DPDK-dev Archive on lore.kernel.org
 help / color / Atom feed
* [dpdk-dev] [PATCH] aesni_mb: fix out-of-bounds access
@ 2019-05-15 15:32 Fan Zhang
  2019-06-17 10:40 ` De Lara Guarch, Pablo
  2019-06-17 14:31 ` [dpdk-dev] [PATCH v2] " Fan Zhang
  0 siblings, 2 replies; 7+ messages in thread
From: Fan Zhang @ 2019-05-15 15:32 UTC (permalink / raw)
  To: dev; +Cc: akhil.goyal, Fan Zhang

This patch fixes the out-of-bounds coverity issue by adding
missed algorithms to the array.

Coverity issue: 337683

Fixes: c68d7aa354f6 ("crypto/aesni_mb: use architecture independent macros")

Signed-off-by: Fan Zhang <roy.fan.zhang@intel.com>
---
 drivers/crypto/aesni_mb/rte_aesni_mb_pmd_private.h | 8 +++++++-
 1 file changed, 7 insertions(+), 1 deletion(-)

diff --git a/drivers/crypto/aesni_mb/rte_aesni_mb_pmd_private.h b/drivers/crypto/aesni_mb/rte_aesni_mb_pmd_private.h
index 4d439360f..c937b21b6 100644
--- a/drivers/crypto/aesni_mb/rte_aesni_mb_pmd_private.h
+++ b/drivers/crypto/aesni_mb/rte_aesni_mb_pmd_private.h
@@ -65,7 +65,13 @@ static const unsigned auth_truncated_digest_byte_lengths[] = {
 		[AES_XCBC]	= 12,
 		[AES_CMAC]	= 12,
 		[AES_CCM]	= 8,
-		[NULL_HASH]	= 0
+		[NULL_HASH]	= 0,
+		[AES_GMAC]	= 12,
+		[PLAIN_SHA1]	= 20,
+		[PLAIN_SHA_224]	= 28,
+		[PLAIN_SHA_256]	= 32,
+		[PLAIN_SHA_384]	= 48,
+		[PLAIN_SHA_512]	= 64
 };
 
 /**
-- 
2.14.5


^ permalink raw reply	[flat|nested] 7+ messages in thread

* Re: [dpdk-dev] [PATCH] aesni_mb: fix out-of-bounds access
  2019-05-15 15:32 [dpdk-dev] [PATCH] aesni_mb: fix out-of-bounds access Fan Zhang
@ 2019-06-17 10:40 ` De Lara Guarch, Pablo
  2019-06-17 14:31 ` [dpdk-dev] [PATCH v2] " Fan Zhang
  1 sibling, 0 replies; 7+ messages in thread
From: De Lara Guarch, Pablo @ 2019-06-17 10:40 UTC (permalink / raw)
  To: Zhang, Roy Fan, dev; +Cc: akhil.goyal, Zhang, Roy Fan

Hi Fan,

> -----Original Message-----
> From: dev [mailto:dev-bounces@dpdk.org] On Behalf Of Fan Zhang
> Sent: Wednesday, May 15, 2019 4:33 PM
> To: dev@dpdk.org
> Cc: akhil.goyal@nxp.com; Zhang, Roy Fan <roy.fan.zhang@intel.com>
> Subject: [dpdk-dev] [PATCH] aesni_mb: fix out-of-bounds access
> 
> This patch fixes the out-of-bounds coverity issue by adding missed
> algorithms to the array.
> 
> Coverity issue: 337683
> 
> Fixes: c68d7aa354f6 ("crypto/aesni_mb: use architecture independent
> macros")
> 
> Signed-off-by: Fan Zhang <roy.fan.zhang@intel.com>
> ---
>  drivers/crypto/aesni_mb/rte_aesni_mb_pmd_private.h | 8 +++++++-
>  1 file changed, 7 insertions(+), 1 deletion(-)
> 
> diff --git a/drivers/crypto/aesni_mb/rte_aesni_mb_pmd_private.h
> b/drivers/crypto/aesni_mb/rte_aesni_mb_pmd_private.h
> index 4d439360f..c937b21b6 100644
> --- a/drivers/crypto/aesni_mb/rte_aesni_mb_pmd_private.h
> +++ b/drivers/crypto/aesni_mb/rte_aesni_mb_pmd_private.h
> @@ -65,7 +65,13 @@ static const unsigned
> auth_truncated_digest_byte_lengths[] = {
>  		[AES_XCBC]	= 12,
>  		[AES_CMAC]	= 12,
>  		[AES_CCM]	= 8,
> -		[NULL_HASH]	= 0
> +		[NULL_HASH]	= 0,
> +		[AES_GMAC]	= 12,

According to the code in the IPSec MB lib, truncated value for GMAC is 16,
although it can actually generate anything from 4 to 16 bytes,
so I guess any value between this range could work.

