lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Date: Mon, 6 May 2024 12:52:27 +0200
From: Ard Biesheuvel <ardb@...nel.org>
To: Kent Overstreet <kent.overstreet@...ux.dev>
Cc: Aleksandr Nogikh <nogikh@...gle.com>, 
	syzbot <syzbot+97b4444a5bd7bf30b3a8@...kaller.appspotmail.com>, davem@...emloft.net, 
	herbert@...dor.apana.org.au, linux-crypto@...r.kernel.org, 
	linux-kernel@...r.kernel.org, syzkaller-bugs@...glegroups.com
Subject: Re: [syzbot] [crypto?] KMSAN: uninit-value in skcipher_walk_virt

On Sat, 4 May 2024 at 19:21, Kent Overstreet <kent.overstreet@...ux.dev> wrote:
>
> This is odd - it seems to be req->base.flags that's uninitialized, and I
> can't find the code that's supposed to be initializing it - but bcachefs
> usage seems to be the same as all the other uses I'm looking at; if it
> is req->base.flags then other code must be buggy as well?
>

You seem to be missing a call to

skcipher_request_set_callback()

which initializes some (irrelevant in this case) async related fields
but also the flags field.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