[PATCH 00/15] Some cleanup and bugfix of uadk_engine

List overview All Threads
Download

newer

older

[PATCH 1/3] cipher: fix double...

[PATCH 00/10] Somen bugfix and...

Zhiqi Song

15 Jun 2023 15 Jun '23

7:31 p.m.

This series patch include bugfix about: 1. Source release problems. 2. Null pointer judgement. 3. Error handling.

Hao Fang (1): uadk_engine/v1: clean the empty body in an if statement

Zhiqi Song (14): uadk_engine: fixup signed-unsigned mix with relational uadk_engine: fixup variable naming conflicts digest: fixup free source method ecc: fixup free source method inconsistent cipher: fixup error handling in ctx init uadk_engine: modify setting async poll state process dh: fixup release source of private key ecc: Add pkey method null pointer judgment rsa: release source when new kg out failed rsa: bugfix repeated source release sm2: fixup unreleased source in data conversion ecc: add openssl method null pointer judgement async: add null pointer judgment uadk_engine: cleanup call form of callback func

-- 2.33.0

Show replies by date

Zhiqi Song

15 Jun 15 Jun

7:31 p.m.

New subject: [PATCH 01/15] uadk_engine: fixup signed-unsigned mix with relational

Fixup the following variable type issues: 1. Perform type conversion, using the same type in expressions. 2. Fixup subscript may be negative and signed-unsigned mix with relational problems.

diff --git a/src/uadk_cipher.c b/src/uadk_cipher.c index c7be21a..111c16e 100644 --- a/src/uadk_cipher.c +++ b/src/uadk_cipher.c @@ -203,8 +203,8 @@ static struct cipher_info cipher_info_table[] = {

static const EVP_CIPHER *sec_ciphers_get_cipher_sw_impl(int n_id) { - int sec_cipher_sw_table_size = ARRAY_SIZE(sec_ciphers_sw_table); - int i; + __u32 sec_cipher_sw_table_size = ARRAY_SIZE(sec_ciphers_sw_table); + __u32 i;

for (i = 0; i < sec_cipher_sw_table_size; i++) { if (n_id == sec_ciphers_sw_table[i].nid) @@ -348,10 +348,9 @@ static int uadk_get_accel_platform(char *alg_name) static int uadk_e_engine_ciphers(ENGINE *e, const EVP_CIPHER **cipher, const int **nids, int nid) { - int ret = 1; int *cipher_nids; - int size; - int i; + __u32 size, i; + int ret = 1;

if (platform == HW_V2) { size = (sizeof(cipher_hw_v2_nids) - 1) / sizeof(int); @@ -665,8 +664,9 @@ static int uadk_e_cipher_init(EVP_CIPHER_CTX *ctx, const unsigned char *key, { struct cipher_priv_ctx *priv = (struct cipher_priv_ctx *)EVP_CIPHER_CTX_get_cipher_data(ctx); - int cipher_counts = ARRAY_SIZE(cipher_info_table); - int nid, ret, i; + __u32 cipher_counts = ARRAY_SIZE(cipher_info_table); + int nid, ret; + __u32 i;

if (unlikely(!key)) { fprintf(stderr, "ctx init parameter key is NULL.\n"); @@ -762,7 +762,7 @@ static void uadk_cipher_update_priv_ctx(struct cipher_priv_ctx *priv) __u16 iv_bytes = priv->req.iv_bytes; int offset = priv->req.in_bytes - iv_bytes; unsigned char K[IV_LEN] = {0}; - int i; + __u32 i;

switch (priv->setup.mode) { case WD_CIPHER_CFB: @@ -1123,7 +1123,8 @@ static void destroy_v3_cipher(void)

void uadk_e_destroy_cipher(void) { - int i, ret; + __u32 i; + int ret;

if (engine.pid == getpid()) { ret = uadk_e_is_env_enabled("cipher"); diff --git a/src/uadk_dh.c b/src/uadk_dh.c index 89157d2..c5ef813 100644 --- a/src/uadk_dh.c +++ b/src/uadk_dh.c @@ -67,7 +67,7 @@ struct uadk_dh_sess { struct wd_dh_sess_setup setup; struct wd_dh_req req; DH *alg; - uint32_t key_size; + __u16 key_size; };