> +		[PLAIN_SHA1]	= 20,
> +		[PLAIN_SHA_224]	= 28,
> +		[PLAIN_SHA_256]	= 32,
> +		[PLAIN_SHA_384]	= 48,
> +		[PLAIN_SHA_512]	= 64
>  };
> 

Could you also complete the other two arrays?
auth_digest_byte_lengths (missing AES_CCM) and auth_blocksize.

Thanks!
Pablo

>  /**
> --
> 2.14.5


^ permalink raw reply	[flat|nested] 7+ messages in thread

* [dpdk-dev] [PATCH v2] aesni_mb: fix out-of-bounds access
  2019-05-15 15:32 [dpdk-dev] [PATCH] aesni_mb: fix out-of-bounds access Fan Zhang
  2019-06-17 10:40 ` De Lara Guarch, Pablo
@ 2019-06-17 14:31 ` " Fan Zhang
  2019-06-18 13:36   ` Akhil Goyal
                     ` (2 more replies)
  1 sibling, 3 replies; 7+ messages in thread
From: Fan Zhang @ 2019-06-17 14:31 UTC (permalink / raw)
  To: dev; +Cc: akhil.goyal, pablo.de.lara.guarch, Fan Zhang

This patch fixes the out-of-bounds coverity issue by adding
missed algorithms to the array.

Coverity issue: 337683

Fixes: c68d7aa354f6 ("crypto/aesni_mb: use architecture independent macros")

Signed-off-by: Fan Zhang <roy.fan.zhang@intel.com>
---
 drivers/crypto/aesni_mb/rte_aesni_mb_pmd_private.h | 17 ++++++++++++++++-
 1 file changed, 16 insertions(+), 1 deletion(-)

diff --git a/drivers/crypto/aesni_mb/rte_aesni_mb_pmd_private.h b/drivers/crypto/aesni_mb/rte_aesni_mb_pmd_private.h
index 4d439360f..dda78d989 100644
--- a/drivers/crypto/aesni_mb/rte_aesni_mb_pmd_private.h
+++ b/drivers/crypto/aesni_mb/rte_aesni_mb_pmd_private.h
@@ -41,6 +41,14 @@ static const unsigned auth_blocksize[] = {
 		[SHA_512]	= 128,
 		[AES_XCBC]	= 16,
 		[AES_CCM]	= 16,
+		[AES_CMAC]	= 16,
+		[AES_GMAC]	= 16,
+		[AES_GCM]	= 16,
+		[PLAIN_SHA1]	= 64,
+		[PLAIN_SHA_224]	= 64,
+		[PLAIN_SHA_256]	= 64,
+		[PLAIN_SHA_384]	= 128,
+		[PLAIN_SHA_512]	= 128
 };
 
 /**
@@ -65,7 +73,13 @@ static const unsigned auth_truncated_digest_byte_lengths[] = {
 		[AES_XCBC]	= 12,
 		[AES_CMAC]	= 12,
 		[AES_CCM]	= 8,
-		[NULL_HASH]	= 0
+		[NULL_HASH]	= 0,
+		[AES_GMAC]	= 16,
+		[PLAIN_SHA1]	= 20,
+		[PLAIN_SHA_224]	= 28,
+		[PLAIN_SHA_256]	= 32,
+		[PLAIN_SHA_384]	= 48,
+		[PLAIN_SHA_512]	= 64
 };
 
 /**
@@ -90,6 +104,7 @@ static const unsigned auth_digest_byte_lengths[] = {
 		[SHA_512]	= 64,
 		[AES_XCBC]	= 16,
 		[AES_CMAC]	= 16,
+		[AES_CCM]	= 16,
 		[AES_GMAC]	= 12,
 		[NULL_HASH]	= 0,
 		[PLAIN_SHA1]	= 20,
-- 
2.14.5


