lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20221202005814.GD69385@mutt>
Date:   Fri, 2 Dec 2022 01:58:14 +0100
From:   Anders Roxell <anders.roxell@...aro.org>
To:     Kees Cook <keescook@...omium.org>
Cc:     Horia Geantă <horia.geanta@....com>,
        Pankaj Gupta <pankaj.gupta@....com>,
        Gaurav Jain <gaurav.jain@....com>,
        Herbert Xu <herbert@...dor.apana.org.au>,
        "David S. Miller" <davem@...emloft.net>,
        linux-crypto@...r.kernel.org, kernel test robot <lkp@...el.com>,
        linux-kernel@...r.kernel.org, linux-hardening@...r.kernel.org
Subject: Re: [PATCH] crypto/caam: Avoid GCC constprop bug warning

On 2022-10-28 14:05, Kees Cook wrote:
> GCC 12 appears to perform constant propagation incompletely(?) and can
> no longer notice that "len" is always 0 when "data" is NULL. Expand the
> check to avoid warnings about memcpy() having a NULL argument:
> 
>    ...
>                     from drivers/crypto/caam/key_gen.c:8:
>    drivers/crypto/caam/desc_constr.h: In function 'append_data.constprop':
>    include/linux/fortify-string.h:48:33: warning: argument 2 null where non-null expected [-Wnonnull]
>       48 | #define __underlying_memcpy     __builtin_memcpy
>          |                                 ^
>    include/linux/fortify-string.h:438:9: note: in expansion of macro '__underlying_memcpy'
>      438 |         __underlying_##op(p, q, __fortify_size);                        \
>          |         ^~~~~~~~~~~~~
> 
> The NULL was being propagated from:
> 
>         append_fifo_load_as_imm(desc, NULL, 0, LDST_CLASS_2_CCB |
>                                 FIFOLD_TYPE_MSG | FIFOLD_TYPE_LAST2);
> ...
> static inline void append_##cmd##_as_imm(u32 * const desc, const void *data, \
>                                          unsigned int len, u32 options) \
> { \
>         PRINT_POS; \
>         append_cmd_data(desc, data, len, CMD_##op | options); \
> }
> ...
> APPEND_CMD_PTR_TO_IMM(fifo_load, FIFO_LOAD);
> ...
> static inline void append_cmd_data(u32 * const desc, const void *data, int len,
>                                    u32 command)
> {
>         append_cmd(desc, command | IMMEDIATE | len);
>         append_data(desc, data, len);
> }
> 
> Cc: "Horia Geantă" <horia.geanta@....com>
> Cc: Pankaj Gupta <pankaj.gupta@....com>
> Cc: Gaurav Jain <gaurav.jain@....com>
> Cc: Herbert Xu <herbert@...dor.apana.org.au>
> Cc: "David S. Miller" <davem@...emloft.net>
> Cc: linux-crypto@...r.kernel.org
> Reported-by: kernel test robot <lkp@...el.com>
> Link: https://lore.kernel.org/lkml/202210290446.qBayTfzl-lkp@intel.com
> Signed-off-by: Kees Cook <keescook@...omium.org>


Tested-by: Anders Roxell <anders.roxell@...aro.org>

> ---
>  drivers/crypto/caam/desc_constr.h | 2 +-
>  1 file changed, 1 insertion(+), 1 deletion(-)
> 
> diff --git a/drivers/crypto/caam/desc_constr.h b/drivers/crypto/caam/desc_constr.h
> index 62ce6421bb3f..ddbba8b00ab7 100644
> --- a/drivers/crypto/caam/desc_constr.h
> +++ b/drivers/crypto/caam/desc_constr.h
> @@ -163,7 +163,7 @@ static inline void append_data(u32 * const desc, const void *data, int len)
>  {
>  	u32 *offset = desc_end(desc);
>  
> -	if (len) /* avoid sparse warning: memcpy with byte count of 0 */
> +	if (data && len) /* avoid sparse warning: memcpy with byte count of 0 */

Maybe we should update the comment, since newer releases of sparse
doesn't warn about this.


Cheers,
Anders

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