struct dh_res { @@ -316,7 +316,7 @@ static int uadk_e_wd_dh_init(struct dh_res_config *config, struct uacce_dev *dev struct wd_sched *sched = &config->sched.wd_sched; struct wd_ctx_config *ctx_cfg; int ret = 0; - int i; + __u32 i;

ret = uadk_e_is_env_enabled("dh"); if (ret == ENV_ENABLED) @@ -406,7 +406,8 @@ err_unlock: static void uadk_e_wd_dh_uninit(void) { struct wd_ctx_config *ctx_cfg = g_dh_res.ctx_res; - int i, ret; + __u32 i; + int ret;

if (g_dh_res.pid == getpid()) { ret = uadk_e_is_env_enabled("dh"); @@ -440,9 +441,9 @@ static struct uadk_dh_sess *dh_new_eng_session(DH *dh_alg) }

static int dh_init_eng_session(struct uadk_dh_sess *dh_sess, - int bits, bool is_g2) + __u16 bits, bool is_g2) { - uint32_t key_size = (uint32_t)bits >> CHAR_BIT_SIZE; + __u16 key_size = bits >> CHAR_BIT_SIZE; struct sched_params params = {0};

if (dh_sess->sess && dh_sess->req.x_p) { @@ -453,7 +454,7 @@ static int dh_init_eng_session(struct uadk_dh_sess *dh_sess,

if (!dh_sess->sess) { dh_sess->key_size = key_size; - dh_sess->setup.key_bits = dh_sess->key_size << CHAR_BIT_SIZE; + dh_sess->setup.key_bits = bits; dh_sess->setup.is_g2 = is_g2; params.numa_id = g_dh_res.numa_id; dh_sess->setup.sched_param = &params; @@ -482,7 +483,7 @@ static void dh_free_eng_session(struct uadk_dh_sess *dh_sess) OPENSSL_free(dh_sess); }

-static struct uadk_dh_sess *dh_get_eng_session(DH *dh, int bits, +static struct uadk_dh_sess *dh_get_eng_session(DH *dh, __u16 bits, bool is_g2) { struct uadk_dh_sess *dh_sess = dh_new_eng_session(dh); @@ -500,9 +501,10 @@ static struct uadk_dh_sess *dh_get_eng_session(DH *dh, int bits, return dh_sess; }

-static int check_dh_bit_useful(const int bits) +static int check_dh_bit_useful(const __u16 bits) { - /* Check whether bits exceeds the limit. + /* + * Check whether bits exceeds the limit. * The max module bits of openssl soft alg is * OPENSSL_DH_MAX_MODULUS_BITS, 10000 bits. * OpenSSL speed tool supports 2048/3072/4096/6144/8192 bits. @@ -524,7 +526,7 @@ static int check_dh_bit_useful(const int bits) return UADK_E_FAIL; }

-static int dh_prepare_data(const int bits, const BIGNUM *g, DH *dh, +static int dh_prepare_data(const __u16 bits, const BIGNUM *g, DH *dh, struct uadk_dh_sess **dh_sess, BIGNUM **priv_key) { @@ -552,7 +554,7 @@ static int dh_prepare_data(const int bits, const BIGNUM *g, DH *dh, return ret; }

