2013-11-10 18:38:01

by Michal Nazarewicz

[permalink] [raw]
Subject: [PATCH RESEND] crypto: make sure *blkcipher_walk_init properly initialises walk

From: Michal Nazarewicz <[email protected]>

blkcipher_walk_init and ablkcipher_walk_init functions are called
to initialise a walk structure allocated on stack, which is not
initialised by the caller. This means, that the fields of the
structure contain garbage when *_init is run.

The *_init functions do not initialise all of the fields though,
and in particular leave flags field as is. This results in field
containing unspecified value.

Zeroing the whole structure makes sure that all of the fields
are initialised to the same value regardless of the values stored
on the stack prior to the call to the *_init function.

Signed-off-by: Michal Nazarewicz <[email protected]>
---
crypto/blkcipher.c | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/crypto/blkcipher.c b/crypto/blkcipher.c
index a79e7e9..3fb99d8 100644
--- a/crypto/blkcipher.c
+++ b/crypto/blkcipher.c
@@ -305,7 +305,7 @@ static inline int blkcipher_copy_iv(struct blkcipher_walk *walk,
int blkcipher_walk_virt(struct blkcipher_desc *desc,
struct blkcipher_walk *walk)
{
- walk->flags &= ~BLKCIPHER_WALK_PHYS;
+ walk->flags = 0;
walk->blocksize = crypto_blkcipher_blocksize(desc->tfm);
return blkcipher_walk_first(desc, walk);
}
@@ -314,7 +314,7 @@ EXPORT_SYMBOL_GPL(blkcipher_walk_virt);
int blkcipher_walk_phys(struct blkcipher_desc *desc,
struct blkcipher_walk *walk)
{
- walk->flags |= BLKCIPHER_WALK_PHYS;
+ walk->flags = BLKCIPHER_WALK_PHYS;
walk->blocksize = crypto_blkcipher_blocksize(desc->tfm);
return blkcipher_walk_first(desc, walk);
}
@@ -352,7 +352,7 @@ int blkcipher_walk_virt_block(struct blkcipher_desc *desc,
struct blkcipher_walk *walk,
unsigned int blocksize)
{
- walk->flags &= ~BLKCIPHER_WALK_PHYS;
+ walk->flags = 0;
walk->blocksize = blocksize;
return blkcipher_walk_first(desc, walk);
}
--
1.8.3.2


2013-11-11 01:28:17

by Herbert Xu

[permalink] [raw]
Subject: Re: [PATCH RESEND] crypto: make sure *blkcipher_walk_init properly initialises walk

On Sun, Nov 10, 2013 at 07:38:01PM +0100, Michal Nazarewicz wrote:
> From: Michal Nazarewicz <[email protected]>
>
> blkcipher_walk_init and ablkcipher_walk_init functions are called
> to initialise a walk structure allocated on stack, which is not
> initialised by the caller. This means, that the fields of the
> structure contain garbage when *_init is run.
>
> The *_init functions do not initialise all of the fields though,
> and in particular leave flags field as is. This results in field
> containing unspecified value.
>
> Zeroing the whole structure makes sure that all of the fields
> are initialised to the same value regardless of the values stored
> on the stack prior to the call to the *_init function.
>
> Signed-off-by: Michal Nazarewicz <[email protected]>

Nack. The field flags is used as a bit-field and all bits other
than those initialised that you see are used internally by the
walker function and will be initialised on demand.

Please do not just rely on tools such as coverity and actually
read the code when submitting patches.

Thanks,
--
Email: Herbert Xu <[email protected]>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt