lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Message-ID: <202110011150.YtrcL6xt-lkp@intel.com>
Date:   Mon, 4 Oct 2021 13:41:46 +0300
From:   Dan Carpenter <dan.carpenter@...cle.com>
To:     kbuild@...ts.01.org, Megha Dey <megha.dey@...el.com>
Cc:     lkp@...el.com, kbuild-all@...ts.01.org,
        linux-kernel@...r.kernel.org,
        Tomasz Kantecki <tomasz.kantecki@...el.com>
Subject: [meghadey-crypto:crypto-avx512 5/6]
 arch/x86/crypto/aesni-intel_glue.c:725 gcmaes_crypt_by_sg() warn: possible
 memory leak of 'data'

tree:   https://github.com/meghadey/crypto crypto-avx512
head:   9c8c2ca77f6e2575a130bddb9767d068e1162d71
commit: 377aede9f10ee28be954473668bc6d33c6c9db75 [5/6] crypto: aesni - AVX512 version of AESNI-GCM using VPCLMULQDQ
config: x86_64-randconfig-m001-20210930 (attached as .config)
compiler: gcc-9 (Debian 9.3.0-22) 9.3.0

If you fix the issue, kindly add following tag as appropriate
Reported-by: kernel test robot <lkp@...el.com>
Reported-by: Dan Carpenter <dan.carpenter@...cle.com>

smatch warnings:
arch/x86/crypto/aesni-intel_glue.c:725 gcmaes_crypt_by_sg() warn: possible memory leak of 'data'

vim +/data +725 arch/x86/crypto/aesni-intel_glue.c

e845520707f85c Dave Watson     2018-02-14  677  static int gcmaes_crypt_by_sg(bool enc, struct aead_request *req,
e845520707f85c Dave Watson     2018-02-14  678  			      unsigned int assoclen, u8 *hash_subkey,
83c83e658863e4 Ard Biesheuvel  2021-01-04  679  			      u8 *iv, void *aes_ctx, u8 *auth_tag,
83c83e658863e4 Ard Biesheuvel  2021-01-04  680  			      unsigned long auth_tag_len)
e845520707f85c Dave Watson     2018-02-14  681  {
a13ed1d15b07a0 Ard Biesheuvel  2021-01-04  682  	u8 databuf[sizeof(struct gcm_context_data) + (AESNI_ALIGN - 8)] __aligned(8);
a13ed1d15b07a0 Ard Biesheuvel  2021-01-04  683  	struct gcm_context_data *data = PTR_ALIGN((void *)databuf, AESNI_ALIGN);
e845520707f85c Dave Watson     2018-02-14  684  	unsigned long left = req->cryptlen;
e845520707f85c Dave Watson     2018-02-14  685  	struct scatter_walk assoc_sg_walk;
83c83e658863e4 Ard Biesheuvel  2021-01-04  686  	struct skcipher_walk walk;
d6cbf4eaa46794 Ard Biesheuvel  2021-01-04  687  	bool do_avx, do_avx2;
e845520707f85c Dave Watson     2018-02-14  688  	u8 *assocmem = NULL;
83c83e658863e4 Ard Biesheuvel  2021-01-04  689  	u8 *assoc;
83c83e658863e4 Ard Biesheuvel  2021-01-04  690  	int err;
377aede9f10ee2 Megha Dey       2021-01-20  691  	int hash_key_size;
377aede9f10ee2 Megha Dey       2021-01-20  692  
377aede9f10ee2 Megha Dey       2021-01-20  693  	if (static_branch_likely(&gcm_use_avx512))
377aede9f10ee2 Megha Dey       2021-01-20  694  		hash_key_size = 16 * GCM_AVX512_NUM_HASH_KEYS;
377aede9f10ee2 Megha Dey       2021-01-20  695  	else
377aede9f10ee2 Megha Dey       2021-01-20  696  		hash_key_size = 16 * GCM_BLOCK_LEN;
377aede9f10ee2 Megha Dey       2021-01-20  697  
377aede9f10ee2 Megha Dey       2021-01-20  698  	/* Allocate gcm_context_data structure on the heap. With the
377aede9f10ee2 Megha Dey       2021-01-20  699  	 * VPCLMULQDQ version of GCM needing 48 hashkeys, allocating
377aede9f10ee2 Megha Dey       2021-01-20  700  	 * this structure on the stack will inflate its size significantly.
377aede9f10ee2 Megha Dey       2021-01-20  701  	 */
377aede9f10ee2 Megha Dey       2021-01-20  702  	data = kzalloc(sizeof(*data) + hash_key_size, GFP_KERNEL);
                                                        ^^^^^^^^^^^^^^^

377aede9f10ee2 Megha Dey       2021-01-20  703  	if (!data) {
377aede9f10ee2 Megha Dey       2021-01-20  704  		kfree(data);
                                                                ^^^^^^^^^^^^
This is unnecessary.

