* [Qemu-devel] [PULL v1 0/2] Merge qcrypto 2017/11/8
@ 2017-11-08 13:36 Daniel P. Berrange
2017-11-08 13:36 ` [Qemu-devel] [PULL v1 1/2] tests: Run the luks tests in test-crypto-block only if encryption is available Daniel P. Berrange
` (2 more replies)
0 siblings, 3 replies; 4+ messages in thread
From: Daniel P. Berrange @ 2017-11-08 13:36 UTC (permalink / raw)
To: qemu-devel; +Cc: Peter Maydell, Daniel P. Berrange
The following changes since commit b0fbe46ad82982b289a44ee2495b59b0bad8a842:
Update version for v2.11.0-rc0 release (2017-11-07 16:05:28 +0000)
are available in the git repository at:
git://github.com/berrange/qemu tags/pull-qcrypto-2017-11-08-1
for you to fetch changes up to f1710638edb2e98008c2a733ffda63ef32b50411:
crypto: afalg: fix a NULL pointer dereference (2017-11-08 11:05:09 +0000)
----------------------------------------------------------------
Merge qcrypto 2017/11/08 v1
----------------------------------------------------------------
Longpeng (1):
crypto: afalg: fix a NULL pointer dereference
Thomas Huth (1):
tests: Run the luks tests in test-crypto-block only if encryption is
available
crypto/cipher.c | 5 +----
crypto/hash.c | 13 +++++--------
crypto/hmac.c | 4 +---
tests/test-crypto-block.c | 3 ++-
4 files changed, 9 insertions(+), 16 deletions(-)
--
2.13.6
^ permalink raw reply [flat|nested] 4+ messages in thread
* [Qemu-devel] [PULL v1 1/2] tests: Run the luks tests in test-crypto-block only if encryption is available
2017-11-08 13:36 [Qemu-devel] [PULL v1 0/2] Merge qcrypto 2017/11/8 Daniel P. Berrange
@ 2017-11-08 13:36 ` Daniel P. Berrange
2017-11-08 13:36 ` [Qemu-devel] [PULL v1 2/2] crypto: afalg: fix a NULL pointer dereference Daniel P. Berrange
2017-11-10 17:24 ` [Qemu-devel] [PULL v1 0/2] Merge qcrypto 2017/11/8 Peter Maydell
2 siblings, 0 replies; 4+ messages in thread
From: Daniel P. Berrange @ 2017-11-08 13:36 UTC (permalink / raw)
To: qemu-devel; +Cc: Peter Maydell, Thomas Huth, Daniel P . Berrange
From: Thomas Huth <thuth@redhat.com>
The test-crypto-block currently fails if encryption has not been
compiled into QEMU:
TEST: tests/test-crypto-block... (pid=22231)
/crypto/block/qcow: OK
/crypto/block/luks/default:
Unexpected error in qcrypto_pbkdf2() at qemu/crypto/pbkdf-stub.c:41:
FAIL
GTester: last random seed: R02Sbbb5b6f299c6727f41bb50ba4aa6ef5c
(pid=22237)
/crypto/block/luks/aes-256-cbc-plain64:
Unexpected error in qcrypto_pbkdf2() at qemu/crypto/pbkdf-stub.c:41:
FAIL
GTester: last random seed: R02S3e27992a5ab4cc95e141c4ed3c7f0d2e
(pid=22239)
/crypto/block/luks/aes-256-cbc-essiv:
Unexpected error in qcrypto_pbkdf2() at qemu/crypto/pbkdf-stub.c:41:
FAIL
GTester: last random seed: R02S51b52bb02a66c42d8b331fd305384f53
(pid=22241)
FAIL: tests/test-crypto-block
So run the luks test only if the required encryption support is available.
