| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu, 5 Dec 2019 09:36:28 +0000
From: Ard Biesheuvel <ard.biesheuvel@...aro.org>
To: Guillaume Tucker <guillaume.tucker@...labora.com>,
Eric Biggers <ebiggers@...nel.org>,
Herbert Xu <herbert@...dor.apana.org.au>
Cc: Ard Biesheuvel <ardb@...nel.org>, mgalka@...labora.com,
Mark Brown <broonie@...nel.org>,
Enric Balletbo i Serra <enric.balletbo@...labora.com>,
tomeu.vizoso@...labora.com, Kevin Hilman <khilman@...libre.com>,
Maxime Coquelin <mcoquelin.stm32@...il.com>,
linux-stm32@...md-mailman.stormreply.com,
linux-arm-kernel <linux-arm-kernel@...ts.infradead.org>,
"open list:HARDWARE RANDOM NUMBER GENERATOR CORE"
<linux-crypto@...r.kernel.org>,
Linux Kernel Mailing List <linux-kernel@...r.kernel.org>,
Alexandre Torgue <alexandre.torgue@...com>,
"David S. Miller" <davem@...emloft.net>
Subject: Re: ardb/for-kernelci bisection: boot on rk3288-rock2-square
(+ Eric)
On Wed, 4 Dec 2019 at 17:17, Guillaume Tucker
<guillaume.tucker@...labora.com> wrote:
>
> On 04/12/2019 15:31, kernelci.org bot wrote:
> > * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *
> > * This automated bisection report was sent to you on the basis *
> > * that you may be involved with the breaking commit it has *
> > * found. No manual investigation has been done to verify it, *
> > * and the root cause of the problem may be somewhere else. *
> > * *
> > * If you do send a fix, please include this trailer: *
> > * Reported-by: "kernelci.org bot" <bot@...nelci.org> *
> > * *
> > * Hope this helps! *
> > * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *
> >
> > ardb/for-kernelci bisection: boot on rk3288-rock2-square
> >
> > Summary:
> > Start: 16839329da69 enable extra tests by default
> > Details: https://kernelci.org/boot/id/5de79104990bc03e5a960f0b
> > Plain log: https://storage.kernelci.org//ardb/for-kernelci/v5.4-9340-g16839329da69/arm/multi_v7_defconfig+CONFIG_EFI=y+CONFIG_ARM_LPAE=y/gcc-8/lab-collabora/boot-rk3288-rock2-square.txt
> > HTML log: https://storage.kernelci.org//ardb/for-kernelci/v5.4-9340-g16839329da69/arm/multi_v7_defconfig+CONFIG_EFI=y+CONFIG_ARM_LPAE=y/gcc-8/lab-collabora/boot-rk3288-rock2-square.html
> > Result: 16839329da69 enable extra tests by default
> >
> > Checks:
> > revert: PASS
> > verify: PASS
> >
> > Parameters:
> > Tree: ardb
> > URL: git://git.kernel.org/pub/scm/linux/kernel/git/ardb/linux.git
> > Branch: for-kernelci
> > Target: rk3288-rock2-square
> > CPU arch: arm
> > Lab: lab-collabora
> > Compiler: gcc-8
> > Config: multi_v7_defconfig+CONFIG_EFI=y+CONFIG_ARM_LPAE=y
> > Test suite: boot
> >
> > Breaking commit found:
> >
> > -------------------------------------------------------------------------------
> > commit 16839329da69263e7360f3819bae01bcf4b220ec
> > Author: Ard Biesheuvel <ardb@...nel.org>
> > Date: Tue Dec 3 12:29:31 2019 +0000
> >
> > enable extra tests by default
> >
> > diff --git a/crypto/Kconfig b/crypto/Kconfig
> > index 5575d48473bd..36af840aa820 100644
> > --- a/crypto/Kconfig
> > +++ b/crypto/Kconfig
> > @@ -140,7 +140,6 @@ if CRYPTO_MANAGER2
> >
> > config CRYPTO_MANAGER_DISABLE_TESTS
> > bool "Disable run-time self tests"
> > - default y
> > help
> > Disable run-time self tests that normally take place at
> > algorithm registration.
> > @@ -148,6 +147,7 @@ config CRYPTO_MANAGER_DISABLE_TESTS
> > config CRYPTO_MANAGER_EXTRA_TESTS
> > bool "Enable extra run-time crypto self tests"
> > depends on DEBUG_KERNEL && !CRYPTO_MANAGER_DISABLE_TESTS
> > + default y
> > help
> > Enable extra run-time self tests of registered crypto algorithms,
> > including randomized fuzz tests.
> > diff --git a/crypto/testmgr.c b/crypto/testmgr.c
> > index 88f33c0efb23..5df87bcf6c4d 100644
> > --- a/crypto/testmgr.c
> > +++ b/crypto/testmgr.c
> > @@ -40,7 +40,7 @@ static bool notests;
> > module_param(notests, bool, 0644);
> > MODULE_PARM_DESC(notests, "disable crypto self-tests");
> >
> > -static bool panic_on_fail;
> > +static bool panic_on_fail = true;
> > module_param(panic_on_fail, bool, 0444);
> >
> > #ifdef CONFIG_CRYPTO_MANAGER_EXTRA_TESTS
> > -------------------------------------------------------------------------------
>
>
> Seems legit, from the log:
>
> <3>[ 18.186181] rk3288-crypto ff8a0000.cypto-controller: [rk_load_data:123] pcopy err
> <3>[ 18.199432] alg: skcipher: ecb-aes-rk encryption failed on test vector \"random: len=0 klen=32\"; expected_error=0, actual_error=-22, cfg=\"random: inplace use_finup nosimd src_divs=[100.0%@...54] key_offset=16\"
> <0>[ 18.220458] Kernel panic - not syncing: alg: self-tests for ecb-aes-rk (ecb(aes)) failed in panic_on_fail mode!
>
> Let me know if you need any help with testing a fix on this
> platform or anything.
>
This is an expected failure. I pushed this to my branch to check if
Eric's new AEAD testing code identifies any new problems on the
hardware we have in kernelCI, but it only found stuff we already knew
about.
> Also, as you probably only want this to be enabled in KernelCI
> and not merged upstream, we could have a config fragment to
> enable the config with your branch and maybe even others.
>
It would be *very* helpful if we could add Herbert's cryptodev branch
[0] to kernelCI with a kconfig fragment that turns off
CRYPTO_MANAGER_DISABLE_TESTS and turns on CRYPTO_MANAGER_EXTRA_TESTS,
and passes cryptomgr.panic_on_fail=1 on the kernel command line. That
way, we'll have rolling coverage of just the crypto changes queued up
in linux-next, but tested thoroughly on actual hardware, and without
the need to carry patches like the above to trigger the tests
explicitly.
[0] https://git.kernel.org/pub/scm/linux/kernel/git/herbert/cryptodev-2.6.git/
Powered by blists - more mailing lists