Linux-ARM-Kernel Archive on lore.kernel.org
 help / color / Atom feed
From: Sasha Levin <sashal@kernel.org>
To: linux-kernel@vger.kernel.org, stable@vger.kernel.org
Cc: Sasha Levin <sashal@kernel.org>,
	Herbert Xu <herbert@gondor.apana.org.au>,
	Eric Biggers <ebiggers@google.com>,
	Pascal Van Leeuwen <pvanleeuwen@verimatrix.com>,
	linux-crypto@vger.kernel.org,
	linux-stm32@st-md-mailman.stormreply.com,
	linux-arm-kernel@lists.infradead.org
Subject: [PATCH AUTOSEL 5.4 013/459] crypto: testmgr - don't try to decrypt uninitialized buffers
Date: Fri, 14 Feb 2020 10:54:23 -0500
Message-ID: <20200214160149.11681-13-sashal@kernel.org> (raw)
In-Reply-To: <20200214160149.11681-1-sashal@kernel.org>

From: Eric Biggers <ebiggers@google.com>

[ Upstream commit eb455dbd02cb1074b37872ffca30a81cb2a18eaa ]

Currently if the comparison fuzz tests encounter an encryption error
when generating an skcipher or AEAD test vector, they will still test
the decryption side (passing it the uninitialized ciphertext buffer)
and expect it to fail with the same error.

This is sort of broken because it's not well-defined usage of the API to
pass an uninitialized buffer, and furthermore in the AEAD case it's
acceptable for the decryption error to be EBADMSG (meaning "inauthentic
input") even if the encryption error was something else like EINVAL.

Fix this for skcipher by explicitly initializing the ciphertext buffer
on error, and for AEAD by skipping the decryption test on error.

Reported-by: Pascal Van Leeuwen <pvanleeuwen@verimatrix.com>
Fixes: d435e10e67be ("crypto: testmgr - fuzz skciphers against their generic implementation")
Fixes: 40153b10d91c ("crypto: testmgr - fuzz AEADs against their generic implementation")
Signed-off-by: Eric Biggers <ebiggers@google.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Signed-off-by: Sasha Levin <sashal@kernel.org>
---
 crypto/testmgr.c | 20 ++++++++++++++++----
 1 file changed, 16 insertions(+), 4 deletions(-)

diff --git a/crypto/testmgr.c b/crypto/testmgr.c
index c39e39e55dc20..7473c5bc06b1a 100644
--- a/crypto/testmgr.c
+++ b/crypto/testmgr.c
@@ -2102,6 +2102,7 @@ static void generate_random_aead_testvec(struct aead_request *req,
 	 * If the key or authentication tag size couldn't be set, no need to
 	 * continue to encrypt.
 	 */
+	vec->crypt_error = 0;
 	if (vec->setkey_error || vec->setauthsize_error)
 		goto done;
 
@@ -2245,10 +2246,12 @@ static int test_aead_vs_generic_impl(const char *driver,
 					req, tsgls);
 		if (err)
 			goto out;
-		err = test_aead_vec_cfg(driver, DECRYPT, &vec, vec_name, cfg,
-					req, tsgls);
-		if (err)
-			goto out;
+		if (vec.crypt_error == 0) {
+			err = test_aead_vec_cfg(driver, DECRYPT, &vec, vec_name,
+						cfg, req, tsgls);
+			if (err)
+				goto out;
+		}
 		cond_resched();
 	}
 	err = 0;
@@ -2678,6 +2681,15 @@ static void generate_random_cipher_testvec(struct skcipher_request *req,
 	skcipher_request_set_callback(req, 0, crypto_req_done, &wait);
 	skcipher_request_set_crypt(req, &src, &dst, vec->len, iv);
 	vec->crypt_error = crypto_wait_req(crypto_skcipher_encrypt(req), &wait);
+	if (vec->crypt_error != 0) {
+		/*
+		 * The only acceptable error here is for an invalid length, so
+		 * skcipher decryption should fail with the same error too.
+		 * We'll test for this.  But to keep the API usage well-defined,
+		 * explicitly initialize the ciphertext buffer too.
+		 */
+		memset((u8 *)vec->ctext, 0, vec->len);
+	}
 done:
 	snprintf(name, max_namelen, "\"random: len=%u klen=%u\"",
 		 vec->len, vec->klen);
-- 
2.20.1


