linuxkm/: null out pointers with PTR_ERR()-encoded values before jumping to cleanup;

douzzer · douzzer · commit d4fc8c37919f · 2025-04-22T16:44:07.000-05:00
linuxkm/lkcapi_rsa_glue.c: in km_rsa_init(), implement error-path cleanup;

linuxkm/module_hooks.c: nix CONFIG_MODULE_SIG requirement in WOLFCRYPT_FIPS_CORE_DYNAMIC_HASH_VALUE builds;

wolfssl/wolfcrypt/settings.h: in WOLFSSL_LINUXKM setup, define WOLFSSL_ASN_INT_LEAD_0_ANY if LINUXKM_LKCAPI_REGISTER (required for kernel 5.10 crypto manager);

wolfcrypt/src/memory.c: add WC_NO_ERR_TRACE() to mock error returns in SAVE_VECTOR_REGISTERS2_fuzzer().
diff --git a/.wolfssl_known_macro_extras b/.wolfssl_known_macro_extras
@@ -592,7 +592,6 @@ WOLFSSL_ARM_ARCH_NEON_64BIT
 WOLFSSL_ASCON_UNROLL
 WOLFSSL_ASNC_CRYPT
 WOLFSSL_ASN_EXTRA
-WOLFSSL_ASN_INT_LEAD_0_ANY
 WOLFSSL_ASN_TEMPLATE_NEED_SET_INT32
 WOLFSSL_ASN_TEMPLATE_TYPE_CHECK
 WOLFSSL_ATECC508
diff --git a/linuxkm/lkcapi_aes_glue.c b/linuxkm/lkcapi_aes_glue.c
@@ -1204,6 +1204,7 @@ static int AesGcmCrypt_1(struct aead_request *req, int decrypt_p, int rfc4106_p)
             pr_err("%s: scatterwalk_map failed: %ld\n",
                    crypto_tfm_alg_driver_name(crypto_aead_tfm(tfm)),
                    PTR_ERR(assoc));
+            in_map = NULL;
             goto out;
         }
         assoc = in_map;
@@ -1220,6 +1221,7 @@ static int AesGcmCrypt_1(struct aead_request *req, int decrypt_p, int rfc4106_p)
             pr_err("%s: scatterwalk_map failed: %ld\n",
                    crypto_tfm_alg_driver_name(crypto_aead_tfm(tfm)),
                    PTR_ERR(assoc));
+            out_map = NULL;
             goto out;
         }
         out_text = out_map + req->assoclen;
@@ -2329,6 +2331,7 @@ static int linuxkm_test_aescbc(void)
     if (IS_ERR(tfm)) {
         pr_err("error: allocating AES skcipher algorithm %s failed: %ld\n",
                WOLFKM_AESCBC_DRIVER, PTR_ERR(tfm));
+        tfm = NULL;
         goto test_cbc_end;
     }
 
@@ -2355,6 +2358,7 @@ static int linuxkm_test_aescbc(void)
     if (IS_ERR(req)) {
         pr_err("error: allocating AES skcipher request %s failed\n",
                WOLFKM_AESCBC_DRIVER);
+        req = NULL;
         goto test_cbc_end;
     }
 
@@ -2538,6 +2542,7 @@ static int linuxkm_test_aescfb(void)
     if (IS_ERR(tfm)) {
         pr_err("error: allocating AES skcipher algorithm %s failed: %ld\n",
                WOLFKM_AESCFB_DRIVER, PTR_ERR(tfm));
+        tfm = NULL;
         goto test_cfb_end;
     }
 
@@ -2555,6 +2560,7 @@ static int linuxkm_test_aescfb(void)
     if (IS_ERR(req)) {
         pr_err("error: allocating AES skcipher request %s failed\n",
                WOLFKM_AESCFB_DRIVER);
+        req = NULL;
         goto test_cfb_end;
     }
 
@@ -2763,6 +2769,7 @@ static int linuxkm_test_aesgcm(void)
     assoc2 = malloc(sizeof(assoc));
     if (IS_ERR(assoc2)) {
         pr_err("error: malloc failed\n");
+        assoc2 = NULL;
         goto test_gcm_end;
     }
     memset(assoc2, 0, sizeof(assoc));
@@ -2771,6 +2778,7 @@ static int linuxkm_test_aesgcm(void)
     iv = malloc(WC_AES_BLOCK_SIZE);
     if (IS_ERR(iv)) {
         pr_err("error: malloc failed\n");
+        iv = NULL;
         goto test_gcm_end;
     }
     memset(iv, 0, WC_AES_BLOCK_SIZE);
@@ -2779,12 +2787,14 @@ static int linuxkm_test_aesgcm(void)
     enc2 = malloc(decryptLen);
     if (IS_ERR(enc2)) {
         pr_err("error: malloc failed\n");
+        enc2 = NULL;
         goto test_gcm_end;
     }
 
     dec2 = malloc(decryptLen);
     if (IS_ERR(dec2)) {
         pr_err("error: malloc failed\n");
+        dec2 = NULL;
         goto test_gcm_end;
     }
 