-static int dh_set_g(const BIGNUM *g, const int key_size, +static int dh_set_g(const BIGNUM *g, const __u16 key_size, unsigned char *ag_bin, struct uadk_dh_sess *dh_sess) { struct wd_dtb g_dtb; @@ -592,7 +594,7 @@ static int dh_fill_genkey_req(const BIGNUM *g, const BIGNUM *p, const BIGNUM *priv_key, struct uadk_dh_sess *dh_sess) { - int key_size = dh_sess->key_size; + __u16 key_size = dh_sess->key_size; unsigned char *apriv_key_bin; unsigned char *ag_bin; unsigned char *ap_bin; @@ -642,7 +644,7 @@ static int dh_fill_compkey_req(const BIGNUM *g, const BIGNUM *p, const BIGNUM *priv_key, const BIGNUM *pub_key, struct uadk_dh_sess *dh_sess) { - int key_size = dh_sess->key_size; + __u16 key_size = dh_sess->key_size; unsigned char *apriv_key_bin; unsigned char *ap_bin; unsigned char *ag_bin; @@ -759,10 +761,10 @@ static int uadk_e_dh_generate_key(DH *dh) struct uadk_dh_sess *dh_sess = NULL; BIGNUM *priv_key = NULL; BIGNUM *pub_key = NULL; - int bits = DH_bits(dh); const BIGNUM *p = NULL; const BIGNUM *g = NULL; const BIGNUM *q = NULL; + __u16 bits; int ret;

if (!dh) @@ -776,6 +778,12 @@ static int uadk_e_dh_generate_key(DH *dh) if (!p || !g || q) goto exe_soft;

+ /* + * The max module bits of DH is + * OPENSSL_DH_MAX_MODULUS_BITS, 10000 bits. + */ + bits = (__u16)DH_bits(dh); + /* Get session and prepare private key */ ret = dh_prepare_data(bits, g, dh, &dh_sess, &priv_key); if (!ret) { @@ -819,8 +827,8 @@ static int uadk_e_dh_compute_key(unsigned char *key, const BIGNUM *pub_key, DH *dh) { struct uadk_dh_sess *dh_sess = NULL; + __u16 bits = (__u16)DH_bits(dh); BIGNUM *priv_key = NULL; - int bits = DH_bits(dh); const BIGNUM *p = NULL; const BIGNUM *g = NULL; const BIGNUM *q = NULL; diff --git a/src/uadk_digest.c b/src/uadk_digest.c index b7718e6..94b2636 100644 --- a/src/uadk_digest.c +++ b/src/uadk_digest.c @@ -418,7 +418,8 @@ static int uadk_e_wd_digest_env_init(struct uacce_dev *dev)

static int uadk_e_wd_digest_init(struct uacce_dev *dev) { - int ret, i, j; + __u32 i, j; + int ret;

engine.numa_id = dev->numa_id;

@@ -527,10 +528,11 @@ static int uadk_e_digest_init(EVP_MD_CTX *ctx) { struct digest_priv_ctx *priv = (struct digest_priv_ctx *) EVP_MD_CTX_md_data(ctx); - int digest_counts = ARRAY_SIZE(digest_info_table); + __u32 digest_counts = ARRAY_SIZE(digest_info_table); int nid = EVP_MD_nid(EVP_MD_CTX_md(ctx)); struct sched_params params = {0}; - int ret, i; + __u32 i; + int ret;

priv->e_nid = nid;

@@ -911,7 +913,8 @@ int uadk_e_bind_digest(ENGINE *e)

void uadk_e_destroy_digest(void) { - int i, ret; + __u32 i; + int ret;

if (engine.pid == getpid()) { ret = uadk_e_is_env_enabled("digest"); diff --git a/src/uadk_ec.c b/src/uadk_ec.c index 69ad4e8..d7ad815 100644 --- a/src/uadk_ec.c +++ b/src/uadk_ec.c @@ -74,7 +74,7 @@ static void init_dtb_param(void *dtb, char *start, { struct wd_dtb *tmp = dtb; char *buff = start; - int i = 0; + __u32 i = 0;

while (i++ < num) { tmp->data = buff; diff --git a/src/uadk_ecx.c b/src/uadk_ecx.c index 0537890..e45fa5e 100644 --- a/src/uadk_ecx.c +++ b/src/uadk_ecx.c @@ -42,13 +42,13 @@ struct ecx_key {

struct ecx_ctx { handle_t sess; - int key_size; + __u32 key_size; int nid; };