_______________________________________________
linux-arm-kernel mailing list
linux-arm-kernel@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/linux-arm-kernel

  parent reply index

Thread overview: 68+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
     [not found] <20200214160149.11681-1-sashal@kernel.org>
2020-02-14 15:54 ` [PATCH AUTOSEL 5.4 009/459] soc: fsl: qe: change return type of cpm_muram_alloc() to s32 Sasha Levin
2020-02-14 15:54 ` Sasha Levin [this message]
2020-02-14 15:54 ` [PATCH AUTOSEL 5.4 015/459] media: meson: add missing allocation failure check on new_buf Sasha Levin
2020-02-14 15:54 ` [PATCH AUTOSEL 5.4 016/459] clk: meson: g12a: fix missing uart2 in regmap table Sasha Levin
2020-02-14 15:54 ` [PATCH AUTOSEL 5.4 017/459] clk: meson: pll: Fix by 0 division in __pll_params_to_rate() Sasha Levin
2020-02-14 15:54 ` [PATCH AUTOSEL 5.4 037/459] media: sun4i-csi: Deal with DRAM offset Sasha Levin
2020-02-14 15:54 ` [PATCH AUTOSEL 5.4 038/459] media: sun4i-csi: Fix data sampling polarity handling Sasha Levin
2020-02-14 15:54 ` [PATCH AUTOSEL 5.4 040/459] media: sun4i-csi: Fix [HV]sync " Sasha Levin
2020-02-14 15:54 ` [PATCH AUTOSEL 5.4 041/459] clk: at91: sam9x60: fix programmable clock prescaler Sasha Levin
2020-02-14 15:54 ` [PATCH AUTOSEL 5.4 043/459] clk: meson: meson8b: make the CCF use the glitch-free mali mux Sasha Levin
2020-02-14 15:55 ` [PATCH AUTOSEL 5.4 050/459] arm64: dts: marvell: clearfog-gt-8k: fix switch cpu port node Sasha Levin
2020-02-14 15:55 ` [PATCH AUTOSEL 5.4 064/459] arm64: cpufeature: Fix the type of no FP/SIMD capability Sasha Levin
2020-02-14 15:55 ` [PATCH AUTOSEL 5.4 069/459] clocksource/drivers/bcm2835_timer: Fix memory leak of timer Sasha Levin
2020-02-14 15:55 ` [PATCH AUTOSEL 5.4 079/459] scsi: ufs: Fix ufshcd_probe_hba() reture value in case ufshcd_scsi_add_wlus() fails Sasha Levin
2020-02-14 15:55 ` [PATCH AUTOSEL 5.4 090/459] ARM: 8952/1: Disable kmemleak on XIP kernels Sasha Levin
2020-02-14 15:55 ` [PATCH AUTOSEL 5.4 097/459] drivers: watchdog: stm32_iwdg: set WDOG_HW_RUNNING at probe Sasha Levin
2020-02-14 15:56 ` [PATCH AUTOSEL 5.4 148/459] arm64: dts: rockchip: Fix NanoPC-T4 cooling maps Sasha Levin
2020-02-14 15:56 ` [PATCH AUTOSEL 5.4 150/459] arm64: dts: uDPU: fix broken ethernet Sasha Levin
2020-02-14 15:56 ` [PATCH AUTOSEL 5.4 159/459] arm64: dts: allwinner: H6: Add PMU mode Sasha Levin
2020-02-14 15:56 ` [PATCH AUTOSEL 5.4 160/459] arm64: dts: allwinner: H5: Add PMU node Sasha Levin
2020-02-14 15:56 ` [PATCH AUTOSEL 5.4 161/459] arm: dts: allwinner: H3: " Sasha Levin
2020-02-14 15:56 ` [PATCH AUTOSEL 5.4 163/459] ARM: dts: at91: Reenable UART TX pull-ups Sasha Levin
2020-02-14 15:57 ` [PATCH AUTOSEL 5.4 171/459] clk: imx: Add correct failure handling for clk based helpers Sasha Levin
2020-02-14 15:57 ` [PATCH AUTOSEL 5.4 172/459] ARM: exynos_defconfig: Bring back explicitly wanted options Sasha Levin
2020-02-14 15:57 ` [PATCH AUTOSEL 5.4 173/459] ARM: dts: imx6: rdu2: Disable WP for USDHC2 and USDHC3 Sasha Levin
2020-02-14 15:57 ` [PATCH AUTOSEL 5.4 174/459] ARM: dts: imx6: rdu2: Limit USBH1 to Full Speed Sasha Levin
2020-02-14 15:57 ` [PATCH AUTOSEL 5.4 177/459] PCI: iproc: Apply quirk_paxc_bridge() for module as well as built-in Sasha Levin
2020-02-14 15:57 ` [PATCH AUTOSEL 5.4 190/459] ARM: OMAP2+: pdata-quirks: add PRM data for reset support Sasha Levin
2020-02-14 15:57 ` [PATCH AUTOSEL 5.4 191/459] ARM: OMAP2+: Add workaround for DRA7 DSP MStandby errata i879 Sasha Levin
2020-02-14 18:32   ` Suman Anna
2020-02-14 15:57 ` [PATCH AUTOSEL 5.4 192/459] ARM: OMAP2+: use separate IOMMU pdata to fix DRA7 IPU1 boot Sasha Levin
2020-02-14 18:33   ` Suman Anna
2020-02-14 15:57 ` [PATCH AUTOSEL 5.4 195/459] Revert "tty/serial: atmel: fix out of range clock divider handling" Sasha Levin
2020-02-14 15:57 ` [PATCH AUTOSEL 5.4 212/459] drm/mediatek: handle events when enabling/disabling crtc Sasha Levin