@@ -2796,6 +2806,7 @@ static int linuxkm_test_aesgcm(void)
     if (IS_ERR(tfm)) {
         pr_err("error: allocating AES skcipher algorithm %s failed: %ld\n",
                WOLFKM_AESGCM_DRIVER, PTR_ERR(tfm));
+        tfm = NULL;
         goto test_gcm_end;
     }
 
@@ -2819,15 +2830,25 @@ static int linuxkm_test_aesgcm(void)
     if (IS_ERR(req)) {
         pr_err("error: allocating AES aead request %s failed: %ld\n",
                WOLFKM_AESCBC_DRIVER, PTR_ERR(req));
+        req = NULL;
         goto test_gcm_end;
     }
 
     src = malloc(sizeof(struct scatterlist) * 2);
+
+    if (IS_ERR(src)) {
+        pr_err("error: malloc src failed: %ld\n",
+               PTR_ERR(src));
+        src = NULL;
+        goto test_gcm_end;
+    }
+
     dst = malloc(sizeof(struct scatterlist) * 2);
 
-    if (IS_ERR(src) || IS_ERR(dst)) {
-        pr_err("error: malloc src or dst failed: %ld, %ld\n",
-               PTR_ERR(src), PTR_ERR(dst));
+    if (IS_ERR(dst)) {
+        pr_err("error: malloc dst failed: %ld\n",
+               PTR_ERR(dst));
+        dst = NULL;
         goto test_gcm_end;
     }
 
@@ -3367,6 +3388,7 @@ static int aes_xts_128_test(void)
         ret = PTR_ERR(tfm);
         pr_err("error: allocating AES skcipher algorithm %s failed: %d\n",
                WOLFKM_AESXTS_DRIVER, ret);
+        tfm = NULL;
         goto test_xts_end;
     }
 
@@ -3404,6 +3426,7 @@ static int aes_xts_128_test(void)
         ret = PTR_ERR(req);
         pr_err("error: allocating AES skcipher request %s failed: %d\n",
                WOLFKM_AESXTS_DRIVER, ret);
+        req = NULL;
         goto test_xts_end;
     }
 
@@ -3847,6 +3870,7 @@ static int aes_xts_256_test(void)
         ret = PTR_ERR(tfm);
         pr_err("error: allocating AES skcipher algorithm %s failed: %d\n",
                WOLFKM_AESXTS_DRIVER, ret);
+        tfm = NULL;
         goto test_xts_end;
     }
 
@@ -3883,6 +3907,7 @@ static int aes_xts_256_test(void)
         ret = PTR_ERR(req);
         pr_err("error: allocating AES skcipher request %s failed: %d\n",
                WOLFKM_AESXTS_DRIVER, ret);
+        req = NULL;
         goto test_xts_end;
     }
 
diff --git a/linuxkm/lkcapi_ecdh_glue.c b/linuxkm/lkcapi_ecdh_glue.c
@@ -804,13 +804,15 @@ static int linuxkm_test_ecdh_nist_driver(const char * driver,
     if (IS_ERR(tfm)) {
         pr_err("error: allocating kpp algorithm %s failed: %ld\n",
                driver, PTR_ERR(tfm));
+        tfm = NULL;
         goto test_ecdh_nist_end;
     }
 
     req = kpp_request_alloc(tfm, GFP_KERNEL);
     if (IS_ERR(req)) {
         pr_err("error: allocating kpp request %s failed\n",
                driver);
+        req = NULL;
         goto test_ecdh_nist_end;
     }
 
diff --git a/linuxkm/lkcapi_ecdsa_glue.c b/linuxkm/lkcapi_ecdsa_glue.c
@@ -679,13 +679,15 @@ static int linuxkm_test_ecdsa_nist_driver(const char * driver,
     if (IS_ERR(tfm)) {
         pr_err("error: allocating akcipher algorithm %s failed: %ld\n",
                driver, PTR_ERR(tfm));
+        tfm = NULL;
         goto test_ecdsa_nist_end;
     }
 
     req = akcipher_request_alloc(tfm, GFP_KERNEL);
     if (IS_ERR(req)) {
         pr_err("error: allocating akcipher request %s failed\n",
                driver);
+        req = NULL;
         goto test_ecdsa_nist_end;
     }
 
diff --git a/linuxkm/lkcapi_rsa_glue.c b/linuxkm/lkcapi_rsa_glue.c
@@ -180,25 +180,32 @@ static int km_rsa_init(struct crypto_akcipher *tfm, int hash_oid)
 