-static int reverse_bytes(unsigned char *to_buf, unsigned int size) +static int reverse_bytes(unsigned char *to_buf, __u32 size) { - unsigned char *tmp_buf = to_buf + size - 1; + unsigned char *tmp_buf; unsigned char tmp;

if (!size) { @@ -61,6 +61,7 @@ static int reverse_bytes(unsigned char *to_buf, unsigned int size) return UADK_E_FAIL; }

+ tmp_buf = to_buf + size - 1; while (to_buf < tmp_buf) { tmp = *tmp_buf; *tmp_buf-- = *to_buf; @@ -234,7 +235,7 @@ static int ecx_get_nid(EVP_PKEY_CTX *ctx) return nid; }

-static int ecx_create_privkey(struct ecx_key **ecx_key, int key_size) +static int ecx_create_privkey(struct ecx_key **ecx_key, __u32 key_size) { unsigned char *privkey; int ret; @@ -293,12 +294,12 @@ static int ecx_keygen_set_private_key(struct ecx_ctx *ecx_ctx, static int ecx_keygen_set_pkey(EVP_PKEY *pkey, struct ecx_ctx *ecx_ctx, struct wd_ecc_req *req, struct ecx_key *ecx_key) { + __u32 key_size = ecx_ctx->key_size; struct wd_ecc_point *pubkey = NULL; - int key_size = ecx_ctx->key_size; int ret;

if (key_size > ECX_MAX_KEYLEN) { - fprintf(stderr, "invalid key size, key_size = %d\n", key_size); + fprintf(stderr, "invalid key size, key_size = %u\n", key_size); return UADK_E_FAIL; }

@@ -308,8 +309,7 @@ static int ecx_keygen_set_pkey(EVP_PKEY *pkey, struct ecx_ctx *ecx_ctx, return UADK_E_FAIL; }

- memcpy(ecx_key->pubkey, (const unsigned char *)pubkey->x.data, - key_size); + memcpy(ecx_key->pubkey, (const unsigned char *)pubkey->x.data, key_size); /* Trans public key from big-endian to little-endian */ ret = reverse_bytes(ecx_key->pubkey, key_size); if (!ret) { @@ -507,7 +507,7 @@ static int ecx_compkey_init_iot(struct ecx_ctx *ecx_ctx, struct wd_ecc_req *req, struct ecx_key *peer_ecx_key, struct ecx_key *ecx_key) { - int key_size = ecx_ctx->key_size; + __u32 key_size = ecx_ctx->key_size; char buf_y[ECX_MAX_KEYLEN] = {0}; handle_t sess = ecx_ctx->sess; struct wd_ecc_point in_pubkey; diff --git a/src/uadk_pkey.c b/src/uadk_pkey.c index ba33b7d..b24c196 100644 --- a/src/uadk_pkey.c +++ b/src/uadk_pkey.c @@ -197,7 +197,8 @@ static int uadk_e_wd_ecc_general_init(struct uacce_dev *dev, struct wd_sched *sched) { struct wd_ctx_config *ctx_cfg; - int ret, i; + __u32 i; + int ret;

ctx_cfg = calloc(1, sizeof(struct wd_ctx_config)); if (!ctx_cfg) @@ -258,7 +259,8 @@ static int uadk_wd_ecc_init(struct ecc_res_config *config, struct uacce_dev *dev static void uadk_wd_ecc_uninit(void) { struct wd_ctx_config *ctx_cfg = ecc_res.ctx_res; - int i, ret; + __u32 i; + int ret;

if (ecc_res.pid != getpid()) return; @@ -328,7 +330,7 @@ err:

bool uadk_is_all_zero(const unsigned char *data, size_t dlen) { - int i; + size_t i;

for (i = 0; i < dlen; i++) { if (data[i]) @@ -559,7 +561,7 @@ const EVP_PKEY_METHOD *get_openssl_pkey_meth(int nid) size_t count = EVP_PKEY_meth_get_count(); const EVP_PKEY_METHOD *pmeth; int pkey_id = -1; - int i; + size_t i;

for (i = 0; i < count; i++) { pmeth = EVP_PKEY_meth_get0(i); @@ -636,7 +638,8 @@ void uadk_e_ecc_lock_init(void) int uadk_e_bind_ecc(ENGINE *e) { static const char * const ecc_alg[] = {"sm2", "ecdsa", "ecdh", "x25519", "x448"}; - int i, size, ret; + __u32 i, size; + int ret; bool sp;

