20260615-linuxkm-fixes#10696
Conversation
…gcc-16: linuxkm/linuxkm_memory.c: use packed-struct intermediates rather than memcpy()s for wc_get_unaligned() and wc_put_unaligned(). linuxkm/linuxkm_wc_port.h: on old FIPS, retrofit nonnull attribute to GHASH() arg 1, so that it unconditionally writes out the hash. wolfcrypt/src/aes.c and wolfssl/wolfcrypt/aes.h: in GHASH(), add nonnull attribute to arg 1, and remove runtime nullness check for arg 1 in the implementations.
|
wolfSSL-Fenrir-bot
left a comment
wolfSSL-Fenrir-bot
left a comment
There was a problem hiding this comment.
Fenrir Automated Review — PR #10696
Scan targets checked: linuxkm-bugs, linuxkm-src, wolfcrypt-bugs, wolfcrypt-rs-bugs, wolfcrypt-src, wolfssl-bugs, wolfssl-src
Findings: 1
1 finding(s) posted as inline comments (see file-level comments below)
This review was generated automatically by Fenrir. Findings are non-blocking.
…_drbg_generate() (followup to 3c9996e in wolfSSL#10688).
douzzer
force-pushed
the
20260615-linuxkm-fixes
branch
from
abfe536 to
2844cd1
Compare
|
retest this please |
|
Nice, this fixes |
philljj
left a comment
philljj
left a comment
There was a problem hiding this comment.
Tests good, just some nits in review.
| unsigned int cSz, unsigned char* s, unsigned int sSz); | ||
| #else | ||
| struct Gcm; | ||
| WOLFSSL_LOCAL void __attribute__((nonnull(1))) GHASH(struct Gcm *gcm, const unsigned char* a, |
There was a problem hiding this comment.
dumb question, is this redundant with the change in aes.h?
Also can WC_ARG_NOT_NULL be used here?
There was a problem hiding this comment.
Not on old FIPS -- that's what it's for.
And WC_ARG_NOT_NULL doesn't exist yet when linuxkm_wc_port.h is evaluated, alas. That's why it's also using unsigned char * instead of byte *, etc.
| if (unlikely(ret == WC_NO_ERR_TRACE(RNG_FAILURE_E))) { | ||
| if (slen > 0) { | ||
| ret = -EINVAL; | ||
| if (slen > 0) |
There was a problem hiding this comment.
nit: could condense this to if (slen > 0 || retried) break; now.
Of if they are worth being separate checks, maybe a short 1 line comment explaining what slen > 0 vs retried means in error conditions.
There was a problem hiding this comment.
Need to be separate so that instrumentation (--enable-debug-trace-errcodes) shows what failed.
IIRC, the slen situation isn't retryable because the whole point of a gen paired with a seed is to have the seed deterministically determine what's gen'd, which it wouldn't if a reinit were done midstream. This could be bikeshedded to work right on reinit but clearly isn't worth the extra trouble.
4 participants
fixes for false positives on linuxkm CONFIG_FORTIFY_SOURCE builds on gcc-16:
linuxkm/linuxkm_memory.c: use packed-struct intermediates rather thanmemcpy()s forwc_get_unaligned()andwc_put_unaligned().linuxkm/linuxkm_wc_port.h: on old FIPS, retrofit nonnull attribute toGHASH()arg 1, so that it unconditionally writes out the hash.wolfcrypt/src/aes.candwolfssl/wolfcrypt/aes.h: inGHASH(), addnonnullattribute to arg 1, and remove runtime nullness check for arg 1 in the implementations.linuxkm/lkcapi_sha_glue.c: refactor error code handling inwc_linuxkm_drbg_generate()(followup to 3c9996e in #10688).