377aede9f10ee2 Megha Dey       2021-01-20  705  		return -ENOMEM;
377aede9f10ee2 Megha Dey       2021-01-20  706  	}
e845520707f85c Dave Watson     2018-02-14  707  
e845520707f85c Dave Watson     2018-02-14  708  	if (!enc)
e845520707f85c Dave Watson     2018-02-14  709  		left -= auth_tag_len;
e845520707f85c Dave Watson     2018-02-14  710  
d6cbf4eaa46794 Ard Biesheuvel  2021-01-04  711  	do_avx = (left >= AVX_GEN2_OPTSIZE);
d6cbf4eaa46794 Ard Biesheuvel  2021-01-04  712  	do_avx2 = (left >= AVX_GEN4_OPTSIZE);
603f8c3b0dbbe2 Dave Watson     2018-12-10  713  
e845520707f85c Dave Watson     2018-02-14  714  	/* Linearize assoc, if not already linear */
2694e23ffd210c Ard Biesheuvel  2021-01-04  715  	if (req->src->length >= assoclen && req->src->length) {
e845520707f85c Dave Watson     2018-02-14  716  		scatterwalk_start(&assoc_sg_walk, req->src);
e845520707f85c Dave Watson     2018-02-14  717  		assoc = scatterwalk_map(&assoc_sg_walk);
e845520707f85c Dave Watson     2018-02-14  718  	} else {
2694e23ffd210c Ard Biesheuvel  2021-01-04  719  		gfp_t flags = (req->base.flags & CRYPTO_TFM_REQ_MAY_SLEEP) ?
2694e23ffd210c Ard Biesheuvel  2021-01-04  720  			      GFP_KERNEL : GFP_ATOMIC;
2694e23ffd210c Ard Biesheuvel  2021-01-04  721  
e845520707f85c Dave Watson     2018-02-14  722  		/* assoc can be any length, so must be on heap */
2694e23ffd210c Ard Biesheuvel  2021-01-04  723  		assocmem = kmalloc(assoclen, flags);
e845520707f85c Dave Watson     2018-02-14  724  		if (unlikely(!assocmem))
e845520707f85c Dave Watson     2018-02-14 @725  			return -ENOMEM;

kfree(data) (also below).