/* Enumerate ecc algs to check whether it is supported and set tags */ diff --git a/src/uadk_rsa.c b/src/uadk_rsa.c index 8af0844..23deb3c 100644 --- a/src/uadk_rsa.c +++ b/src/uadk_rsa.c @@ -828,7 +828,8 @@ err_unlock: static void uadk_e_rsa_uninit(void) { struct wd_ctx_config *ctx_cfg = g_rsa_res.ctx_res; - int i, ret; + __u32 i; + int ret;

if (g_rsa_res.pid == getpid()) { ret = uadk_e_is_env_enabled("rsa"); diff --git a/src/uadk_utils.h b/src/uadk_utils.h index a16536b..028eb15 100644 --- a/src/uadk_utils.h +++ b/src/uadk_utils.h @@ -17,7 +17,6 @@ #ifndef UADK_UTILS #define UADK_UTILS #include <stdio.h> -#include <stdlib.h> #include <string.h>

void *uadk_memcpy(void *dstpp, const void *srcpp, size_t len);

-- 2.33.0

Zhiqi Song

7:31 p.m.

New subject: [PATCH 02/15] uadk_engine: fixup variable naming conflicts

Use different global variable name in cipher and digest algs.

Signed-off-by: Zhiqi Song songzhiqi1@huawei.com --- src/uadk_cipher.c | 80 +++++++++++++++++++++++------------------------ src/uadk_digest.c | 64 ++++++++++++++++++------------------- 2 files changed, 72 insertions(+), 72 deletions(-)

diff --git a/src/uadk_cipher.c b/src/uadk_cipher.c index 111c16e..72b5c19 100644 --- a/src/uadk_cipher.c +++ b/src/uadk_cipher.c @@ -47,7 +47,7 @@ struct cipher_engine { pthread_spinlock_t lock; };

-static struct cipher_engine engine; +static struct cipher_engine g_cipher_engine;

struct sw_cipher_t { int nid; @@ -562,41 +562,41 @@ static int uadk_e_wd_cipher_init(struct uacce_dev *dev) { int ret, i, j;

- engine.numa_id = dev->numa_id; + g_cipher_engine.numa_id = dev->numa_id;

ret = uadk_e_is_env_enabled("cipher"); if (ret == ENV_ENABLED) return uadk_e_wd_cipher_env_init(dev);

- memset(&engine.ctx_cfg, 0, sizeof(struct wd_ctx_config)); - engine.ctx_cfg.ctx_num = CTX_NUM; - engine.ctx_cfg.ctxs = calloc(CTX_NUM, sizeof(struct wd_ctx)); - if (!engine.ctx_cfg.ctxs) + memset(&g_cipher_engine.ctx_cfg, 0, sizeof(struct wd_ctx_config)); + g_cipher_engine.ctx_cfg.ctx_num = CTX_NUM; + g_cipher_engine.ctx_cfg.ctxs = calloc(CTX_NUM, sizeof(struct wd_ctx)); + if (!g_cipher_engine.ctx_cfg.ctxs) return -ENOMEM;

for (i = 0; i < CTX_NUM; i++) { - engine.ctx_cfg.ctxs[i].ctx = wd_request_ctx(dev); - if (!engine.ctx_cfg.ctxs[i].ctx) { + g_cipher_engine.ctx_cfg.ctxs[i].ctx = wd_request_ctx(dev); + if (!g_cipher_engine.ctx_cfg.ctxs[i].ctx) { ret = -ENOMEM; goto err_freectx; } }

