lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Message-ID: <20241127234347.1739754-1-ragavendra.bn@gmail.com>
Date: Wed, 27 Nov 2024 15:43:47 -0800
From: Ragavendra <ragavendra.bn@...il.com>
To: herbert@...dor.apana.org.au,
	davem@...emloft.net,
	tglx@...utronix.de,
	mingo@...hat.com,
	bp@...en8.de,
	dave.hansen@...ux.intel.com,
	hpa@...or.com
Cc: x86@...nel.org,
	linux-crypto@...r.kernel.org,
	linux-kernel@...r.kernel.org,
	Ragavendra <ragavendra.bn@...il.com>
Subject: [PATCH] x86/aesni: fix uninit value for skcipher_walk

In crypto/aesni-intel_glue.c most declarations of struct
skcipher_walk are unitialized. This causes one of the values
in the struct to be left uninitialized in the later usages.

This patch fixes it by adding initializations to the struct
skcipher_walk walk variable.

Fixes bugs reported in the Coverity scan with CID 139545,
1518179, 1585019 and 1598915.

Signed-off-by: Ragavendra Nagraj <ragavendra.bn@...il.com>
---
---
 arch/x86/crypto/aesni-intel_glue.c | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/arch/x86/crypto/aesni-intel_glue.c b/arch/x86/crypto/aesni-intel_glue.c
index b0dd83555499..168edb21a6c4 100644
--- a/arch/x86/crypto/aesni-intel_glue.c
+++ b/arch/x86/crypto/aesni-intel_glue.c
@@ -398,7 +398,7 @@ static int ctr_crypt(struct skcipher_request *req)
 	struct crypto_skcipher *tfm = crypto_skcipher_reqtfm(req);
 	struct crypto_aes_ctx *ctx = aes_ctx(crypto_skcipher_ctx(tfm));
 	u8 keystream[AES_BLOCK_SIZE];
-	struct skcipher_walk walk;
+	struct skcipher_walk walk = {};
 	unsigned int nbytes;
 	int err;
 
@@ -447,7 +447,7 @@ static int xctr_crypt(struct skcipher_request *req)
 	struct crypto_skcipher *tfm = crypto_skcipher_reqtfm(req);
 	struct crypto_aes_ctx *ctx = aes_ctx(crypto_skcipher_ctx(tfm));
 	u8 keystream[AES_BLOCK_SIZE];
-	struct skcipher_walk walk;
+	struct skcipher_walk walk = {};
 	unsigned int nbytes;
 	unsigned int byte_ctr = 0;
 	int err;
@@ -517,7 +517,7 @@ xts_crypt_slowpath(struct skcipher_request *req, xts_crypt_func crypt_func)
 	int tail = req->cryptlen % AES_BLOCK_SIZE;
 	struct scatterlist sg_src[2], sg_dst[2];
 	struct skcipher_request subreq;
-	struct skcipher_walk walk;
+	struct skcipher_walk walk = {};
 	struct scatterlist *src, *dst;
 	int err;
 
@@ -1339,7 +1339,7 @@ gcm_crypt(struct aead_request *req, int flags)
 	struct crypto_aead *tfm = crypto_aead_reqtfm(req);
 	const struct aes_gcm_key *key = aes_gcm_key_get(tfm, flags);
 	unsigned int assoclen = req->assoclen;
-	struct skcipher_walk walk;
+	struct skcipher_walk walk = {};
 	unsigned int nbytes;
 	u8 ghash_acc[16]; /* GHASH accumulator */
 	u32 le_ctr[4]; /* Counter in little-endian format */
-- 
2.46.1

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