^ permalink raw reply	[flat|nested] 7+ messages in thread

* Re: [dpdk-dev] [PATCH v2] aesni_mb: fix out-of-bounds access
  2019-06-17 14:31 ` [dpdk-dev] [PATCH v2] " Fan Zhang
@ 2019-06-18 13:36   ` Akhil Goyal
  2019-06-18 16:34   ` De Lara Guarch, Pablo
  2019-06-24 15:40   ` [dpdk-dev] [PATCH v3] " Fan Zhang
  2 siblings, 0 replies; 7+ messages in thread
From: Akhil Goyal @ 2019-06-18 13:36 UTC (permalink / raw)
  To: Fan Zhang, dev; +Cc: pablo.de.lara.guarch

Hi Fan,

> 
> This patch fixes the out-of-bounds coverity issue by adding
> missed algorithms to the array.
> 
> Coverity issue: 337683
> 
> Fixes: c68d7aa354f6 ("crypto/aesni_mb: use architecture independent macros")
> 
> Signed-off-by: Fan Zhang <roy.fan.zhang@intel.com>
> ---
>  drivers/crypto/aesni_mb/rte_aesni_mb_pmd_private.h | 17
> ++++++++++++++++-
>  1 file changed, 16 insertions(+), 1 deletion(-)
> 
> diff --git a/drivers/crypto/aesni_mb/rte_aesni_mb_pmd_private.h
> b/drivers/crypto/aesni_mb/rte_aesni_mb_pmd_private.h
> index 4d439360f..dda78d989 100644
> --- a/drivers/crypto/aesni_mb/rte_aesni_mb_pmd_private.h
> +++ b/drivers/crypto/aesni_mb/rte_aesni_mb_pmd_private.h
> @@ -41,6 +41,14 @@ static const unsigned auth_blocksize[] = {
>  		[SHA_512]	= 128,
>  		[AES_XCBC]	= 16,
>  		[AES_CCM]	= 16,
> +		[AES_CMAC]	= 16,
> +		[AES_GMAC]	= 16,
> +		[AES_GCM]	= 16,
> +		[PLAIN_SHA1]	= 64,
> +		[PLAIN_SHA_224]	= 64,
> +		[PLAIN_SHA_256]	= 64,
> +		[PLAIN_SHA_384]	= 128,
> +		[PLAIN_SHA_512]	= 128
>  };
> 
>  /**
> @@ -65,7 +73,13 @@ static const unsigned
> auth_truncated_digest_byte_lengths[] = {
>  		[AES_XCBC]	= 12,
>  		[AES_CMAC]	= 12,
>  		[AES_CCM]	= 8,
> -		[NULL_HASH]	= 0
> +		[NULL_HASH]	= 0,
> +		[AES_GMAC]	= 16,
> +		[PLAIN_SHA1]	= 20,
> +		[PLAIN_SHA_224]	= 28,
> +		[PLAIN_SHA_256]	= 32,
> +		[PLAIN_SHA_384]	= 48,
> +		[PLAIN_SHA_512]	= 64
>  };
> 
>  /**
> @@ -90,6 +104,7 @@ static const unsigned auth_digest_byte_lengths[] = {
>  		[SHA_512]	= 64,
>  		[AES_XCBC]	= 16,
>  		[AES_CMAC]	= 16,
> +		[AES_CCM]	= 16,
>  		[AES_GMAC]	= 12,
>  		[NULL_HASH]	= 0,
>  		[PLAIN_SHA1]	= 20,
> --
> 2.14.5

Patchworks say that there is a compilation issue in this patch.

Could you please check.

