crypto/testmgr.o fails to build due to struct cipher_testvec not having data members: ctext, ptext, len

Bug #1841264 reported by Connor Kuehl on 2019-08-23
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
linux (Ubuntu)
Undecided
Unassigned
Bionic
Medium
Connor Kuehl

Bug Description

[Impact]
Ubuntu commit aae817ffb114 "crypto: testmgr - add AES-CFB tests" added new test cases to the crypto self-tests. This patch is referring to structure members that don't exist in Bionic because the large mainline clean up patch 92a4c9fef34c crypto: "testmgr - eliminate redundant decryption test vectors" has not been backported.

[Fix]
Revert Ubuntu commit aae817ffb114 "crypto: testmgr - add AES-CFB tests" as the backport is large and error prone. The backport will not be accepted at this time.

[Test Case]
On a Bionic kernel, ensure "CONFIG_CRYPTO_MANAGER_DISABLE_TESTS" is NOT set and ensure you have the patch in your tree (master-next should have it as of this writing it has not been reverted).

To disable that config option, edit debian.master/config/config.common.ubuntu and delete the line that reads "CONFIG_CRYPTO_MANAGER_DISABLE_TESTS=y" then update the configs with "fakeroot debian/rules updateconfigs"

Build the kernel.

Expected result: crypto/testmgr.o is built successfully and so is the rest of the kernel for your build.

Actual result: crypto/testmgr.o fails to build with several errors related to data members of a structure that don't exist yet. Like this:

/tmp/kernel-connork-cb14cb8-q7j8/build/crypto/testmgr.h:16148:4: error: 'const struct cipher_testvec' has no member named 'ptext'
   .ptext = "\x6b\xc1\xbe\xe2\x2e\x40\x9f\x96"
    ^~~~~
/tmp/kernel-connork-cb14cb8-q7j8/build/crypto/testmgr.h:16156:4: error: 'const struct cipher_testvec' has no member named 'ctext'
   .ctext = "\x3b\x3f\xd9\x2e\xb7\x2d\xad\x20"
    ^~~~~
/tmp/kernel-connork-cb14cb8-q7j8/build/crypto/testmgr.h:16164:4: error: 'const struct cipher_testvec' has no member named 'len'; did you mean 'klen'?
   .len = 64,

[Regression Potential]
Very low. This reverts a patch that added crypto tests that do not compile. Furthermore, these tests rely on a module, CFB, which is loaded at run-time for the test suite. This module has not been added to the Bionic kernel, and so even if the tests DID compile, they would not be able to run.

Original SRU justification in favor of the backport follows:
-------------------------------------------------------------

[Impact]

Ubuntu commit aae817ffb114 "crypto: testmgr - add AES-CFB tests" added new test cases to the crypto self-tests. This patch is referring to structure members that don't exist in Bionic because the large mainline clean up patch 92a4c9fef34c crypto: "testmgr - eliminate redundant decryption test vectors" has not been backported.

As a result, Bionic will fail to build if the crypto self tests are enabled in the kernel config. This build failure was noticed when building a derivative kernel.

This mainline patch is a massive refactoring, complete with the updated structure definitions that will resolve the build failure:

92a4c9fef34c "crypto: testmgr - eliminate redundant decryption test vectors"

Furthermore, once the pre-requisite patch is backported, the CFB module also needs to be backported as the new tests added by Ubuntu commit aae817ffb114 "crypto: testmgr - add AES-CFB tests" will attempt to load that module at runtime to execute its tests.

The primary argument for the inclusion of this backport would be that we would not have to amend future crypto test case additions as they come in via stable update sync to use the "older" code structure.

[Test Case]

On a Bionic kernel, ensure "CONFIG_CRYPTO_MANAGER_DISABLE_TESTS" is NOT set and ensure you have the patch in your tree (master-next should have it as of this writing it has not been reverted).

To disable that config option, edit debian.master/config/config.common.ubuntu and delete the line that reads "CONFIG_CRYPTO_MANAGER_DISABLE_TESTS=y" then update the configs with "fakeroot debian/rules updateconfigs"

Build the kernel.

Expected result: crypto/testmgr.o is built successfully and so is the rest of the kernel for your build.

Actual result: crypto/testmgr.o fails to build with several errors related to data members of a structure that don't exist yet. Like this:

/tmp/kernel-connork-cb14cb8-q7j8/build/crypto/testmgr.h:16148:4: error: 'const struct cipher_testvec' has no member named 'ptext'
   .ptext = "\x6b\xc1\xbe\xe2\x2e\x40\x9f\x96"
    ^~~~~
/tmp/kernel-connork-cb14cb8-q7j8/build/crypto/testmgr.h:16156:4: error: 'const struct cipher_testvec' has no member named 'ctext'
   .ctext = "\x3b\x3f\xd9\x2e\xb7\x2d\xad\x20"
    ^~~~~
/tmp/kernel-connork-cb14cb8-q7j8/build/crypto/testmgr.h:16164:4: error: 'const struct cipher_testvec' has no member named 'len'; did you mean 'klen'?
   .len = 64,

[Testing]

After backporting the pre-requisite refactor patch and the CFB module that the new tests depend on, I compiled and booted into the kernel and ran the Crypto test suite by loading the "tcrypt" module. I compared the test suite results with a Bionic kernel that does NOT have this backport and confirmed they both emitted the same test results from the crypto self tests:

[ 15.536400] alg: hash: Failed to load transform for hmac(crc32): -2
[ 15.552214] alg: cprng: Failed to load transform for ansi_cprng: -2
[ 15.590773] tcrypt: one or more tests failed!