Signed-off-by: Thomas Huth <thuth@redhat.com>
Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
---
tests/test-crypto-block.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/tests/test-crypto-block.c b/tests/test-crypto-block.c
index bd7fe593e3..fd29a045d2 100644
--- a/tests/test-crypto-block.c
+++ b/tests/test-crypto-block.c
@@ -28,7 +28,8 @@
#include <sys/resource.h>
#endif
-#if (defined(_WIN32) || defined RUSAGE_THREAD)
+#if (defined(_WIN32) || defined RUSAGE_THREAD) && \
+ (defined(CONFIG_NETTLE_KDF) || defined(CONFIG_GCRYPT_KDF))
#define TEST_LUKS
#else
#undef TEST_LUKS
--
2.13.6
^ permalink raw reply related [flat|nested] 4+ messages in thread
* [Qemu-devel] [PULL v1 2/2] crypto: afalg: fix a NULL pointer dereference
2017-11-08 13:36 [Qemu-devel] [PULL v1 0/2] Merge qcrypto 2017/11/8 Daniel P. Berrange
2017-11-08 13:36 ` [Qemu-devel] [PULL v1 1/2] tests: Run the luks tests in test-crypto-block only if encryption is available Daniel P. Berrange
@ 2017-11-08 13:36 ` Daniel P. Berrange
2017-11-10 17:24 ` [Qemu-devel] [PULL v1 0/2] Merge qcrypto 2017/11/8 Peter Maydell
2 siblings, 0 replies; 4+ messages in thread
From: Daniel P. Berrange @ 2017-11-08 13:36 UTC (permalink / raw)
To: qemu-devel; +Cc: Peter Maydell, Longpeng, Daniel P . Berrange
From: Longpeng <longpeng2@huawei.com>
Test-crypto-hash calls qcrypto_hash_bytesv/digest/base64 with
errp=NULL, this will cause a NULL pointer dereference if afalg_driver
doesn't support requested algos:
ret = qcrypto_hash_afalg_driver.hash_bytesv(alg, iov, niov,
result, resultlen,
errp);
if (ret == 0) {
return ret;
}
error_free(*errp); // <--- here
Because the error message is thrown away immediately, we should
just pass NULL to hash_bytesv(). There is also the same problem in
afalg-backend cipher & hmac, let's fix them together.
Reviewed-by: Eric Blake <eblake@redhat.com>
Reported-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Longpeng <longpeng2@huawei.com>
Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
---
crypto/cipher.c | 5 +----
crypto/hash.c | 13 +++++--------
crypto/hmac.c | 4 +---
3 files changed, 7 insertions(+), 15 deletions(-)
diff --git a/crypto/cipher.c b/crypto/cipher.c
index 0aad9d6d79..bcbfb3d5b8 100644
--- a/crypto/cipher.c
+++ b/crypto/cipher.c
@@ -164,11 +164,10 @@ QCryptoCipher *qcrypto_cipher_new(QCryptoCipherAlgorithm alg,
{
QCryptoCipher *cipher;
void *ctx = NULL;
- Error *err2 = NULL;
QCryptoCipherDriver *drv = NULL;
#ifdef CONFIG_AF_ALG
- ctx = qcrypto_afalg_cipher_ctx_new(alg, mode, key, nkey, &err2);
+ ctx = qcrypto_afalg_cipher_ctx_new(alg, mode, key, nkey, NULL);
if (ctx) {
drv = &qcrypto_cipher_afalg_driver;
}
@@ -177,12 +176,10 @@ QCryptoCipher *qcrypto_cipher_new(QCryptoCipherAlgorithm alg,
if (!ctx) {
ctx = qcrypto_cipher_ctx_new(alg, mode, key, nkey, errp);
if (!ctx) {
- error_free(err2);
return NULL;
}
drv = &qcrypto_cipher_lib_driver;
- error_free(err2);
}
cipher = g_new0(QCryptoCipher, 1);
diff --git a/crypto/hash.c b/crypto/hash.c
index ac59c63d5f..8dab25d9ea 100644
--- a/crypto/hash.c
+++ b/crypto/hash.c
@@ -48,19 +48,16 @@ int qcrypto_hash_bytesv(QCryptoHashAlgorithm alg,
{
#ifdef CONFIG_AF_ALG
int ret;
-
+ /*
+ * TODO:
+ * Maybe we should treat some afalg errors as fatal
+ */
