| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Sat, 27 Aug 2022 01:21:50 +0800
From: Zixuan Tan <tanzixuan.me@...il.com>
To: Arnaldo Carvalho de Melo <arnaldo.melo@...il.com>
Cc: Peter Zijlstra <peterz@...radead.org>,
Ingo Molnar <mingo@...hat.com>,
Mark Rutland <mark.rutland@....com>,
Alexander Shishkin <alexander.shishkin@...ux.intel.com>,
Jiri Olsa <jolsa@...nel.org>,
Namhyung Kim <namhyung@...nel.org>,
linux-perf-users@...r.kernel.org, linux-kernel@...r.kernel.org
Subject: Re: [PATCH] perf/genelf: Switch deprecated openssl MD5_* functions to
new EVP API
On Fri, Aug 26, 2022 at 4:17 AM Arnaldo Carvalho de Melo
<arnaldo.melo@...il.com> wrote:
>
> Em Fri, Aug 26, 2022 at 01:00:58AM +0800, Zixuan Tan escreveu:
> > Switch to the flavored EVP API like in test-libcrypto.c, and remove the
> > bad gcc #pragma.
> >
> > Inspired-By: 5b245985a6de ("tools build: Switch to new openssl API for
> > test-libcrypto")
>
> How did you test the end result? Can you please describe step by step?
>
> Also please consider adding a 'perf test' entry to make sure this
> doesn't regress.
Sorry but I don't get what you mean, what results do I need to test?
These EVP_* APIs are just replacements for the deprecated MD5_* APIs in
openssl v3 [1][2]. With the same input, they produce the same MD5 digest.
And this patch just does the migration work for the upgrade and does not
change the logic of the code. so...what should I test?
Links:
[1] https://www.openssl.org/docs/man3.0/man3/MD5.html
[2] https://stackoverflow.com/questions/69806220/advice-needed-for-migration-of-low-level-openssl-api-to-high-level-openssl-apis
Thanks,
Zixuan
>
> Thanks,
>
> - Arnaldo
>
> > Signed-off-by: Zixuan Tan <tanzixuan.me@...il.com>
> > ---
> > tools/perf/util/genelf.c | 20 +++++++++++---------
> > 1 file changed, 11 insertions(+), 9 deletions(-)
> >
> > diff --git a/tools/perf/util/genelf.c b/tools/perf/util/genelf.c
> > index 953338b9e887..ed28a0dbcb7f 100644
> > --- a/tools/perf/util/genelf.c
> > +++ b/tools/perf/util/genelf.c
> > @@ -30,10 +30,6 @@
> >
> > #define BUILD_ID_URANDOM /* different uuid for each run */
> >
> > -// FIXME, remove this and fix the deprecation warnings before its removed and
> > -// We'll break for good here...
> > -#pragma GCC diagnostic ignored "-Wdeprecated-declarations"
> > -
> > #ifdef HAVE_LIBCRYPTO_SUPPORT
> >
> > #define BUILD_ID_MD5
> > @@ -45,6 +41,7 @@
> > #endif
> >
> > #ifdef BUILD_ID_MD5
> > +#include <openssl/evp.h>
> > #include <openssl/md5.h>
> > #endif
> > #endif
> > @@ -142,15 +139,20 @@ gen_build_id(struct buildid_note *note,
> > static void
> > gen_build_id(struct buildid_note *note, unsigned long load_addr,
> > const void *code, size_t csize)
> > {
> > - MD5_CTX context;
> > + EVP_MD_CTX *mdctx;
> >
> > if (sizeof(note->build_id) < 16)
> > errx(1, "build_id too small for MD5");
> >
> > - MD5_Init(&context);
> > - MD5_Update(&context, &load_addr, sizeof(load_addr));
> > - MD5_Update(&context, code, csize);
> > - MD5_Final((unsigned char *)note->build_id, &context);
> > + mdctx = EVP_MD_CTX_new();
> > + if (!mdctx)
> > + errx(2, "failed to create EVP_MD_CTX");
> > +
> > + EVP_DigestInit_ex(mdctx, EVP_md5(), NULL);
> > + EVP_DigestUpdate(mdctx, &load_addr, sizeof(load_addr));
> > + EVP_DigestUpdate(mdctx, code, csize);
> > + EVP_DigestFinal_ex(mdctx, (unsigned char *)note->build_id, NULL);
> > + EVP_MD_CTX_free(mdctx);
> > }
> > #endif
> >
> > --
> > 2.34.1
>
> --
>
> - Arnaldo
Powered by blists - more mailing lists