No new test failures have been added as a result of this backport.

[Regression Potential]

There is a chance for breakage within the test suite because the primary patch that resolves this build failure, 92a4c9fef34c "crypto: testmgr - eliminate redundant decryption test vectors" is not practical to review.

However, this backport was accomplished with the very same awk script supplied by the original patch author and the results between one kernel and a modified kernel are consistent.

CVE References

Connor Kuehl (connork) on 2019-08-23
Changed in linux (Ubuntu):
status: New → Invalid
Changed in linux (Ubuntu Bionic):
status: New → In Progress
importance: Undecided → Medium
assignee: nobody → Connor Kuehl (connork)
Connor Kuehl (connork) on 2019-08-23
description: updated
Connor Kuehl (connork) on 2019-08-29
description: updated
Changed in linux (Ubuntu Bionic):
status: In Progress → Fix Committed

This bug is awaiting verification that the kernel in -proposed solves the problem. Please test the kernel and update this bug with the results. If the problem is solved, change the tag 'verification-needed-bionic' to 'verification-done-bionic'. If the problem still exists, change the tag 'verification-needed-bionic' to 'verification-failed-bionic'.

If verification is not done by 5 working days from today, this fix will be dropped from the source code, and this bug will be closed.

See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Thank you!

tags: added: verification-needed-bionic
Launchpad Janitor (janitor) wrote :
Download full text (20.2 KiB)

This bug was fixed in the package linux - 4.15.0-65.74

---------------
linux (4.15.0-65.74) bionic; urgency=medium

  * bionic/linux: 4.15.0-65.74 -proposed tracker (LP: #1844403)

  * arm64: large modules fail to load (LP: #1841109)
    - arm64/kernel: kaslr: reduce module randomization range to 4 GB
    - arm64/kernel: don't ban ADRP to work around Cortex-A53 erratum #843419
    - arm64: fix undefined reference to 'printk'
    - arm64/kernel: rename module_emit_adrp_veneer->module_emit_veneer_for_adrp
    - [config] Remove CONFIG_ARM64_MODULE_CMODEL_LARGE

  * CVE-2018-20976
    - xfs: clear sb->s_fs_info on mount failure

  * br_netfilter: namespace sysctl operations (LP: #1836910)
    - net: bridge: add bitfield for options and convert vlan opts
    - net: bridge: convert nf call options to bits
    - netfilter: bridge: port sysctls to use brnf_net
    - netfilter: bridge: namespace bridge netfilter sysctls
    - netfilter: bridge: prevent UAF in brnf_exit_net()

  * tuntap: correctly set SOCKWQ_ASYNC_NOSPACE (LP: #1830756)
    - tuntap: correctly set SOCKWQ_ASYNC_NOSPACE

  * Bionic update: upstream stable patchset 2019-08-30 (LP: #1842114)
    - HID: Add 044f:b320 ThrustMaster, Inc. 2 in 1 DT
    - MIPS: kernel: only use i8253 clocksource with periodic clockevent
    - mips: fix cacheinfo
    - netfilter: ebtables: fix a memory leak bug in compat
    - ASoC: dapm: Fix handling of custom_stop_condition on DAPM graph walks
    - bonding: Force slave speed check after link state recovery for 802.3ad
    - can: dev: call netif_carrier_off() in register_candev()
    - ASoC: Fail card instantiation if DAI format setup fails
    - st21nfca_connectivity_event_received: null check the allocation
    - st_nci_hci_connectivity_event_received: null check the allocation
    - ASoC: ti: davinci-mcasp: Correct slot_width posed constraint
    - net: usb: qmi_wwan: Add the BroadMobi BM818 card
    - qed: RDMA - Fix the hw_ver returned in device attributes
    - isdn: mISDN: hfcsusb: Fix possible null-pointer dereferences in
      start_isoc_chain()
    - netfilter: ipset: Fix rename concurrency with listing
    - isdn: hfcsusb: Fix mISDN driver crash caused by transfer buffer on the stack
    - perf bench numa: Fix cpu0 binding
    - can: sja1000: force the string buffer NULL-terminated
    - can: peak_usb: force the string buffer NULL-terminated
    - net/ethernet/qlogic/qed: force the string buffer NULL-terminated
    - NFSv4: Fix a potential sleep while atomic in nfs4_do_reclaim()
    - HID: input: fix a4tech horizontal wheel custom usage
    - SMB3: Kernel oops mounting a encryptData share with CONFIG_DEBUG_VIRTUAL
    - net: cxgb3_main: Fix a resource leak in a error path in 'init_one()'
    - net: hisilicon: make hip04_tx_reclaim non-reentrant
    - net: hisilicon: fix hip04-xmit never return TX_BUSY
    - net: hisilicon: Fix dma_map_single failed on arm64
    - libata: have ata_scsi_rw_xlat() fail invalid passthrough requests
    - libata: add SG safety checks in SFF pio transfers
    - x86/lib/cpu: Address missing prototypes warning
    - drm/vmwgfx: fix memory leak when too many retries have occurred
    - perf ftrace: Fix failure to set cpuma...

Changed in linux (Ubuntu Bionic):
status: Fix Committed → Fix Released
To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers