Skip to content

Commit

Permalink
Linux: Fix uninitialized variable usage in zio_do_crypt_data()
Browse files Browse the repository at this point in the history
Coverity complained about this. An error from `hkdf_sha512()` before uio
initialization will cause pointers to uninitialized memory to be passed
to `zio_crypt_destroy_uio()`. This is a regression that was introduced
by cf63739. Interestingly, this never
affected FreeBSD, since the FreeBSD version never had that patch ported.
Since moving uio initialization to the top of this function would slow
down the qat_crypt() path, we only move the `memset()` calls to the top
of the function. This is sufficient to fix this problem.

Reviewed-by: Ryan Moeller <ryan@iXsystems.com>
Reviewed-by: Neal Gompa <ngompa@datto.com>
Reviewed-by: Brian Behlendorf <behlendorf1@llnl.gov>
Signed-off-by: Richard Yao <richard.yao@alumni.stonybrook.edu>
Closes openzfs#13944
  • Loading branch information
ryao authored and andrewc12 committed Oct 1, 2022
1 parent 120d86d commit ed67d9a
Showing 1 changed file with 3 additions and 3 deletions.
6 changes: 3 additions & 3 deletions module/os/linux/zfs/zio_crypt.c
Original file line number Diff line number Diff line change
Expand Up @@ -1891,6 +1891,9 @@ zio_do_crypt_data(boolean_t encrypt, zio_crypt_key_t *key,
crypto_ctx_template_t tmpl;
uint8_t *authbuf = NULL;

memset(&puio, 0, sizeof (puio));
memset(&cuio, 0, sizeof (cuio));

/*
* If the needed key is the current one, just use it. Otherwise we
* need to generate a temporary one from the given salt + master key.
Expand Down Expand Up @@ -1950,9 +1953,6 @@ zio_do_crypt_data(boolean_t encrypt, zio_crypt_key_t *key,
/* If the hardware implementation fails fall back to software */
}

memset(&puio, 0, sizeof (puio));
memset(&cuio, 0, sizeof (cuio));

/* create uios for encryption */
ret = zio_crypt_init_uios(encrypt, key->zk_version, ot, plainbuf,
cipherbuf, datalen, byteswap, mac, &puio, &cuio, &enc_len,
Expand Down

0 comments on commit ed67d9a

Please sign in to comment.