Thanks,
Akhil

^ permalink raw reply	[flat|nested] 7+ messages in thread

* Re: [dpdk-dev] [PATCH v2] aesni_mb: fix out-of-bounds access
  2019-06-17 14:31 ` [dpdk-dev] [PATCH v2] " Fan Zhang
  2019-06-18 13:36   ` Akhil Goyal
@ 2019-06-18 16:34   ` De Lara Guarch, Pablo
  2019-06-24 15:40   ` [dpdk-dev] [PATCH v3] " Fan Zhang
  2 siblings, 0 replies; 7+ messages in thread
From: De Lara Guarch, Pablo @ 2019-06-18 16:34 UTC (permalink / raw)
  To: Zhang, Roy Fan, dev; +Cc: akhil.goyal

Hi Fan,

> -----Original Message-----
> From: Zhang, Roy Fan
> Sent: Monday, June 17, 2019 3:31 PM
> To: dev@dpdk.org
> Cc: akhil.goyal@nxp.com; De Lara Guarch, Pablo
> <pablo.de.lara.guarch@intel.com>; Zhang, Roy Fan
> <roy.fan.zhang@intel.com>
> Subject: [PATCH v2] aesni_mb: fix out-of-bounds access
> 
> This patch fixes the out-of-bounds coverity issue by adding missed
> algorithms to the array.
> 
> Coverity issue: 337683
> 
> Fixes: c68d7aa354f6 ("crypto/aesni_mb: use architecture independent
> macros")
> 
> Signed-off-by: Fan Zhang <roy.fan.zhang@intel.com>
> ---
>  drivers/crypto/aesni_mb/rte_aesni_mb_pmd_private.h | 17
> ++++++++++++++++-
>  1 file changed, 16 insertions(+), 1 deletion(-)
> 
> diff --git a/drivers/crypto/aesni_mb/rte_aesni_mb_pmd_private.h
> b/drivers/crypto/aesni_mb/rte_aesni_mb_pmd_private.h
> index 4d439360f..dda78d989 100644
> --- a/drivers/crypto/aesni_mb/rte_aesni_mb_pmd_private.h
> +++ b/drivers/crypto/aesni_mb/rte_aesni_mb_pmd_private.h
> @@ -41,6 +41,14 @@ static const unsigned auth_blocksize[] = {
>  		[SHA_512]	= 128,
>  		[AES_XCBC]	= 16,
>  		[AES_CCM]	= 16,
> +		[AES_CMAC]	= 16,
> +		[AES_GMAC]	= 16,
> +		[AES_GCM]	= 16,

As Akhil has pointed out, there is a compilation error,
because there is no AES_GCM in JOB_HASH_ALG list.
I think instead what's missing is NULL_HASH, which block size should be 0.

Thanks,
Pablo

^ permalink raw reply	[flat|nested] 7+ messages in thread

* [dpdk-dev] [PATCH v3] aesni_mb: fix out-of-bounds access
  2019-06-17 14:31 ` [dpdk-dev] [PATCH v2] " Fan Zhang
  2019-06-18 13:36   ` Akhil Goyal
  2019-06-18 16:34   ` De Lara Guarch, Pablo
@ 2019-06-24 15:40   ` " Fan Zhang
  2019-06-25 12:47     ` Akhil Goyal
  2 siblings, 1 reply; 7+ messages in thread
From: Fan Zhang @ 2019-06-24 15:40 UTC (permalink / raw)
  To: dev; +Cc: akhil.goyal, pablo.de.lara.guarch, Fan Zhang

This patch fixes the out-of-bounds coverity issue by adding
missed algorithms to the array.

Coverity issue: 337683

Fixes: c68d7aa354f6 ("crypto/aesni_mb: use architecture independent macros")

Signed-off-by: Fan Zhang <roy.fan.zhang@intel.com>
---
v3:
- fixed a compile issue

v2:
- added missed size data.

 drivers/crypto/aesni_mb/rte_aesni_mb_pmd_private.h | 17 ++++++++++++++++-
 1 file changed, 16 insertions(+), 1 deletion(-)

diff --git a/drivers/crypto/aesni_mb/rte_aesni_mb_pmd_private.h b/drivers/crypto/aesni_mb/rte_aesni_mb_pmd_private.h
index 4d439360f..b794d4bc1 100644
--- a/drivers/crypto/aesni_mb/rte_aesni_mb_pmd_private.h
+++ b/drivers/crypto/aesni_mb/rte_aesni_mb_pmd_private.h
@@ -33,6 +33,7 @@ int aesni_mb_logtype_driver;
 /* Maximum length for digest */
 #define DIGEST_LENGTH_MAX 64
 static const unsigned auth_blocksize[] = {
+		[NULL_HASH]	= 0,
 		[MD5]		= 64,
 		[SHA1]		= 64,
 		[SHA_224]	= 64,
@@ -41,6 +42,13 @@ static const unsigned auth_blocksize[] = {
 		[SHA_512]	= 128,
 		[AES_XCBC]	= 16,
 		[AES_CCM]	= 16,
+		[AES_CMAC]	= 16,
+		[AES_GMAC]	= 16,
+		[PLAIN_SHA1]	= 64,
+		[PLAIN_SHA_224]	= 64,
+		[PLAIN_SHA_256]	= 64,
+		[PLAIN_SHA_384]	= 128,
+		[PLAIN_SHA_512]	= 128
 };
 
