sym->symbolcnt++].name = strdup(symname);
|
|
}
|
|
|
|
|
|
From ed6c64434d42ba43efd839d4b0c693623442968f Mon Sep 17 00:00:00 2001
|
|
From: Ondrej Mosnacek <omosnace@redhat.com>
|
|
Date: Mon, 23 Jul 2018 09:09:44 +0200
|
|
Subject: [PATCH 06/16] docproc: Fail early on malloc/realloc failures
|
|
|
|
Found by Coverity.
|
|
|
|
Signed-off-by: Stephan Mueller <smueller@chronox.de>
|
|
---
|
|
lib/doc/bin/docproc.c | 16 ++++++++++++++++
|
|
1 file changed, 16 insertions(+)
|
|
|
|
diff --git a/lib/doc/bin/docproc.c b/lib/doc/bin/docproc.c
|
|
index 2313592..9a0a931 100644
|
|
--- a/lib/doc/bin/docproc.c
|
|
+++ b/lib/doc/bin/docproc.c
|
|
@@ -156,6 +156,10 @@ static void add_new_symbol(struct symfile *sym, char * symname)
|
|
sym->symbollist =
|
|
realloc(sym->symbollist,
|
|
(sym->symbolcnt + 1) * sizeof(struct symbols));
|
|
+ if (!sym->symbollist) {
|
|
+ perror("realloc");
|
|
+ exit(1);
|
|
+ }
|
|
sym->symbollist[sym->symbolcnt++].name = strdup(symname);
|
|
}
|
|
|
|
@@ -391,12 +395,20 @@ static void find_all_symbols(char *filename)
|
|
default:
|
|
close(pipefd[1]);
|
|
data = malloc(4096);
|
|
+ if (!data) {
|
|
+ perror("malloc");
|
|
+ exit(1);
|
|
+ }
|
|
do {
|
|
while ((ret = read(pipefd[0],
|
|
data + data_len,
|
|
4096)) > 0) {
|
|
data_len += ret;
|
|
data = realloc(data, data_len + 4096);
|
|
+ if (!data) {
|
|
+ perror("realloc");
|
|
+ exit(1);
|
|
+ }
|
|
}
|
|
} while (ret == -EAGAIN);
|
|
if (ret != 0) {
|
|
@@ -421,6 +433,10 @@ static void find_all_symbols(char *filename)
|
|
start = all_list_len;
|
|
all_list_len += count;
|
|
all_list = realloc(all_list, sizeof(char *) * all_list_len);
|
|
+ if (!all_list) {
|
|
+ perror("realloc");
|
|
+ exit(1);
|
|
+ }
|
|
str = data;
|
|
for (i = 0; i < (int)data_len && start != all_list_len; i++) {
|
|
if (data[i] == '\0') {
|
|
|
|
From 1beccc4fa0af3ce57e0ff21d42907e774c4eb8fe Mon Sep 17 00:00:00 2001
|
|
From: Ondrej Mosnacek <omosnace@redhat.com>
|
|
Date: Mon, 23 Jul 2018 09:15:36 +0200
|
|
Subject: [PATCH 07/16] cryptoperf: Fix check of return value of open()
|
|
|
|
Found by Coverity.
|
|
|
|
Signed-off-by: Stephan Mueller <smueller@chronox.de>
|
|
---
|
|
speed-test/cryptoperf-base.c | 2 +-
|
|
1 file changed, 1 insertion(+), 1 deletion(-)
|
|
|
|
diff --git a/speed-test/cryptoperf-base.c b/speed-test/cryptoperf-base.c
|
|
index 55cd7ea..b564e19 100644
|
|
--- a/speed-test/cryptoperf-base.c
|
|
+++ b/speed-test/cryptoperf-base.c
|
|
@@ -179,7 +179,7 @@ int cp_read_random(unsigned char *buf, size_t buflen)
|
|
size_t len = 0;
|
|
|
|
fd = open("/dev/urandom", O_RDONLY|O_CLOEXEC);
|
|
- if(0 >= fd)
|
|
+ if(0 > fd)
|
|
return fd;
|
|
do {
|
|
ret = read(fd, (buf + len), (buflen - len));
|
|
|
|
From d41a21125e72e9ad611451bb9753489a1f96af5e Mon Sep 17 00:00:00 2001
|
|
From: Ondrej Mosnacek <omosnace@redhat.com>
|
|
Date: Mon, 23 Jul 2018 09:30:01 +0200
|
|
Subject: [PATCH 08/16] cryptoperf: Fix buffer overrun in cp_print_status()
|
|
|
|
Found by Coverity.
