lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Message-ID: <CAMj1kXGK8yV7FiddsWdK=UpJAJqUWp9ycyBLGDZp-WAd7=CRyQ@mail.gmail.com>
Date: Fri, 21 Nov 2025 12:01:44 +0100
From: Ard Biesheuvel <ardb@...nel.org>
To: Eric Biggers <ebiggers@...nel.org>
Cc: linux-crypto@...r.kernel.org, linux-kernel@...r.kernel.org, 
	"Jason A . Donenfeld" <Jason@...c4.com>, Herbert Xu <herbert@...dor.apana.org.au>, stable@...r.kernel.org
Subject: Re: [PATCH] lib/crypto: tests: Fix KMSAN warning in test_sha256_finup_2x()

On Fri, 21 Nov 2025 at 04:36, Eric Biggers <ebiggers@...nel.org> wrote:
>
> Fully initialize *ctx, including the buf field which sha256_init()
> doesn't initialize, to avoid a KMSAN warning when comparing *ctx to
> orig_ctx.  This KMSAN warning slipped in while KMSAN was not working
> reliably due to a stackdepot bug, which has now been fixed.
>
> Fixes: 6733968be7cb ("lib/crypto: tests: Add tests and benchmark for sha256_finup_2x()")
> Cc: stable@...r.kernel.org
> Signed-off-by: Eric Biggers <ebiggers@...nel.org>

Acked-by: Ard Biesheuvel <ardb@...nel.org>

> ---
>  lib/crypto/tests/sha256_kunit.c | 1 +
>  1 file changed, 1 insertion(+)
>
> diff --git a/lib/crypto/tests/sha256_kunit.c b/lib/crypto/tests/sha256_kunit.c
> index dcedfca06df6..5dccdee79693 100644
> --- a/lib/crypto/tests/sha256_kunit.c
> +++ b/lib/crypto/tests/sha256_kunit.c
> @@ -66,10 +66,11 @@ static void test_sha256_finup_2x(struct kunit *test)
>         ctx = alloc_guarded_buf(test, sizeof(*ctx));
>
>         rand_bytes(data1_buf, max_data_len);
>         rand_bytes(data2_buf, max_data_len);
>         rand_bytes(salt, sizeof(salt));
> +       memset(ctx, 0, sizeof(*ctx));
>
>         for (size_t i = 0; i < 500; i++) {
>                 size_t salt_len = rand_length(sizeof(salt));
>                 size_t data_len = rand_length(max_data_len);
>                 const u8 *data1 = data1_buf + max_data_len - data_len;
>
> base-commit: 10a1140107e0b98bd67d37ae7af72989dd7df00b
> --
> 2.51.2
>

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