     ctx->key = (RsaKey *)malloc(sizeof(RsaKey));
     if (!ctx->key) {
-        return -ENOMEM;
+        ret = -ENOMEM;
+        goto out;
     }
 
     ret = wc_InitRng(&ctx->rng);
     if (ret) {
         pr_err("%s: init rng returned: %d\n", WOLFKM_RSA_DRIVER, ret);
-        return -ENOMEM;
+        if (ret == WC_NO_ERR_TRACE(MEMORY_E))
+            ret = -ENOMEM;
+        else
+            ret = -EINVAL;
+        goto out;
     }
 
     ret = wc_InitRsaKey(ctx->key, NULL);
     if (ret) {
         pr_err("%s: init rsa key returned: %d\n", WOLFKM_RSA_DRIVER, ret);
-        return -ENOMEM;
+        ret = -EINVAL;
+        goto out;
     }
 
     #ifdef WC_RSA_BLINDING
     ret = wc_RsaSetRNG(ctx->key, &ctx->rng);
     if (ret) {
-        return -ENOMEM;
+        ret = -EINVAL;
+        goto out;
     }
     #endif /* WC_RSA_BLINDING */
 
@@ -221,13 +228,25 @@ static int km_rsa_init(struct crypto_akcipher *tfm, int hash_oid)
     default:
         pr_err("%s: init: unhandled hash_oid: %d\n", WOLFKM_RSA_DRIVER,
                hash_oid);
-        return -ENOMEM;
+        ret = -EINVAL;
+        goto out;
     }
 
     #ifdef WOLFKM_DEBUG_RSA
     pr_info("info: exiting km_rsa_init: hash_oid %d\n", ctx->hash_oid);
     #endif /* WOLFKM_DEBUG_RSA */
-    return 0;
+
+out:
+
+    if (ret != 0) {
+        if (ctx->key) {
+            free(ctx->key);
+            ctx->key = NULL;
+        }
+        wc_FreeRng(&ctx->rng);
+    }
+
+    return ret;
 }
 
 #if defined(LINUXKM_DIRECT_RSA)
@@ -1260,13 +1279,15 @@ static int linuxkm_test_rsa_driver(const char * driver, int nbits)
     if (IS_ERR(tfm)) {
         pr_err("error: allocating akcipher algorithm %s failed: %ld\n",
                driver, PTR_ERR(tfm));
+        tfm = NULL;
         goto test_rsa_end;
     }
 
     req = akcipher_request_alloc(tfm, GFP_KERNEL);
     if (IS_ERR(req)) {
         pr_err("error: allocating akcipher request %s failed\n",
                driver);
+        req = NULL;
         goto test_rsa_end;
     }
 
@@ -1609,13 +1630,15 @@ static int linuxkm_test_pkcs1_driver(const char * driver, int nbits,
     if (IS_ERR(tfm)) {
         pr_err("error: allocating akcipher algorithm %s failed: %ld\n",
                driver, PTR_ERR(tfm));
+        tfm = NULL;
         goto test_pkcs1_end;
     }
 
     req = akcipher_request_alloc(tfm, GFP_KERNEL);
     if (IS_ERR(req)) {
         pr_err("error: allocating akcipher request %s failed\n",
                driver);
+        req = NULL;
         goto test_pkcs1_end;
     }
 
diff --git a/linuxkm/module_hooks.c b/linuxkm/module_hooks.c
@@ -110,9 +110,6 @@ static void lkmFipsCb(int ok, int err, const char* hash)
 #endif
 
 #ifdef WOLFCRYPT_FIPS_CORE_DYNAMIC_HASH_VALUE
-#ifndef CONFIG_MODULE_SIG
-#error WOLFCRYPT_FIPS_CORE_DYNAMIC_HASH_VALUE requires a CONFIG_MODULE_SIG kernel.
-#endif
 static int updateFipsHash(void);
 #endif
 
@@ -137,10 +134,12 @@ static int wolfssl_init(void)
     int ret;
 
 #ifdef WOLFCRYPT_FIPS_CORE_DYNAMIC_HASH_VALUE
+#ifdef CONFIG_MODULE_SIG
     if (THIS_MODULE->sig_ok == false) {
         pr_err("wolfSSL module load aborted -- bad or missing module signature with FIPS dynamic hash.\n");
         return -ECANCELED;
     }
+#endif
     ret = updateFipsHash();
     if (ret < 0) {
         pr_err("wolfSSL module load aborted -- updateFipsHash: %s\n",wc_GetErrorString(ret));
diff --git a/wolfcrypt/src/memory.c b/wolfcrypt/src/memory.c
@@ -1754,7 +1754,7 @@ WOLFSSL_LOCAL int SAVE_VECTOR_REGISTERS2_fuzzer(void) {
     }
     (void)lrand48_r(&wc_svr_fuzzing_state, &result);
     if (result & 1)
-        return IO_FAILED_E;
+        return WC_NO_ERR_TRACE(IO_FAILED_E);
     else
         return 0;
 }
@@ -1794,7 +1794,7 @@ WOLFSSL_LOCAL int SAVE_VECTOR_REGISTERS2_fuzzer(void) {
 
     balance_bit = !balance_bit;
 