|
|
|
|
Signed-off-by: Stephan Mueller <smueller@chronox.de>
|
|
---
|
|
speed-test/cryptoperf-base.c | 2 +-
|
|
1 file changed, 1 insertion(+), 1 deletion(-)
|
|
|
|
diff --git a/speed-test/cryptoperf-base.c b/speed-test/cryptoperf-base.c
|
|
index b564e19..c56c2ce 100644
|
|
--- a/speed-test/cryptoperf-base.c
|
|
+++ b/speed-test/cryptoperf-base.c
|
|
@@ -159,7 +159,7 @@ char *cp_print_status(struct cp_test *test, int raw)
|
|
|
|
memset(byteseconds, 0, sizeof(byteseconds));
|
|
cp_bytes2string((processed_bytes / totaltime), byteseconds,
|
|
- (VALLEN + 1));
|
|
+ VALLEN);
|
|
snprintf(str, 120, "%-24s|%s|%8lu bytes|%*s/s|%lu ops/s",
|
|
test->testname,
|
|
test->enc ? "e" : "d",
|
|
|
|
From 5d17c564f7edae17b355f8cec7fa4c9685b10422 Mon Sep 17 00:00:00 2001
|
|
From: Ondrej Mosnacek <omosnace@redhat.com>
|
|
Date: Mon, 23 Jul 2018 10:05:50 +0200
|
|
Subject: [PATCH 09/16] test/cryptoperf: Check the return value of sysconf()
|
|
|
|
Found by Coverity.
|
|
|
|
Signed-off-by: Stephan Mueller <smueller@chronox.de>
|
|
---
|
|
speed-test/cryptoperf-aead.c | 10 ++++++--
|
|
speed-test/cryptoperf-skcipher.c | 8 +++++-
|
|
test/kcapi-main.c | 53 +++++++++++++++++++---------------------
|
|
3 files changed, 40 insertions(+), 31 deletions(-)
|
|
|
|
diff --git a/speed-test/cryptoperf-aead.c b/speed-test/cryptoperf-aead.c
|
|
index b2c0010..5a0446a 100644
|
|
--- a/speed-test/cryptoperf-aead.c
|
|
+++ b/speed-test/cryptoperf-aead.c
|
|
@@ -36,6 +36,12 @@ static int cp_aead_init_test(struct cp_test *test, int enc, int ccm)
|
|
unsigned char ivrand[MAX_KEYLEN];
|
|
unsigned char *ivdata = NULL;
|
|
uint32_t ivlen = 0;
|
|
+ long pagesize = sysconf(_SC_PAGESIZE);
|
|
+
|
|
+ if (pagesize < 0) {
|
|
+ printf(DRIVER_NAME": unable to determine the page size\n");
|
|
+ return -errno;
|
|
+ }
|
|
|
|
dbg("Initializing AEAD test %s\n", test->testname);
|
|
if (!test->driver_name) {
|
|
@@ -97,14 +103,14 @@ static int cp_aead_init_test(struct cp_test *test, int enc, int ccm)
|
|
test->u.aead.assoclen, TAGLEN);
|
|
}
|
|
|
|
- if (posix_memalign((void *)&input, sysconf(_SC_PAGESIZE),
|
|
+ if (posix_memalign((void *)&input, pagesize,
|
|
test->u.aead.indatalen *
|
|
(params->aio ? params->aio : 1))) {
|
|
printf(DRIVER_NAME": could not allocate input buffer for "
|
|
"%s\n", test->driver_name);
|
|
goto out;
|
|
}
|
|
- if (posix_memalign((void *)&output, sysconf(_SC_PAGESIZE),
|
|
+ if (posix_memalign((void *)&output, pagesize,
|
|
test->u.aead.outdatalen *
|
|
(params->aio ? params->aio : 1))) {
|
|
printf(DRIVER_NAME": could not allocate output buffer for "
|
|
diff --git a/speed-test/cryptoperf-skcipher.c b/speed-test/cryptoperf-skcipher.c
|
|
index a2db369..fb7123b 100644
|
|
--- a/speed-test/cryptoperf-skcipher.c