- engine.ctx_cfg.ctxs[CTX_SYNC_ENC].op_type = CTX_TYPE_ENCRYPT; - engine.ctx_cfg.ctxs[CTX_SYNC_DEC].op_type = CTX_TYPE_DECRYPT; - engine.ctx_cfg.ctxs[CTX_ASYNC_ENC].op_type = CTX_TYPE_ENCRYPT; - engine.ctx_cfg.ctxs[CTX_ASYNC_DEC].op_type = CTX_TYPE_DECRYPT; - engine.ctx_cfg.ctxs[CTX_SYNC_ENC].ctx_mode = CTX_MODE_SYNC; - engine.ctx_cfg.ctxs[CTX_SYNC_DEC].ctx_mode = CTX_MODE_SYNC; - engine.ctx_cfg.ctxs[CTX_ASYNC_ENC].ctx_mode = CTX_MODE_ASYNC; - engine.ctx_cfg.ctxs[CTX_ASYNC_DEC].ctx_mode = CTX_MODE_ASYNC; - - engine.sched.name = "sched_single"; - engine.sched.pick_next_ctx = sched_single_pick_next_ctx; - engine.sched.poll_policy = sched_single_poll_policy; - engine.sched.sched_init = sched_single_init; - - ret = wd_cipher_init(&engine.ctx_cfg, &engine.sched); + g_cipher_engine.ctx_cfg.ctxs[CTX_SYNC_ENC].op_type = CTX_TYPE_ENCRYPT; + g_cipher_engine.ctx_cfg.ctxs[CTX_SYNC_DEC].op_type = CTX_TYPE_DECRYPT; + g_cipher_engine.ctx_cfg.ctxs[CTX_ASYNC_ENC].op_type = CTX_TYPE_ENCRYPT; + g_cipher_engine.ctx_cfg.ctxs[CTX_ASYNC_DEC].op_type = CTX_TYPE_DECRYPT; + g_cipher_engine.ctx_cfg.ctxs[CTX_SYNC_ENC].ctx_mode = CTX_MODE_SYNC; + g_cipher_engine.ctx_cfg.ctxs[CTX_SYNC_DEC].ctx_mode = CTX_MODE_SYNC; + g_cipher_engine.ctx_cfg.ctxs[CTX_ASYNC_ENC].ctx_mode = CTX_MODE_ASYNC; + g_cipher_engine.ctx_cfg.ctxs[CTX_ASYNC_DEC].ctx_mode = CTX_MODE_ASYNC; + + g_cipher_engine.sched.name = "sched_single"; + g_cipher_engine.sched.pick_next_ctx = sched_single_pick_next_ctx; + g_cipher_engine.sched.poll_policy = sched_single_poll_policy; + g_cipher_engine.sched.sched_init = sched_single_init; + + ret = wd_cipher_init(&g_cipher_engine.ctx_cfg, &g_cipher_engine.sched); if (ret) goto err_freectx;

@@ -606,9 +606,9 @@ static int uadk_e_wd_cipher_init(struct uacce_dev *dev)

err_freectx: for (j = 0; j < i; j++) - wd_release_ctx(engine.ctx_cfg.ctxs[j].ctx); + wd_release_ctx(g_cipher_engine.ctx_cfg.ctxs[j].ctx);

- free(engine.ctx_cfg.ctxs); + free(g_cipher_engine.ctx_cfg.ctxs);

return ret; } @@ -618,16 +618,16 @@ static int uadk_e_init_cipher(void) struct uacce_dev *dev; int ret;

- if (engine.pid != getpid()) { - pthread_spin_lock(&engine.lock); - if (engine.pid == getpid()) { - pthread_spin_unlock(&engine.lock); + if (g_cipher_engine.pid != getpid()) { + pthread_spin_lock(&g_cipher_engine.lock); + if (g_cipher_engine.pid == getpid()) { + pthread_spin_unlock(&g_cipher_engine.lock); return 1; }

dev = wd_get_accel_dev("cipher"); if (!dev) { - pthread_spin_unlock(&engine.lock); + pthread_spin_unlock(&g_cipher_engine.lock); fprintf(stderr, "failed to get device for cipher.\n"); return 0; } @@ -636,15 +636,15 @@ static int uadk_e_init_cipher(void) if (ret) goto err_unlock;