2020-02-14 15:57 ` [PATCH AUTOSEL 5.4 226/459] dmaengine: imx-sdma: Fix memory leak Sasha Levin
2020-02-14 15:58 ` [PATCH AUTOSEL 5.4 232/459] PM / devfreq: exynos-ppmu: Fix excessive stack usage Sasha Levin
2020-02-14 15:58 ` [PATCH AUTOSEL 5.4 237/459] reset: uniphier: Add SCSSI reset control for each channel Sasha Levin
2020-02-14 15:58 ` [PATCH AUTOSEL 5.4 241/459] clk: sunxi-ng: add mux and pll notifiers for A64 CPU clock Sasha Levin
2020-02-14 15:58 ` [PATCH AUTOSEL 5.4 244/459] clk: uniphier: Add SCSSI clock gate for each channel Sasha Levin
2020-02-14 15:58 ` [PATCH AUTOSEL 5.4 261/459] ARM: dts: meson8: use the actual frequency for the GPU's 182.1MHz OPP Sasha Levin
2020-02-14 15:58 ` [PATCH AUTOSEL 5.4 262/459] ARM: dts: meson8b: use the actual frequency for the GPU's 364MHz OPP Sasha Levin
2020-02-14 15:58 ` [PATCH AUTOSEL 5.4 263/459] soc: fsl: qe: remove set but not used variable 'mm_gc' Sasha Levin
2020-02-14 15:58 ` [PATCH AUTOSEL 5.4 265/459] crypto: atmel-sha - fix error handling when setting hmac key Sasha Levin
2020-02-14 15:58 ` [PATCH AUTOSEL 5.4 267/459] ARM: dts: stm32: Add power-supply for DSI panel on stm32f469-disco Sasha Levin
2020-02-14 15:58 ` [PATCH AUTOSEL 5.4 270/459] drm/mediatek: Add gamma property according to hardware capability Sasha Levin
2020-02-14 15:58 ` [PATCH AUTOSEL 5.4 271/459] iommu/arm-smmu-v3: Populate VMID field for CMDQ_OP_TLBI_NH_VA Sasha Levin
2020-02-14 15:58 ` [PATCH AUTOSEL 5.4 277/459] ARM: dts: at91: sama5d3: fix maximum peripheral clock rates Sasha Levin
2020-02-14 15:58 ` [PATCH AUTOSEL 5.4 278/459] ARM: dts: at91: sama5d3: define clock rate range for tcb1 Sasha Levin
2020-02-14 15:58 ` [PATCH AUTOSEL 5.4 281/459] ARM: at91: pm: use SAM9X60 PMC's compatible Sasha Levin
2020-02-14 15:58 ` [PATCH AUTOSEL 5.4 282/459] ARM: at91: pm: use of_device_id array to find the proper shdwc node Sasha Levin
2020-02-14 15:58 ` [PATCH AUTOSEL 5.4 288/459] arm64: dts: rockchip: fix dwmmc clock name for px30 Sasha Levin
2020-02-14 15:58 ` [PATCH AUTOSEL 5.4 289/459] arm64: dts: rockchip: add reg property to brcmf sub-nodes Sasha Levin
2020-02-14 15:59 ` [PATCH AUTOSEL 5.4 290/459] ARM: dts: rockchip: add reg property to brcmf sub node for rk3188-bqedison2qc Sasha Levin
2020-02-14 15:59 ` [PATCH AUTOSEL 5.4 292/459] ASoC: atmel: fix build error with CONFIG_SND_ATMEL_SOC_DMA=m Sasha Levin
2020-02-14 15:59 ` [PATCH AUTOSEL 5.4 299/459] misc: xilinx_sdfec: fix xsdfec_poll()'s return type Sasha Levin
2020-02-15 20:52   ` Dragan Cvetic
2020-02-14 15:59 ` [PATCH AUTOSEL 5.4 305/459] arm64: cpufeature: Set the FP/SIMD compat HWCAP bits properly Sasha Levin
2020-02-14 15:59 ` [PATCH AUTOSEL 5.4 306/459] arm64: ptrace: nofpsimd: Fail FP/SIMD regset operations Sasha Levin
2020-02-14 15:59 ` [PATCH AUTOSEL 5.4 317/459] perf/imx_ddr: Fix cpu hotplug state cleanup Sasha Levin
2020-02-14 15:59 ` [PATCH AUTOSEL 5.4 322/459] iommu/arm-smmu-v3: Use WRITE_ONCE() when changing validity of an STE Sasha Levin
2020-02-14 15:59 ` [PATCH AUTOSEL 5.4 327/459] scsi: ufs: pass device information to apply_dev_quirks Sasha Levin
2020-02-14 15:59 ` [PATCH AUTOSEL 5.4 328/459] scsi: ufs-mediatek: add apply_dev_quirks variant operation Sasha Levin
2020-02-14 15:59 ` [PATCH AUTOSEL 5.4 334/459] arm64: lse: fix LSE atomics with LLVM's integrated assembler Sasha Levin
2020-02-14 15:59 ` [PATCH AUTOSEL 5.4 335/459] arm64: fix alternatives " Sasha Levin
2020-02-14 15:59 ` [PATCH AUTOSEL 5.4 342/459] arm64: dts: ti: k3-j721e-main: Add missing power-domains for smmu Sasha Levin
2020-02-14 15:59 ` [PATCH AUTOSEL 5.4 347/459] ACPI/IORT: Fix 'Number of IDs' handling in iort_id_map() Sasha Levin
2020-02-14 16:00 ` [PATCH AUTOSEL 5.4 402/459] ARM: 8949/1: mm: mark free_memmap as __init Sasha Levin
2020-02-14 16:00 ` [PATCH AUTOSEL 5.4 403/459] ARM: 8951/1: Fix Kexec compilation issue Sasha Levin