|
|
+++ b/speed-test/cryptoperf-skcipher.c
|
|
@@ -34,6 +34,12 @@ static int cp_skcipher_init_test(struct cp_test *test)
|
|
unsigned char *ivdata = NULL;
|
|
unsigned int bs;
|
|
int err;
|
|
+ long pagesize = sysconf(_SC_PAGESIZE);
|
|
+
|
|
+ if (pagesize < 0) {
|
|
+ printf(DRIVER_NAME": unable to determine the page size\n");
|
|
+ return -errno;
|
|
+ }
|
|
|
|
dbg("Initializing symmetric test %s\n", test->testname);
|
|
if (!test->driver_name) {
|
|
@@ -75,7 +81,7 @@ static int cp_skcipher_init_test(struct cp_test *test)
|
|
cp_read_random(ivdata, kcapi_cipher_blocksize(test->u.skcipher.handle));
|
|
test->u.skcipher.iv = ivdata;
|
|
|
|
- err = posix_memalign((void *)&scratchpad, sysconf(_SC_PAGESIZE),
|
|
+ err = posix_memalign((void *)&scratchpad, pagesize,
|
|
kcapi_cipher_blocksize(test->u.skcipher.handle) * params->len *
|
|
(params->aio ? params->aio : 1));
|
|
if (err) {
|
|
diff --git a/test/kcapi-main.c b/test/kcapi-main.c
|
|
index c167b7f..b0ec2ca 100644
|
|
--- a/test/kcapi-main.c
|
|
+++ b/test/kcapi-main.c
|
|
@@ -86,6 +86,8 @@ struct kcapi_cavs {
|
|
uint32_t outlen;
|
|
};
|
|
|
|
+static long pagesize;
|
|
+
|
|
static char hex_char_map_l[] = { '0', '1', '2', '3', '4', '5', '6', '7',
|
|
'8', '9', 'a', 'b', 'c', 'd', 'e', 'f' };
|
|
static char hex_char_map_u[] = { '0', '1', '2', '3', '4', '5', '6', '7',
|
|
@@ -808,8 +810,7 @@ static int cavs_sym(struct kcapi_cavs *cavs_test, uint32_t loops,
|
|
outbuflen = cavs_test->ctlen;
|
|
}
|
|
if (cavs_test->aligned) {
|
|
- if (posix_memalign((void *)&outbuf, sysconf(_SC_PAGESIZE),
|
|
- outbuflen))
|
|
+ if (posix_memalign((void *)&outbuf, pagesize, outbuflen))
|
|
goto out;
|
|
memset(outbuf, 0, outbuflen);
|
|
} else {
|
|
@@ -918,12 +919,10 @@ static int cavs_sym_stream(struct kcapi_cavs *cavs_test, uint32_t loops,
|
|
outbuflen = cavs_test->ctlen;
|
|
}
|
|
if (cavs_test->aligned) {
|
|
- if (posix_memalign((void *)&outbuf, sysconf(_SC_PAGESIZE),
|
|
- outbuflen))
|
|
+ if (posix_memalign((void *)&outbuf, pagesize, outbuflen))
|
|
goto out;
|
|
memset(outbuf, 0, outbuflen);
|
|
- if (posix_memalign((void *)&outbuf2, sysconf(_SC_PAGESIZE),
|
|
- outbuflen))
|
|
+ if (posix_memalign((void *)&outbuf2, pagesize, outbuflen))
|
|
goto out;
|
|
memset(outbuf2, 0, outbuflen);
|
|
} else {
|
|
@@ -1072,7 +1071,7 @@ static int cavs_sym_aio(struct kcapi_cavs *cavs_test, uint32_t loops,
|
|
return -ENOMEM;
|
|
|
|
if (cavs_test->aligned) {
|
|
- if (posix_memalign((void *)&outbuf, sysconf(_SC_PAGESIZE), outbuflen))
|
|
+ if (posix_memalign((void *)&outbuf, pagesize, outbuflen))
|
|
goto out;
|
|
memset(outbuf, 0, outbuflen);
|
|
} else {
|
|
@@ -1241,7 +1240,7 @@ static int cavs_aead(struct kcapi_cavs *cavs_test, uint32_t loops,
