lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <CAMkAt6rKfM_uvLRMaN3SSTYVfiMixVGtEyZjo38OG8L1HcfKdg@mail.gmail.com>
Date:   Tue, 10 Jan 2023 09:53:32 -0700
From:   Peter Gonda <pgonda@...gle.com>
To:     Tom Rix <trix@...hat.com>
Cc:     brijesh.singh@....com, thomas.lendacky@....com, john.allen@....com,
        herbert@...dor.apana.org.au, davem@...emloft.net,
        nathan@...nel.org, ndesaulniers@...gle.com, rientjes@...gle.com,
        marcorr@...gle.com, linux-crypto@...r.kernel.org,
        linux-kernel@...r.kernel.org, llvm@...ts.linux.dev
Subject: Re: [PATCH] crypto: initialize error

On Tue, Jan 10, 2023 at 9:48 AM Tom Rix <trix@...hat.com> wrote:
>
>
> On 1/10/23 8:27 AM, Peter Gonda wrote:
> > On Tue, Jan 10, 2023 at 9:18 AM Tom Rix <trix@...hat.com> wrote:
> >> clang static analysis reports this problem
> >> drivers/crypto/ccp/sev-dev.c:1347:3: warning: 3rd function call
> >>    argument is an uninitialized value [core.CallAndMessage]
> >>      dev_err(sev->dev, "SEV: failed to INIT error %#x, rc %d\n",
> >>      ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
> >>
> >> __sev_platform_init_locked() can return without setting the
> >> error parameter, causing the dev_err() to report a gargage
> > garbage
> ok
> >
> >> value.
> >>
> >> Fixes: 3d725965f836 ("crypto: ccp - Add SEV_INIT_EX support")
> > Should this be: 'Fixes: 200664d5237f ("crypto: ccp: Add Secure
> > Encrypted Virtualization (SEV) command support")'
> >
> > Since in that patch an uninitialized error can be printed?
>
> It was a bit of a toss up on who is at fault. This is fine, i'll change
> this as well.

Ack. Not trying to play a blame game =]. Just thought this patch might
as well be backported back to anyone using this function.

If you are sending another version you can add:

Reviewed-by: Peter Gonda <pgonda@...gle.com>

>
> Thanks
>
> Tom
>
>
> > +void psp_pci_init(void)
> > +{
> > +       struct sev_user_data_status *status;
> > +       struct sp_device *sp;
> > +       int error, rc;
> > +
> > +       sp = sp_get_psp_master_device();
> > +       if (!sp)
> > +               return;
> > +
> > +       psp_master = sp->psp_data;
> > +
> > +       /* Initialize the platform */
> > +       rc = sev_platform_init(&error);
> > +       if (rc) {
> > +               dev_err(sp->dev, "SEV: failed to INIT error %#x\n", error);
> > +               goto err;
> > +       }
> >
> >
> > ...
> >
> > +static int __sev_platform_init_locked(int *error)
> > +{
> > +       struct psp_device *psp = psp_master;
> > +       int rc = 0;
> > +
> > +       if (!psp)
> > +               return -ENODEV;
> > +
> > +       if (psp->sev_state == SEV_STATE_INIT)
> > +               return 0;
> >
> >
> > So if !psp an uninitialized error is printed?
> >
> >> Signed-off-by: Tom Rix <trix@...hat.com>
> >> ---
> >>   drivers/crypto/ccp/sev-dev.c | 2 +-
> >>   1 file changed, 1 insertion(+), 1 deletion(-)
> >>
> >> diff --git a/drivers/crypto/ccp/sev-dev.c b/drivers/crypto/ccp/sev-dev.c
> >> index 56998bc579d6..643cccc06a0b 100644
> >> --- a/drivers/crypto/ccp/sev-dev.c
> >> +++ b/drivers/crypto/ccp/sev-dev.c
> >> @@ -1307,7 +1307,7 @@ EXPORT_SYMBOL_GPL(sev_issue_cmd_external_user);
> >>   void sev_pci_init(void)
> >>   {
> >>          struct sev_device *sev = psp_master->sev_data;
> >> -       int error, rc;
> >> +       int error = 0, rc;
> >>
> >>          if (!sev)
> >>                  return;
> >> --
> >> 2.27.0
> >>
>

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