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20200214160149.11681-13-sashal@kernel.org \
    --to=sashal@kernel.org \
    --cc=ebiggers@google.com \
    --cc=herbert@gondor.apana.org.au \
    --cc=linux-arm-kernel@lists.infradead.org \
    --cc=linux-crypto@vger.kernel.org \
    --cc=linux-kernel@vger.kernel.org \
    --cc=linux-stm32@st-md-mailman.stormreply.com \
    --cc=pvanleeuwen@verimatrix.com \
    --cc=stable@vger.kernel.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Linux-ARM-Kernel Archive on lore.kernel.org

Archives are clonable:
	git clone --mirror https://lore.kernel.org/linux-arm-kernel/0 linux-arm-kernel/git/0.git
	git clone --mirror https://lore.kernel.org/linux-arm-kernel/1 linux-arm-kernel/git/1.git

	# If you have public-inbox 1.1+ installed, you may
	# initialize and index your mirror using the following commands:
	public-inbox-init -V2 linux-arm-kernel linux-arm-kernel/ https://lore.kernel.org/linux-arm-kernel \
		linux-arm-kernel@lists.infradead.org
	public-inbox-index linux-arm-kernel

Example config snippet for mirrors

Newsgroup available over NNTP:
	nntp://nntp.lore.kernel.org/org.infradead.lists.linux-arm-kernel


AGPL code for this site: git clone https://public-inbox.org/public-inbox.git