|
|
fullbuflen = (inbuflen > outbuflen) ? inbuflen : outbuflen;
|
|
|
|
if (cavs_test->aligned) {
|
|
- if (posix_memalign((void *)&inbuf, sysconf(_SC_PAGESIZE), fullbuflen))
|
|
+ if (posix_memalign((void *)&inbuf, pagesize, fullbuflen))
|
|
goto out;
|
|
memset(inbuf, 0, fullbuflen);
|
|
} else {
|
|
@@ -1425,8 +1424,7 @@ static int cavs_aead_aio(struct kcapi_cavs *cavs_test, uint32_t loops,
|
|
maxbuflen = (inbuflen > outbuflen) ? inbuflen : outbuflen;
|
|
|
|
if (cavs_test->aligned) {
|
|
- if (posix_memalign((void *)&inbuf, sysconf(_SC_PAGESIZE),
|
|
- loops * maxbuflen))
|
|
+ if (posix_memalign((void *)&inbuf, pagesize, loops * maxbuflen))
|
|
goto out;
|
|
memset(inbuf, 0, loops * maxbuflen);
|
|
} else {
|
|
@@ -1596,7 +1594,7 @@ static int cavs_aead_stream(struct kcapi_cavs *cavs_test, uint32_t loops,
|
|
|
|
maxbuflen = (inbuflen > outbuflen) ? inbuflen : outbuflen;
|
|
if (cavs_test->aligned) {
|
|
- if (posix_memalign((void *)&outbuf, sysconf(_SC_PAGESIZE), maxbuflen))
|
|
+ if (posix_memalign((void *)&outbuf, pagesize, maxbuflen))
|
|
goto out;
|
|
memset(outbuf, 0, maxbuflen);
|
|
} else {
|
|
@@ -1830,9 +1828,9 @@ static int cavs_aead_large(int stream, uint32_t loops, int splice)
|
|
test.keylen = len / 2;
|
|
|
|
len = strlen(aad);
|
|
- if (posix_memalign((void *)&test.assoc, sysconf(_SC_PAGESIZE), (16 * sysconf(_SC_PAGESIZE))))
|
|
+ if (posix_memalign((void *)&test.assoc, pagesize, (16 * pagesize)))
|
|
goto out;
|
|
- hex2bin(aad, len, test.assoc, (sysconf(_SC_PAGESIZE) * 16));
|
|
+ hex2bin(aad, len, test.assoc, (pagesize * 16));
|
|
test.assoclen = len / 2;
|
|
|
|
test.taglen = 16;
|
|
@@ -2052,8 +2050,7 @@ static int cavs_asym(struct kcapi_cavs *cavs_test, uint32_t loops,
|
|
}
|
|
|
|
if (cavs_test->aligned) {
|
|
- if (posix_memalign((void *)&outbuf, sysconf(_SC_PAGESIZE),
|
|
- maxsize))
|
|
+ if (posix_memalign((void *)&outbuf, pagesize, maxsize))
|
|
goto out;
|
|
memset(outbuf, 0, maxsize);
|
|
} else {
|
|
@@ -2164,11 +2161,10 @@ static int cavs_asym_aio(struct kcapi_cavs *cavs_test, uint32_t loops,
|
|
}
|
|
|
|
if (cavs_test->aligned) {
|
|
- if (posix_memalign((void *)&outbuf, sysconf(_SC_PAGESIZE),
|
|
- maxsize * loops))
|
|
+ if (posix_memalign((void *)&outbuf, pagesize, maxsize * loops))
|
|
goto out;
|
|
memset(outbuf, 0, maxsize * loops);
|
|
- if (posix_memalign((void *)&inbuf, sysconf(_SC_PAGESIZE),
|
|
+ if (posix_memalign((void *)&inbuf, pagesize,
|
|
cavs_test->ptlen * loops))
|
|
goto out;
|
|
memset(outbuf, 0, cavs_test->ptlen * loops);
|
|
@@ -2294,10 +2290,10 @@ static int cavs_asym_stream(struct kcapi_cavs *cavs_test, uint32_t loops,
|
|
}
|
|
|
|
if (cavs_test->aligned) {
|
|
- if (posix_memalign((void *)&outbuf, sysconf(_SC_PAGESIZE), maxsize * NUMIOVECS))