e845520707f85c Dave Watson     2018-02-14  726  		assoc = assocmem;
e845520707f85c Dave Watson     2018-02-14  727  
e845520707f85c Dave Watson     2018-02-14  728  		scatterwalk_map_and_copy(assoc, req->src, 0, assoclen, 0);
e845520707f85c Dave Watson     2018-02-14  729  	}
e845520707f85c Dave Watson     2018-02-14  730  
e845520707f85c Dave Watson     2018-02-14  731  	kernel_fpu_begin();
377aede9f10ee2 Megha Dey       2021-01-20  732  
377aede9f10ee2 Megha Dey       2021-01-20  733  	if (static_branch_likely(&gcm_use_avx512) &&
377aede9f10ee2 Megha Dey       2021-01-20  734  				IS_ENABLED(CONFIG_CRYPTO_AES_GCM_AVX512))
377aede9f10ee2 Megha Dey       2021-01-20  735  		aesni_gcm_init_avx_512(aes_ctx, data, iv, hash_subkey, assoc,
377aede9f10ee2 Megha Dey       2021-01-20  736  				       assoclen);
377aede9f10ee2 Megha Dey       2021-01-20  737  	else if (static_branch_likely(&gcm_use_avx2) && do_avx2)
d6cbf4eaa46794 Ard Biesheuvel  2021-01-04  738  		aesni_gcm_init_avx_gen4(aes_ctx, data, iv, hash_subkey, assoc,
d6cbf4eaa46794 Ard Biesheuvel  2021-01-04  739  					assoclen);
d6cbf4eaa46794 Ard Biesheuvel  2021-01-04  740  	else if (static_branch_likely(&gcm_use_avx) && do_avx)
d6cbf4eaa46794 Ard Biesheuvel  2021-01-04  741  		aesni_gcm_init_avx_gen2(aes_ctx, data, iv, hash_subkey, assoc,
d6cbf4eaa46794 Ard Biesheuvel  2021-01-04  742  					assoclen);
d6cbf4eaa46794 Ard Biesheuvel  2021-01-04  743  	else
d6cbf4eaa46794 Ard Biesheuvel  2021-01-04  744  		aesni_gcm_init(aes_ctx, data, iv, hash_subkey, assoc, assoclen);
e845520707f85c Dave Watson     2018-02-14  745  	kernel_fpu_end();
e845520707f85c Dave Watson     2018-02-14  746  
e845520707f85c Dave Watson     2018-02-14  747  	if (!assocmem)
e845520707f85c Dave Watson     2018-02-14  748  		scatterwalk_unmap(assoc);
e845520707f85c Dave Watson     2018-02-14  749  	else
e845520707f85c Dave Watson     2018-02-14  750  		kfree(assocmem);
e845520707f85c Dave Watson     2018-02-14  751  
83c83e658863e4 Ard Biesheuvel  2021-01-04  752  	err = enc ? skcipher_walk_aead_encrypt(&walk, req, false)
83c83e658863e4 Ard Biesheuvel  2021-01-04  753  		  : skcipher_walk_aead_decrypt(&walk, req, false);
e845520707f85c Dave Watson     2018-02-14  754  
83c83e658863e4 Ard Biesheuvel  2021-01-04  755  	while (walk.nbytes > 0) {
83c83e658863e4 Ard Biesheuvel  2021-01-04  756  		kernel_fpu_begin();
377aede9f10ee2 Megha Dey       2021-01-20  757  		if (static_branch_likely(&gcm_use_avx512)
377aede9f10ee2 Megha Dey       2021-01-20  758  				&& IS_ENABLED(CONFIG_CRYPTO_AES_GCM_AVX512)) {
377aede9f10ee2 Megha Dey       2021-01-20  759  			if (enc)
377aede9f10ee2 Megha Dey       2021-01-20  760  				aesni_gcm_enc_update_avx_512(aes_ctx, data,
377aede9f10ee2 Megha Dey       2021-01-20  761  							     walk.dst.virt.addr,
377aede9f10ee2 Megha Dey       2021-01-20  762  							     walk.src.virt.addr,
377aede9f10ee2 Megha Dey       2021-01-20  763  							     walk.nbytes);
377aede9f10ee2 Megha Dey       2021-01-20  764  			else
377aede9f10ee2 Megha Dey       2021-01-20  765  				aesni_gcm_dec_update_avx_512(aes_ctx, data,
377aede9f10ee2 Megha Dey       2021-01-20  766  							     walk.dst.virt.addr,
377aede9f10ee2 Megha Dey       2021-01-20  767  							     walk.src.virt.addr,
377aede9f10ee2 Megha Dey       2021-01-20  768  							     walk.nbytes);
377aede9f10ee2 Megha Dey       2021-01-20  769  		} else if (static_branch_likely(&gcm_use_avx2) && do_avx2) {
d6cbf4eaa46794 Ard Biesheuvel  2021-01-04  770  			if (enc)
d6cbf4eaa46794 Ard Biesheuvel  2021-01-04  771  				aesni_gcm_enc_update_avx_gen4(aes_ctx, data,
d6cbf4eaa46794 Ard Biesheuvel  2021-01-04  772  							      walk.dst.virt.addr,
d6cbf4eaa46794 Ard Biesheuvel  2021-01-04  773  							      walk.src.virt.addr,
d6cbf4eaa46794 Ard Biesheuvel  2021-01-04  774  							      walk.nbytes);
d6cbf4eaa46794 Ard Biesheuvel  2021-01-04  775  			else
d6cbf4eaa46794 Ard Biesheuvel  2021-01-04  776  				aesni_gcm_dec_update_avx_gen4(aes_ctx, data,
d6cbf4eaa46794 Ard Biesheuvel  2021-01-04  777  							      walk.dst.virt.addr,
d6cbf4eaa46794 Ard Biesheuvel  2021-01-04  778  							      walk.src.virt.addr,
d6cbf4eaa46794 Ard Biesheuvel  2021-01-04  779  							      walk.nbytes);
d6cbf4eaa46794 Ard Biesheuvel  2021-01-04  780  		} else if (static_branch_likely(&gcm_use_avx) && do_avx) {
d6cbf4eaa46794 Ard Biesheuvel  2021-01-04  781  			if (enc)
d6cbf4eaa46794 Ard Biesheuvel  2021-01-04  782  				aesni_gcm_enc_update_avx_gen2(aes_ctx, data,
d6cbf4eaa46794 Ard Biesheuvel  2021-01-04  783  							      walk.dst.virt.addr,
d6cbf4eaa46794 Ard Biesheuvel  2021-01-04  784  							      walk.src.virt.addr,
d6cbf4eaa46794 Ard Biesheuvel  2021-01-04  785  							      walk.nbytes);
d6cbf4eaa46794 Ard Biesheuvel  2021-01-04  786  			else
d6cbf4eaa46794 Ard Biesheuvel  2021-01-04  787  				aesni_gcm_dec_update_avx_gen2(aes_ctx, data,
d6cbf4eaa46794 Ard Biesheuvel  2021-01-04  788  							      walk.dst.virt.addr,
d6cbf4eaa46794 Ard Biesheuvel  2021-01-04  789  							      walk.src.virt.addr,
d6cbf4eaa46794 Ard Biesheuvel  2021-01-04  790  							      walk.nbytes);
d6cbf4eaa46794 Ard Biesheuvel  2021-01-04  791  		} else if (enc) {
d6cbf4eaa46794 Ard Biesheuvel  2021-01-04  792  			aesni_gcm_enc_update(aes_ctx, data, walk.dst.virt.addr,
83c83e658863e4 Ard Biesheuvel  2021-01-04  793  					     walk.src.virt.addr, walk.nbytes);
d6cbf4eaa46794 Ard Biesheuvel  2021-01-04  794  		} else {
d6cbf4eaa46794 Ard Biesheuvel  2021-01-04  795  			aesni_gcm_dec_update(aes_ctx, data, walk.dst.virt.addr,
d6cbf4eaa46794 Ard Biesheuvel  2021-01-04  796  					     walk.src.virt.addr, walk.nbytes);
d6cbf4eaa46794 Ard Biesheuvel  2021-01-04  797  		}
83c83e658863e4 Ard Biesheuvel  2021-01-04  798  		kernel_fpu_end();
e845520707f85c Dave Watson     2018-02-14  799  
83c83e658863e4 Ard Biesheuvel  2021-01-04  800  		err = skcipher_walk_done(&walk, 0);
e845520707f85c Dave Watson     2018-02-14  801  	}
e845520707f85c Dave Watson     2018-02-14  802  
83c83e658863e4 Ard Biesheuvel  2021-01-04  803  	if (err)
83c83e658863e4 Ard Biesheuvel  2021-01-04  804  		return err;