-    return ((prn & 1) ^ balance_bit) ? IO_FAILED_E : 0;
+    return ((prn & 1) ^ balance_bit) ? WC_NO_ERR_TRACE(IO_FAILED_E) : 0;
 }
 
 #endif /* !HAVE_THREAD_LS */
diff --git a/wolfssl/wolfcrypt/settings.h b/wolfssl/wolfcrypt/settings.h
@@ -3674,6 +3674,13 @@ extern void uITRON4_free(void *p) ;
     #undef WOLFSSL_MIN_AUTH_TAG_SZ
     #define WOLFSSL_MIN_AUTH_TAG_SZ 4
 
+    #if defined(LINUXKM_LKCAPI_REGISTER) && !defined(WOLFSSL_ASN_INT_LEAD_0_ANY)
+        /* kernel 5.10 crypto manager tests key(s) that fail unless leading
+         * bytes are tolerated in GetASN_Integer().
+         */
+        #define WOLFSSL_ASN_INT_LEAD_0_ANY
+    #endif
+
     #ifdef CONFIG_KASAN
         #ifndef WC_SANITIZE_DISABLE
             #define WC_SANITIZE_DISABLE() kasan_disable_current()

Original file line number	Diff line number	Diff line change
`@@ -804,13 +804,15 @@ static int linuxkm_test_ecdh_nist_driver(const char * driver,`
`804`	`804`	`if (IS_ERR(tfm)) {`
`805`	`805`	`pr_err("error: allocating kpp algorithm %s failed: %ld\n",`
`806`	`806`	`driver, PTR_ERR(tfm));`
	`807`	`+ tfm = NULL;`
`807`	`808`	`goto test_ecdh_nist_end;`
`808`	`809`	`}`
`809`	`810`
`810`	`811`	`req = kpp_request_alloc(tfm, GFP_KERNEL);`
`811`	`812`	`if (IS_ERR(req)) {`
`812`	`813`	`pr_err("error: allocating kpp request %s failed\n",`
`813`	`814`	`driver);`
	`815`	`+ req = NULL;`
`814`	`816`	`goto test_ecdh_nist_end;`
`815`	`817`	`}`
`816`	`818`
Original file line number	Diff line number	Diff line change
`@@ -679,13 +679,15 @@ static int linuxkm_test_ecdsa_nist_driver(const char * driver,`
`679`	`679`	`if (IS_ERR(tfm)) {`
`680`	`680`	`pr_err("error: allocating akcipher algorithm %s failed: %ld\n",`
`681`	`681`	`driver, PTR_ERR(tfm));`
	`682`	`+ tfm = NULL;`
`682`	`683`	`goto test_ecdsa_nist_end;`
`683`	`684`	`}`
`684`	`685`
`685`	`686`	`req = akcipher_request_alloc(tfm, GFP_KERNEL);`
`686`	`687`	`if (IS_ERR(req)) {`
`687`	`688`	`pr_err("error: allocating akcipher request %s failed\n",`
`688`	`689`	`driver);`
	`690`	`+ req = NULL;`
`689`	`691`	`goto test_ecdsa_nist_end;`
`690`	`692`	`}`
`691`	`693`
Original file line number	Diff line number	Diff line change
`@@ -1754,7 +1754,7 @@ WOLFSSL_LOCAL int SAVE_VECTOR_REGISTERS2_fuzzer(void) {`
`1754`	`1754`	`}`
`1755`	`1755`	`(void)lrand48_r(&wc_svr_fuzzing_state, &result);`
`1756`	`1756`	`if (result & 1)`
`1757`		`- return IO_FAILED_E;`
	`1757`	`+ return WC_NO_ERR_TRACE(IO_FAILED_E);`
`1758`	`1758`	`else`
`1759`	`1759`	`return 0;`
`1760`	`1760`	`}`
`@@ -1794,7 +1794,7 @@ WOLFSSL_LOCAL int SAVE_VECTOR_REGISTERS2_fuzzer(void) {`
`1794`	`1794`
`1795`	`1795`	`balance_bit = !balance_bit;`
`1796`	`1796`
`1797`		`- return ((prn & 1) ^ balance_bit) ? IO_FAILED_E : 0;`
	`1797`	`+ return ((prn & 1) ^ balance_bit) ? WC_NO_ERR_TRACE(IO_FAILED_E) : 0;`
`1798`	`1798`	`}`
`1799`	`1799`
`1800`	`1800`	`#endif /* !HAVE_THREAD_LS */`