|
|
+ if (posix_memalign((void *)&outbuf, pagesize, maxsize * NUMIOVECS))
|
|
goto out;
|
|
memset(outbuf, 0, maxsize);
|
|
- if (posix_memalign((void *)&inbuf, sysconf(_SC_PAGESIZE), inbuflen))
|
|
+ if (posix_memalign((void *)&inbuf, pagesize, inbuflen))
|
|
goto out;
|
|
memset(inbuf, 0, inbuflen);
|
|
} else {
|
|
@@ -2489,8 +2485,7 @@ static int cavs_kdf_common(struct kcapi_cavs *cavs_test, uint32_t loops)
|
|
uint32_t i = 0;
|
|
|
|
if (cavs_test->aligned) {
|
|
- if (posix_memalign((void *)&outbuf, sysconf(_SC_PAGESIZE),
|
|
- cavs_test->outlen))
|
|
+ if (posix_memalign((void *)&outbuf, pagesize, cavs_test->outlen))
|
|
return -ENOMEM;
|
|
memset(outbuf, 0, cavs_test->outlen);
|
|
} else {
|
|
@@ -2571,8 +2566,7 @@ static int cavs_hkdf(struct kcapi_cavs *cavs_test, uint32_t loops)
|
|
}
|
|
|
|
if (cavs_test->aligned) {
|
|
- if (posix_memalign((void *)&outbuf, sysconf(_SC_PAGESIZE),
|
|
- cavs_test->outlen))
|
|
+ if (posix_memalign((void *)&outbuf, pagesize, cavs_test->outlen))
|
|
return -ENOMEM;
|
|
memset(outbuf, 0, cavs_test->outlen);
|
|
} else {
|
|
@@ -2671,8 +2665,7 @@ static int cavs_pbkdf(struct kcapi_cavs *cavs_test, uint32_t loops)
|
|
}
|
|
|
|
if (cavs_test->aligned) {
|
|
- if (posix_memalign((void *)&outbuf, sysconf(_SC_PAGESIZE),
|
|
- cavs_test->outlen))
|
|
+ if (posix_memalign((void *)&outbuf, pagesize, cavs_test->outlen))
|
|
return -ENOMEM;
|
|
memset(outbuf, 0, cavs_test->outlen);
|
|
} else {
|
|
@@ -2928,7 +2921,7 @@ static int kpp(struct kcapi_cavs *cavs_test, uint32_t loops, int splice)
|
|
|
|
outbuflen = ret;
|
|
if (cavs_test->aligned) {
|
|
- if (posix_memalign((void *)&outbuf, sysconf(_SC_PAGESIZE), ret))
|
|
+ if (posix_memalign((void *)&outbuf, pagesize, ret))
|
|
return -ENOMEM;
|
|
memset(outbuf, 0, ret);
|
|
} else {
|
|
@@ -3001,7 +2994,7 @@ static int kpp_aio(struct kcapi_cavs *cavs_test, uint32_t loops, int splice)
|
|
|
|
outbuflen = ret;
|
|
if (cavs_test->aligned) {
|
|
- if (posix_memalign((void *)&outbuf, sysconf(_SC_PAGESIZE), ret))
|
|
+ if (posix_memalign((void *)&outbuf, pagesize, ret))
|
|
return -ENOMEM;
|
|
memset(outbuf, 0, ret);
|
|
} else {
|
|
@@ -3072,6 +3065,10 @@ int main(int argc, char *argv[])
|
|
int splice = KCAPI_ACCESS_SENDMSG;
|
|
struct kcapi_cavs cavs_test;
|
|
|
|
+ pagesize = sysconf(_SC_PAGESIZE);
|
|
+ if (pagesize < 0)
|
|
+ return 1;
|
|
+
|
|
memset(&cavs_test, 0, sizeof(struct kcapi_cavs));
|
|
kcapi_set_verbosity(KCAPI_LOG_WARN);
|
|
|
|
|
|
From 4c904fbf621b0fb01d79c1b01d28c296f36e6d8a Mon Sep 17 00:00:00 2001
|
|
From: Ondrej Mosnacek <omosnace@redhat.com>
|
|
Date: Wed, 25 Jul 2018 11:10:01 +0200
|
|
Subject: [PATCH 10/16] docproc: Fix memory leak
|
|
|
|
Found by Coverity.