Here too.

83c83e658863e4 Ard Biesheuvel  2021-01-04  805  
83c83e658863e4 Ard Biesheuvel  2021-01-04  806  	kernel_fpu_begin();
377aede9f10ee2 Megha Dey       2021-01-20  807  	if (static_branch_likely(&gcm_use_avx512) &&
377aede9f10ee2 Megha Dey       2021-01-20  808  				IS_ENABLED(CONFIG_CRYPTO_AES_GCM_AVX512))
377aede9f10ee2 Megha Dey       2021-01-20  809  		aesni_gcm_finalize_avx_512(aes_ctx, data, auth_tag,
377aede9f10ee2 Megha Dey       2021-01-20  810  					   auth_tag_len);
377aede9f10ee2 Megha Dey       2021-01-20  811  	else if (static_branch_likely(&gcm_use_avx2) && do_avx2)
d6cbf4eaa46794 Ard Biesheuvel  2021-01-04  812  		aesni_gcm_finalize_avx_gen4(aes_ctx, data, auth_tag,
d6cbf4eaa46794 Ard Biesheuvel  2021-01-04  813  					    auth_tag_len);
d6cbf4eaa46794 Ard Biesheuvel  2021-01-04  814  	else if (static_branch_likely(&gcm_use_avx) && do_avx)
d6cbf4eaa46794 Ard Biesheuvel  2021-01-04  815  		aesni_gcm_finalize_avx_gen2(aes_ctx, data, auth_tag,
d6cbf4eaa46794 Ard Biesheuvel  2021-01-04  816  					    auth_tag_len);
d6cbf4eaa46794 Ard Biesheuvel  2021-01-04  817  	else
d6cbf4eaa46794 Ard Biesheuvel  2021-01-04  818  		aesni_gcm_finalize(aes_ctx, data, auth_tag, auth_tag_len);
83c83e658863e4 Ard Biesheuvel  2021-01-04  819  	kernel_fpu_end();
e845520707f85c Dave Watson     2018-02-14  820  
377aede9f10ee2 Megha Dey       2021-01-20  821  	kfree(data);
e845520707f85c Dave Watson     2018-02-14  822  	return 0;
e845520707f85c Dave Watson     2018-02-14  823  }

---
0-DAY CI Kernel Test Service, Intel Corporation
https://lists.01.org/hyperkitty/list/kbuild-all@lists.01.org

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