ret = qcrypto_hash_afalg_driver.hash_bytesv(alg, iov, niov,
result, resultlen,
- errp);
+ NULL);
if (ret == 0) {
return ret;
}
-
- /*
- * TODO:
- * Maybe we should treat some afalg errors as fatal
- */
- error_free(*errp);
#endif
return qcrypto_hash_lib_driver.hash_bytesv(alg, iov, niov,
diff --git a/crypto/hmac.c b/crypto/hmac.c
index 82b0055adf..f6c2d8db60 100644
--- a/crypto/hmac.c
+++ b/crypto/hmac.c
@@ -90,11 +90,10 @@ QCryptoHmac *qcrypto_hmac_new(QCryptoHashAlgorithm alg,
{
QCryptoHmac *hmac;
void *ctx = NULL;
- Error *err2 = NULL;
QCryptoHmacDriver *drv = NULL;
#ifdef CONFIG_AF_ALG
- ctx = qcrypto_afalg_hmac_ctx_new(alg, key, nkey, &err2);
+ ctx = qcrypto_afalg_hmac_ctx_new(alg, key, nkey, NULL);
if (ctx) {
drv = &qcrypto_hmac_afalg_driver;
}
@@ -107,7 +106,6 @@ QCryptoHmac *qcrypto_hmac_new(QCryptoHashAlgorithm alg,
}
drv = &qcrypto_hmac_lib_driver;
- error_free(err2);
}
hmac = g_new0(QCryptoHmac, 1);
--
2.13.6
^ permalink raw reply related [flat|nested] 4+ messages in thread
* Re: [Qemu-devel] [PULL v1 0/2] Merge qcrypto 2017/11/8
2017-11-08 13:36 [Qemu-devel] [PULL v1 0/2] Merge qcrypto 2017/11/8 Daniel P. Berrange
2017-11-08 13:36 ` [Qemu-devel] [PULL v1 1/2] tests: Run the luks tests in test-crypto-block only if encryption is available Daniel P. Berrange
2017-11-08 13:36 ` [Qemu-devel] [PULL v1 2/2] crypto: afalg: fix a NULL pointer dereference Daniel P. Berrange
@ 2017-11-10 17:24 ` Peter Maydell
2 siblings, 0 replies; 4+ messages in thread
From: Peter Maydell @ 2017-11-10 17:24 UTC (permalink / raw)
To: Daniel P. Berrange; +Cc: QEMU Developers
On 8 November 2017 at 13:36, Daniel P. Berrange <berrange@redhat.com> wrote:
> The following changes since commit b0fbe46ad82982b289a44ee2495b59b0bad8a842:
>
> Update version for v2.11.0-rc0 release (2017-11-07 16:05:28 +0000)
>
> are available in the git repository at:
>
> git://github.com/berrange/qemu tags/pull-qcrypto-2017-11-08-1
>
> for you to fetch changes up to f1710638edb2e98008c2a733ffda63ef32b50411:
>
> crypto: afalg: fix a NULL pointer dereference (2017-11-08 11:05:09 +0000)
>
> ----------------------------------------------------------------
> Merge qcrypto 2017/11/08 v1
>
> ----------------------------------------------------------------
> Longpeng (1):
> crypto: afalg: fix a NULL pointer dereference
>
> Thomas Huth (1):
> tests: Run the luks tests in test-crypto-block only if encryption is
> available
>
> crypto/cipher.c | 5 +----
> crypto/hash.c | 13 +++++--------
> crypto/hmac.c | 4 +---
> tests/test-crypto-block.c | 3 ++-
> 4 files changed, 9 insertions(+), 16 deletions(-)
>
Applied, thanks.
-- PMM
^ permalink raw reply [flat|nested] 4+ messages in thread
end of thread, other threads:[~2017-11-10 17:24 UTC | newest]
Thread overview: 4+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2017-11-08 13:36 [Qemu-devel] [PULL v1 0/2] Merge qcrypto 2017/11/8 Daniel P. Berrange
2017-11-08 13:36 ` [Qemu-devel] [PULL v1 1/2] tests: Run the luks tests in test-crypto-block only if encryption is available Daniel P. Berrange
2017-11-08 13:36 ` [Qemu-devel] [PULL v1 2/2] crypto: afalg: fix a NULL pointer dereference Daniel P. Berrange
2017-11-10 17:24 ` [Qemu-devel] [PULL v1 0/2] Merge qcrypto 2017/11/8 Peter Maydell
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.