|
|
|
|
Signed-off-by: Stephan Mueller <smueller@chronox.de>
|
|
---
|
|
lib/doc/bin/docproc.c | 1 +
|
|
1 file changed, 1 insertion(+)
|
|
|
|
diff --git a/lib/doc/bin/docproc.c b/lib/doc/bin/docproc.c
|
|
index 9a0a931..ad8d3a0 100644
|
|
--- a/lib/doc/bin/docproc.c
|
|
+++ b/lib/doc/bin/docproc.c
|
|
@@ -445,6 +445,7 @@ static void find_all_symbols(char *filename)
|
|
start++;
|
|
}
|
|
}
|
|
+ free(data);
|
|
}
|
|
|
|
/*
|
|
|
|
From 6092ff27886b7d40ea056f6c02a9c3fd5803df0d Mon Sep 17 00:00:00 2001
|
|
From: Ondrej Mosnacek <omosnace@redhat.com>
|
|
Date: Wed, 25 Jul 2018 11:10:35 +0200
|
|
Subject: [PATCH 11/16] kcapi-aead: Remove an unreachable statement
|
|
|
|
Found by Coverity.
|
|
|
|
Signed-off-by: Stephan Mueller <smueller@chronox.de>
|
|
---
|
|
lib/kcapi-aead.c | 2 --
|
|
1 file changed, 2 deletions(-)
|
|
|
|
diff --git a/lib/kcapi-aead.c b/lib/kcapi-aead.c
|
|
index 7f8348f..d32c1e4 100644
|
|
--- a/lib/kcapi-aead.c
|
|
+++ b/lib/kcapi-aead.c
|
|
@@ -249,8 +249,6 @@ int32_t kcapi_aead_encrypt_aio(struct kcapi_handle *handle, struct iovec *iniov,
|
|
|
|
return _kcapi_aead_encrypt_aio_fallback(handle, iniov, outiov, iovlen,
|
|
iv);
|
|
-
|
|
- return ret;
|
|
}
|
|
|
|
DSO_PUBLIC
|
|
|
|
From 41a64a4363da4cce0f8de654f7dceef5c3fd6285 Mon Sep 17 00:00:00 2001
|
|
From: Ondrej Mosnacek <omosnace@redhat.com>
|
|
Date: Wed, 25 Jul 2018 12:23:18 +0200
|
|
Subject: [PATCH 12/16] kcapi-kdf: Fix buffer overruns in error paths
|
|
|
|
Found by Coverity.
|
|
|
|
Signed-off-by: Stephan Mueller <smueller@chronox.de>
|
|
---
|
|
lib/kcapi-kdf.c | 2 ++
|
|
1 file changed, 2 insertions(+)
|
|
|
|
diff --git a/lib/kcapi-kdf.c b/lib/kcapi-kdf.c
|
|
index bf150c1..78a7e0d 100644
|
|
--- a/lib/kcapi-kdf.c
|
|
+++ b/lib/kcapi-kdf.c
|
|
@@ -336,6 +336,7 @@ int32_t kcapi_hkdf(const char *hashname,
|
|
if (h > HKDF_MAXHASH) {
|
|
kcapi_dolog(KCAPI_LOG_ERR,
|
|
"Null salt size too small for hash\n");
|
|
+ h = HKDF_MAXHASH;
|
|
err = -EFAULT;
|
|
goto err;
|
|
}
|
|
@@ -570,6 +571,7 @@ int32_t kcapi_pbkdf(const char *hashname,
|
|
kcapi_dolog(KCAPI_LOG_ERR,
|
|
"Programming error in file %s at line %u\n",
|
|
__FILE__, __LINE__);
|
|
+ h = MAX_DIGESTSIZE;
|
|
err = -EFAULT;
|
|
goto err;
|
|
}
|
|
|
|
From 33c3b71ba5577c0b2bcdf8eb880642e0ab461079 Mon Sep 17 00:00:00 2001
|
|
From: Ondrej Mosnacek <omosnace@redhat.com>
|
|
Date: Wed, 25 Jul 2018 12:26:55 +0200
|
|
Subject: [PATCH 13/16] kcapi-kernel-if: Simplify iovec validity check
|
|
|
|
Current check is awkward, just checking iov for NULL seems to make CLang
|
|
happy.
|
|
|
|
Found by Coverity.