 /**
@@ -65,7 +73,13 @@ static const unsigned auth_truncated_digest_byte_lengths[] = {
 		[AES_XCBC]	= 12,
 		[AES_CMAC]	= 12,
 		[AES_CCM]	= 8,
-		[NULL_HASH]	= 0
+		[NULL_HASH]	= 0,
+		[AES_GMAC]	= 16,
+		[PLAIN_SHA1]	= 20,
+		[PLAIN_SHA_224]	= 28,
+		[PLAIN_SHA_256]	= 32,
+		[PLAIN_SHA_384]	= 48,
+		[PLAIN_SHA_512]	= 64
 };
 
 /**
@@ -90,6 +104,7 @@ static const unsigned auth_digest_byte_lengths[] = {
 		[SHA_512]	= 64,
 		[AES_XCBC]	= 16,
 		[AES_CMAC]	= 16,
+		[AES_CCM]	= 16,
 		[AES_GMAC]	= 12,
 		[NULL_HASH]	= 0,
 		[PLAIN_SHA1]	= 20,
-- 
2.14.5


^ permalink raw reply	[flat|nested] 7+ messages in thread

* Re: [dpdk-dev] [PATCH v3] aesni_mb: fix out-of-bounds access
  2019-06-24 15:40   ` [dpdk-dev] [PATCH v3] " Fan Zhang
@ 2019-06-25 12:47     ` Akhil Goyal
  0 siblings, 0 replies; 7+ messages in thread
From: Akhil Goyal @ 2019-06-25 12:47 UTC (permalink / raw)
  To: Fan Zhang, dev; +Cc: pablo.de.lara.guarch



> 
> This patch fixes the out-of-bounds coverity issue by adding
> missed algorithms to the array.
> 
> Coverity issue: 337683
> 
> Fixes: c68d7aa354f6 ("crypto/aesni_mb: use architecture independent macros")
> 
> Signed-off-by: Fan Zhang <roy.fan.zhang@intel.com>
> ---
> v3:
> - fixed a compile issue
> 
> v2:
> - added missed size data.
> 
>  drivers/crypto/aesni_mb/rte_aesni_mb_pmd_private.h | 17
> ++++++++++++++++-
>  1 file changed, 16 insertions(+), 1 deletion(-)
> 
@Pablo: I hope there are no more concerns on this patch.


Applied to dpdk-next-crypto


Thanks.

^ permalink raw reply	[flat|nested] 7+ messages in thread

end of thread, back to index

Thread overview: 7+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2019-05-15 15:32 [dpdk-dev] [PATCH] aesni_mb: fix out-of-bounds access Fan Zhang
2019-06-17 10:40 ` De Lara Guarch, Pablo
2019-06-17 14:31 ` [dpdk-dev] [PATCH v2] " Fan Zhang
2019-06-18 13:36   ` Akhil Goyal
2019-06-18 16:34   ` De Lara Guarch, Pablo
2019-06-24 15:40   ` [dpdk-dev] [PATCH v3] " Fan Zhang
2019-06-25 12:47     ` Akhil Goyal

DPDK-dev Archive on lore.kernel.org

Archives are clonable:
	git clone --mirror https://lore.kernel.org/dpdk-dev/0 dpdk-dev/git/0.git

	# If you have public-inbox 1.1+ installed, you may
	# initialize and index your mirror using the following commands:
	public-inbox-init -V2 dpdk-dev dpdk-dev/ https://lore.kernel.org/dpdk-dev \
		dev@dpdk.org dpdk-dev@archiver.kernel.org
	public-inbox-index dpdk-dev


Newsgroup available over NNTP:
	nntp://nntp.lore.kernel.org/org.dpdk.dev


AGPL code for this site: git clone https://public-inbox.org/ public-inbox