New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
gost-yescrypt: Fix alignment problem for GOST 34.11 (Streebog) #86
Conversation
Some architectures in some circumstances do not allow unaligned memory access (such as ARM, MIPS, SPARC) triggering SIGBUS. This patch very crudely fixes this issue. The issue is found and original fix is proposed by Eric Biggers: https://patchwork.kernel.org/patch/10878865/ Being unfixed this would trigger SIGBUS when password buffer is unaligned. Crash and fix are tested on UltraSparc T5 on GCC Compile farm.
Does the existing test suite detect this problem when run on hardware that requires alignment of this buffer? If not, please add a test case. |
@zackw Do you want a general test in
Only Currently, |
Forgot to say 'no'. |
The test-case seems fine to me this way as well. Maybe it can be optimized a bit, so that the buffer won't be allocated in every iteration of the loop. Also we may want to use Anyways, I'm going to modify the test-case myself after merging fix. |
|
I do want each hash algorithm to be tested at least once for this bug. I doubt we get much more value out of testing non-aligned inputs for every subcase in test-crypt-kat.c, but if that's the easiest way to accomplish the test then I don't see any harm in it. Having a test that we know will crash on architectures with these constraints, when an alignment bug is present, is adequate, I think. |
@@ -149,10 +149,13 @@ g(uint512_u *h, const uint512_u *N, const unsigned char *m) | |||
static inline void | |||
stage2(GOST34112012Context *CTX, const unsigned char *data) | |||
{ | |||
g(&(CTX->h), &(CTX->N), data); | |||
union uint512_u m; |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Looks like the word union
here is unneeded (implied as part of the typedef
), right? If so, I'm mildly surprised compilers are happy to ignore it.
Edit: looked it up, this clears up why the compilers are happy anyway:
typedef union uint512_u
{
unsigned long long QWORD[8];
} uint512_u;
So the same identifier is both the name for the union and for the typedef. Yet it's probably cleaner (and shorter) to only use it as the latter.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Fixed in 5cce1eb.
BTW, |
Something like: mispass = pass;
if (!((uintptr_t)mispass & 1))
mispass++; or: mispass = pass + 1;
if (((uintptr_t)pass & 1))
mispass = pass; then use |
Oh ya since |
That's also a valid fix, yes. Edit: and I like it better than those I suggested, so please go ahead with yours. |
Codecov Report
@@ Coverage Diff @@
## develop #86 +/- ##
=======================================
Coverage 96.4% 96.4%
=======================================
Files 32 32
Lines 3112 3112
=======================================
Hits 3000 3000
Misses 112 112
Continue to review full report at Codecov.
|
That does not work as it will trigger |
I tested on UltraSparc T5 again.
Thus we know that |
Some architectures in some circumstances do not allow unaligned
memory access (such as ARM, MIPS, SPARC) triggering SIGBUS. This
patch very crudely fixes this issue.
The issue is found and original fix is proposed by Eric Biggers:
https://patchwork.kernel.org/patch/10878865/
Being unfixed this would trigger SIGBUS when password buffer is
unaligned. Crash and fix are tested on UltraSparc T5 on GCC Compile
farm.