|
|
|
|
Signed-off-by: Stephan Mueller <smueller@chronox.de>
|
|
---
|
|
lib/kcapi-kernel-if.c | 8 ++++----
|
|
1 file changed, 4 insertions(+), 4 deletions(-)
|
|
|
|
diff --git a/lib/kcapi-kernel-if.c b/lib/kcapi-kernel-if.c
|
|
index 807cbfe..595ce68 100644
|
|
--- a/lib/kcapi-kernel-if.c
|
|
+++ b/lib/kcapi-kernel-if.c
|
|
@@ -257,11 +257,11 @@ int32_t _kcapi_common_vmsplice_iov(struct kcapi_handle *handle,
|
|
uint32_t inlen = 0;
|
|
unsigned long i;
|
|
|
|
- for (i = 0; i < iovlen; i++) {
|
|
- if (!(iov + i))
|
|
- return -EINVAL;
|
|
+ if (iovlen && !iov)
|
|
+ return -EINVAL;
|
|
+
|
|
+ for (i = 0; i < iovlen; i++)
|
|
inlen += iov[i].iov_len;
|
|
- }
|
|
|
|
/* kernel processes input data with max size of one page */
|
|
handle->processed_sg += ((inlen + sysconf(_SC_PAGESIZE) - 1) /
|
|
|
|
From c1f82d3b78031037f7098bd26b5da00eceecc00a Mon Sep 17 00:00:00 2001
|
|
From: Ondrej Mosnacek <omosnace@redhat.com>
|
|
Date: Wed, 25 Jul 2018 12:37:15 +0200
|
|
Subject: [PATCH 14/16] test: Allocate name even if size is zero
|
|
|
|
We still need one byte for the terminating null character.
|
|
|
|
Found by Coverity.
|
|
|
|
Signed-off-by: Stephan Mueller <smueller@chronox.de>
|
|
---
|
|
test/kcapi-main.c | 10 ++++------
|
|
1 file changed, 4 insertions(+), 6 deletions(-)
|
|
|
|
diff --git a/test/kcapi-main.c b/test/kcapi-main.c
|
|
index b0ec2ca..d20e74c 100644
|
|
--- a/test/kcapi-main.c
|
|
+++ b/test/kcapi-main.c
|
|
@@ -275,13 +275,11 @@ static int fuzz_init_test(unsigned int size)
|
|
|
|
kcapi_set_verbosity(KCAPI_LOG_NONE);
|
|
|
|
- if (size) {
|
|
- name = calloc(1, size + 1);
|
|
+ name = calloc(1, size + 1);
|
|
|
|
- if (!name) {
|
|
- printf("Allocation of %u bytes failed", size);
|
|
- return 1;
|
|
- }
|
|
+ if (!name) {
|
|
+ printf("Allocation of %u bytes failed", size);
|
|
+ return 1;
|
|
}
|
|
|
|
if (get_random(name, size, 0)) {
|
|
|
|
From 698fcb68572b5d315b27294bd3e9ee2c058920f6 Mon Sep 17 00:00:00 2001
|
|
From: Ondrej Mosnacek <omosnace@redhat.com>
|
|
Date: Wed, 25 Jul 2018 12:41:37 +0200
|
|
Subject: [PATCH 15/16] test: Fix resource leak and error handling
|
|
|
|
The fuzz_cipher() and fuzz_aead() functions did not always return error
|
|
when it should and it did not always release the cipher handle on
|
|
return. This patch fixes both issues.
|
|
|
|
Found by Coverity.
|
|
|
|
Signed-off-by: Stephan Mueller <smueller@chronox.de>
|
|
---
|
|
test/kcapi-main.c | 16 ++++++++--------
|
|
1 file changed, 8 insertions(+), 8 deletions(-)
|
|
|
|
diff --git a/test/kcapi-main.c b/test/kcapi-main.c
|
|
index d20e74c..b3f6ae9 100644
|
|
--- a/test/kcapi-main.c
|
|
+++ b/test/kcapi-main.c
|
|
@@ -352,11 +352,11 @@ static int fuzz_cipher(struct kcapi_cavs *cavs_test, unsigned long flags,
|
|
uint8_t indata[4096];
|
|
uint8_t outdata[4096];
|
|
unsigned int i;
|
|
- int ret = 0;
|
|
+ int ret = 1;
|
|
|
|
if (kcapi_cipher_init(&handle, cavs_test->cipher, 0)) {
|
|
printf("Allocation of %s cipher failed\n", cavs_test->cipher);
|
|
- return -EFAULT;
|
|
+ return 1;
|
|
}
|
|
|
|
/* Set key */
|
|
@@ -366,7 +366,7 @@ static int fuzz_cipher(struct kcapi_cavs *cavs_test, unsigned long flags,
|
|
for (i = 0; i < sizeof(key); i++) {
|
|
if (get_random(key, i, 0)) {
|
|
printf("get_random call failed\n");
|
|
- return 1;
|
|
+ goto out;
|
|
}
|
|
kcapi_cipher_setkey(handle, key, i);
|
|
}
|
|
@@ -388,7 +388,7 @@ static int fuzz_cipher(struct kcapi_cavs *cavs_test, unsigned long flags,
|
|
|
|
if (get_random(indata, i, 0)) {
|
|
printf("get_random call failed\n");
|
|
- return 1;
|
|
+ goto out;
|
|
}
|
|
|
|
if (flags & FUZZ_LESSOUT)
|
|
@@ -429,11 +429,11 @@ static int fuzz_aead(struct kcapi_cavs *cavs_test, unsigned long flags,
|
|
uint8_t indata[4096];
|
|
uint8_t outdata[4096];
|
|
unsigned int i;
|
|
- int ret = 0;
|
|
+ int ret = 1;
|
|
|
|
if (kcapi_aead_init(&handle, cavs_test->cipher, 0)) {
|
|
printf("Allocation of %s cipher failed\n", cavs_test->cipher);
|
|
- return -EFAULT;
|
|
+ return 1;
|
|
}
|
|
|
|
/* Set key */
|
|
@@ -443,7 +443,7 @@ static int fuzz_aead(struct kcapi_cavs *cavs_test, unsigned long flags,
|
|
for (i = 0; i < sizeof(key); i++) {
|
|
if (get_random(key, i, 0)) {
|
|
printf("get_random call failed\n");
|
|
- return 1;
|
|
+ goto out;
|
|
}
|
|
kcapi_aead_setkey(handle, key, i);
|
|
}
|
|
@@ -479,7 +479,7 @@ static int fuzz_aead(struct kcapi_cavs *cavs_test, unsigned long flags,
|
|
|
|
if (get_random(indata, i, 0)) {
|
|
printf("get_random call failed\n");
|
|
- return 1;
|
|
+ goto out;
|
|
}
|
|
|
|
if (flags & FUZZ_LESSOUT)
|
|
|
|
From ec9c36216623b94684c9e5ca8be26455b490bdef Mon Sep 17 00:00:00 2001
|
|
From: Ondrej Mosnacek <omosnace@redhat.com>
|
|
Date: Wed, 25 Jul 2018 16:52:13 +0200
|
|
Subject: [PATCH 16/16] test: Clean up after NULL string fix
|
|
|
|
Signed-off-by: Stephan Mueller <smueller@chronox.de>
|
|
---
|
|
test/kcapi-main.c | 10 ++++------
|
|
1 file changed, 4 insertions(+), 6 deletions(-)
|
|
|
|
diff --git a/test/kcapi-main.c b/test/kcapi-main.c
|
|
index b3f6ae9..3cba467 100644
|
|
--- a/test/kcapi-main.c
|
|
+++ b/test/kcapi-main.c
|
|
@@ -271,14 +271,12 @@ static int fuzz_init_test(unsigned int size)
|
|
{
|
|
struct kcapi_handle *handle;
|
|
int ret = 0;
|
|
- uint8_t *name = NULL;
|
|
+ uint8_t *name = calloc(1, size + 1);
|
|
|
|
kcapi_set_verbosity(KCAPI_LOG_NONE);
|
|
|
|
- name = calloc(1, size + 1);
|
|
-
|
|
if (!name) {
|
|
- printf("Allocation of %u bytes failed", size);
|
|
+ printf("Allocation of %u bytes failed", size + 1);
|
|
return 1;
|
|
}
|
|
|
|
@@ -317,10 +315,10 @@ static int fuzz_init_test(unsigned int size)
|
|
|
|
fail:
|
|
fprintf(stdout, "allocation success of nonsense string ");
|
|
- if (name)
|
|
+ if (size)
|
|
bin2print(name, size);
|
|
else
|
|
- fprintf(stdout, "NULL\n");
|
|
+ fprintf(stdout, "EMPTY\n");
|
|
free(name);
|
|
return 1;
|
|
}
|