• Laura Abbott's avatar
    crypto: testmgr - Pad aes_ccm_enc_tv_template vector · abf74467
    Laura Abbott authored
    commit 1c68bb0f upstream.
    
    Running with KASAN and crypto tests currently gives
    
     BUG: KASAN: global-out-of-bounds in __test_aead+0x9d9/0x2200 at addr ffffffff8212fca0
     Read of size 16 by task cryptomgr_test/1107
     Address belongs to variable 0xffffffff8212fca0
     CPU: 0 PID: 1107 Comm: cryptomgr_test Not tainted 4.10.0+ #45
     Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.9.1-1.fc24 04/01/2014
     Call Trace:
      dump_stack+0x63/0x8a
      kasan_report.part.1+0x4a7/0x4e0
      ? __test_aead+0x9d9/0x2200
      ? crypto_ccm_init_crypt+0x218/0x3c0 [ccm]
      kasan_report+0x20/0x30
      check_memory_region+0x13c/0x1a0
      memcpy+0x23/0x50
      __test_aead+0x9d9/0x2200
      ? kasan_unpoison_shadow+0x35/0x50
      ? alg_test_akcipher+0xf0/0xf0
      ? crypto_skcipher_init_tfm+0x2e3/0x310
      ? crypto_spawn_tfm2+0x37/0x60
      ? crypto_ccm_init_tfm+0xa9/0xd0 [ccm]
      ? crypto_aead_init_tfm+0x7b/0x90
      ? crypto_alloc_tfm+0xc4/0x190
      test_aead+0x28/0xc0
      alg_test_aead+0x54/0xd0
      alg_test+0x1eb/0x3d0
      ? alg_find_test+0x90/0x90
      ? __sched_text_start+0x8/0x8
      ? __wake_up_common+0x70/0xb0
      cryptomgr_test+0x4d/0x60
      kthread+0x173/0x1c0
      ? crypto_acomp_scomp_free_ctx+0x60/0x60
      ? kthread_create_on_node+0xa0/0xa0
      ret_from_fork+0x2c/0x40
     Memory state around the buggy address:
      ffffffff8212fb80: 00 00 00 00 01 fa fa fa fa fa fa fa 00 00 00 00
      ffffffff8212fc00: 00 01 fa fa fa fa fa fa 00 00 00 00 01 fa fa fa
     >ffffffff8212fc80: fa fa fa fa 00 05 fa fa fa fa fa fa 00 00 00 00
                                       ^
      ffffffff8212fd00: 01 fa fa fa fa fa fa fa 00 00 00 00 01 fa fa fa
      ffffffff8212fd80: fa fa fa fa 00 00 00 00 00 05 fa fa fa fa fa fa
    
    This always happens on the same IV which is less than 16 bytes.
    
    Per Ard,
    
    "CCM IVs are 16 bytes, but due to the way they are constructed
    internally, the final couple of bytes of input IV are dont-cares.
    
    Apparently, we do read all 16 bytes, which triggers the KASAN errors."
    
    Fix this by padding the IV with null bytes to be at least 16 bytes.
    
    Fixes: 0bc5a6c5 ("crypto: testmgr - Disable rfc4309 test and convert test vectors")
    Acked-by: 's avatarArd Biesheuvel <ard.biesheuvel@linaro.org>
    Signed-off-by: 's avatarLaura Abbott <labbott@redhat.com>
    Signed-off-by: 's avatarHerbert Xu <herbert@gondor.apana.org.au>
    Signed-off-by: 's avatarGreg Kroah-Hartman <gregkh@linuxfoundation.org>
    abf74467