From ba01f076318c14be42db4bd8e6976800ccfbd1b1 Mon Sep 17 00:00:00 2001 From: Damjan Marion Date: Fri, 5 Apr 2019 11:11:04 +0200 Subject: crypto: coverity issues Change-Id: I9db1b74097c9df587b9265b14a969d347bcb731a Signed-off-by: Damjan Marion --- src/plugins/crypto_ia32/aes_cbc.c | 39 +++++++++++++++++++++++++-------------- src/plugins/crypto_ia32/aesni.h | 3 ++- src/vnet/crypto/crypto.c | 2 +- 3 files changed, 28 insertions(+), 16 deletions(-) (limited to 'src') diff --git a/src/plugins/crypto_ia32/aes_cbc.c b/src/plugins/crypto_ia32/aes_cbc.c index 281cc83705a..091f7b6a539 100644 --- a/src/plugins/crypto_ia32/aes_cbc.c +++ b/src/plugins/crypto_ia32/aes_cbc.c @@ -95,10 +95,12 @@ aesni_ops_enc_aes_cbc (vlib_main_t * vm, vnet_crypto_op_t * ops[], vm->thread_index); int rounds = AESNI_KEY_ROUNDS (ks); u8 dummy[8192]; - u8 *src[4], *dst[4], *key[4]; + u8 *src[4] = { }; + u8 *dst[4] = { }; + u8 *key[4] = { }; u32x4 dummy_mask, len = { }; u32 i, j, count, n_left = n_ops; - __m128i r[4], k[4][rounds + 1]; + __m128i r[4] = { }, k[4][rounds + 1]; more: for (i = 0; i < 4; i++) @@ -187,22 +189,30 @@ aesni_ops_dec_aes_cbc (vlib_main_t * vm, vnet_crypto_op_t * ops[], u32 n_ops, aesni_key_size_t ks) { int rounds = AESNI_KEY_ROUNDS (ks); - u8 *last_key = 0; - u32 i; + vnet_crypto_op_t *op = ops[0]; + u32 n_left = n_ops; + u8 *last_key; __m128i k[rounds + 1]; - for (i = 0; i < n_ops; i++) + ASSERT (n_ops >= 1); + +key_expand: + last_key = op->key; + aes_key_expand (k, op->key, ks); + aes_key_enc_to_dec (k, ks); + +decrypt: + aes_cbc_dec (k, op->src, op->dst, op->iv, op->len, rounds); + op->status = VNET_CRYPTO_OP_STATUS_COMPLETED; + + if (--n_left) { - vnet_crypto_op_t *op = ops[i]; + op += 1; if (last_key != op->key) - { - aes_key_expand (k, op->key, ks); - last_key = op->key; - aes_key_enc_to_dec (k, rounds); - } - aes_cbc_dec (k, op->src, op->dst, op->iv, op->len, rounds); - op->status = VNET_CRYPTO_OP_STATUS_COMPLETED; + goto key_expand; + goto decrypt; } + return n_ops; } @@ -237,7 +247,8 @@ crypto_ia32_aesni_cbc_init (vlib_main_t * vm) { for (int i = 0; i < 4; i++) { - if (read(fd, ptd->cbc_iv, sizeof (ptd->cbc_iv)) < 0) + if (read(fd, ptd->cbc_iv, sizeof (ptd->cbc_iv)) != + sizeof (ptd->cbc_iv)) { err = clib_error_return_unix (0, "'/dev/urandom' read failure"); goto error; diff --git a/src/plugins/crypto_ia32/aesni.h b/src/plugins/crypto_ia32/aesni.h index 077889ae903..28e09fc5c51 100644 --- a/src/plugins/crypto_ia32/aesni.h +++ b/src/plugins/crypto_ia32/aesni.h @@ -195,8 +195,9 @@ aes_key_expand (__m128i * k, u8 * key, aesni_key_size_t ks) static_always_inline void -aes_key_enc_to_dec (__m128i * k, aesni_key_size_t rounds) +aes_key_enc_to_dec (__m128i * k, aesni_key_size_t ks) { + int rounds = AESNI_KEY_ROUNDS (ks); __m128i r; r = k[rounds]; diff --git a/src/vnet/crypto/crypto.c b/src/vnet/crypto/crypto.c index 3dcb2ec33bd..9d0ad8b13ca 100644 --- a/src/vnet/crypto/crypto.c +++ b/src/vnet/crypto/crypto.c @@ -30,7 +30,7 @@ vnet_crypto_process_ops_call_handler (vlib_main_t * vm, if (cm->ops_handlers[opt] == 0) { - while (n_ops) + while (n_ops--) { ops[0]->status = VNET_CRYPTO_OP_STATUS_FAIL_NO_HANDLER; ops++; -- cgit 1.2.3-korg