- engine.pid = getpid(); - pthread_spin_unlock(&engine.lock); + g_cipher_engine.pid = getpid(); + pthread_spin_unlock(&g_cipher_engine.lock); free(dev); }

return 1;

err_unlock: - pthread_spin_unlock(&engine.lock); + pthread_spin_unlock(&g_cipher_engine.lock); free(dev); fprintf(stderr, "failed to init cipher(%d).\n", ret);

@@ -1126,20 +1126,20 @@ void uadk_e_destroy_cipher(void) __u32 i; int ret;

- if (engine.pid == getpid()) { + if (g_cipher_engine.pid == getpid()) { ret = uadk_e_is_env_enabled("cipher"); if (ret == ENV_ENABLED) { wd_cipher_env_uninit(); } else { wd_cipher_uninit(); - for (i = 0; i < engine.ctx_cfg.ctx_num; i++) - wd_release_ctx(engine.ctx_cfg.ctxs[i].ctx); - free(engine.ctx_cfg.ctxs); + for (i = 0; i < g_cipher_engine.ctx_cfg.ctx_num; i++) + wd_release_ctx(g_cipher_engine.ctx_cfg.ctxs[i].ctx); + free(g_cipher_engine.ctx_cfg.ctxs); } - engine.pid = 0; + g_cipher_engine.pid = 0; }

- pthread_spin_destroy(&engine.lock); + pthread_spin_destroy(&g_cipher_engine.lock);

destroy_v2_cipher(); if (platform > HW_V2) @@ -1148,5 +1148,5 @@ void uadk_e_destroy_cipher(void)

void uadk_e_cipher_lock_init(void) { - pthread_spin_init(&engine.lock, PTHREAD_PROCESS_PRIVATE); + pthread_spin_init(&g_cipher_engine.lock, PTHREAD_PROCESS_PRIVATE); } diff --git a/src/uadk_digest.c b/src/uadk_digest.c index 94b2636..984127e 100644 --- a/src/uadk_digest.c +++ b/src/uadk_digest.c @@ -73,7 +73,7 @@ struct digest_engine { pthread_spinlock_t lock; };

-static struct digest_engine engine; +static struct digest_engine g_digest_engine;

struct evp_md_ctx_st { const EVP_MD *digest; @@ -421,36 +421,36 @@ static int uadk_e_wd_digest_init(struct uacce_dev *dev) __u32 i, j; int ret;

- engine.numa_id = dev->numa_id; + g_digest_engine.numa_id = dev->numa_id;

ret = uadk_e_is_env_enabled("digest"); if (ret == ENV_ENABLED) return uadk_e_wd_digest_env_init(dev);

- memset(&engine.ctx_cfg, 0, sizeof(struct wd_ctx_config)); - engine.ctx_cfg.ctx_num = CTX_NUM; - engine.ctx_cfg.ctxs = calloc(CTX_NUM, sizeof(struct wd_ctx)); - if (!engine.ctx_cfg.ctxs) + memset(&g_digest_engine.ctx_cfg, 0, sizeof(struct wd_ctx_config)); + g_digest_engine.ctx_cfg.ctx_num = CTX_NUM; + g_digest_engine.ctx_cfg.ctxs = calloc(CTX_NUM, sizeof(struct wd_ctx)); + if (!g_digest_engine.ctx_cfg.ctxs) return -ENOMEM;

for (i = 0; i < CTX_NUM; i++) { - engine.ctx_cfg.ctxs[i].ctx = wd_request_ctx(dev); - if (!engine.ctx_cfg.ctxs[i].ctx) { + g_digest_engine.ctx_cfg.ctxs[i].ctx = wd_request_ctx(dev); + if (!g_digest_engine.ctx_cfg.ctxs[i].ctx) { ret = -ENOMEM; goto err_freectx; }

- engine.ctx_cfg.ctxs[i].op_type = CTX_TYPE_ENCRYPT; - engine.ctx_cfg.ctxs[i].ctx_mode = + g_digest_engine.ctx_cfg.ctxs[i].op_type = CTX_TYPE_ENCRYPT; + g_digest_engine.ctx_cfg.ctxs[i].ctx_mode = (i == 0) ? CTX_MODE_SYNC : CTX_MODE_ASYNC; }

- engine.sched.name = "sched_single"; - engine.sched.pick_next_ctx = sched_single_pick_next_ctx; - engine.sched.poll_policy = sched_single_poll_policy; - engine.sched.sched_init = sched_single_init; + g_digest_engine.sched.name = "sched_single"; + g_digest_engine.sched.pick_next_ctx = sched_single_pick_next_ctx; + g_digest_engine.sched.poll_policy = sched_single_poll_policy; + g_digest_engine.sched.sched_init = sched_single_init;

- ret = wd_digest_init(&engine.ctx_cfg, &engine.sched); + ret = wd_digest_init(&g_digest_engine.ctx_cfg, &g_digest_engine.sched); if (ret) goto err_freectx;

@@ -460,9 +460,9 @@ static int uadk_e_wd_digest_init(struct uacce_dev *dev)

err_freectx: for (j = 0; j < i; j++) - wd_release_ctx(engine.ctx_cfg.ctxs[j].ctx); + wd_release_ctx(g_digest_engine.ctx_cfg.ctxs[j].ctx);

- free(engine.ctx_cfg.ctxs); + free(g_digest_engine.ctx_cfg.ctxs);

return ret; } @@ -472,16 +472,16 @@ static int uadk_e_init_digest(void) struct uacce_dev *dev; int ret;

- if (engine.pid != getpid()) { - pthread_spin_lock(&engine.lock); - if (engine.pid == getpid()) { - pthread_spin_unlock(&engine.lock); + if (g_digest_engine.pid != getpid()) { + pthread_spin_lock(&g_digest_engine.lock); + if (g_digest_engine.pid == getpid()) { + pthread_spin_unlock(&g_digest_engine.lock); return 1; }

dev = wd_get_accel_dev("digest"); if (!dev) { - pthread_spin_unlock(&engine.lock); + pthread_spin_unlock(&g_digest_engine.lock); fprintf(stderr, "failed to get device for digest.\n"); return 0; } @@ -490,15 +490,15 @@ static int uadk_e_init_digest(void) if (ret) goto err_unlock;

- engine.pid = getpid(); - pthread_spin_unlock(&engine.lock); + g_digest_engine.pid = getpid(); + pthread_spin_unlock(&g_digest_engine.lock); free(dev); }

return 1;

err_unlock: - pthread_spin_unlock(&engine.lock); + pthread_spin_unlock(&g_digest_engine.lock); free(dev); fprintf(stderr, "failed to init digest(%d).\n", ret);

@@ -860,7 +860,7 @@ do { \

void uadk_e_digest_lock_init(void) { - pthread_spin_init(&engine.lock, PTHREAD_PROCESS_PRIVATE); + pthread_spin_init(&g_digest_engine.lock, PTHREAD_PROCESS_PRIVATE); }

int uadk_e_bind_digest(ENGINE *e) @@ -916,20 +916,20 @@ void uadk_e_destroy_digest(void) __u32 i; int ret;

- if (engine.pid == getpid()) { + if (g_digest_engine.pid == getpid()) { ret = uadk_e_is_env_enabled("digest"); if (ret == ENV_ENABLED) { wd_digest_env_uninit(); } else { wd_digest_uninit(); - for (i = 0; i < engine.ctx_cfg.ctx_num; i++) - wd_release_ctx(engine.ctx_cfg.ctxs[i].ctx); - free(engine.ctx_cfg.ctxs); + for (i = 0; i < g_digest_engine.ctx_cfg.ctx_num; i++) + wd_release_ctx(g_digest_engine.ctx_cfg.ctxs[i].ctx); + free(g_digest_engine.ctx_cfg.ctxs); } - engine.pid = 0; + g_digest_engine.pid = 0; }

- pthread_spin_destroy(&engine.lock); + pthread_spin_destroy(&g_digest_engine.lock);

EVP_MD_meth_free(uadk_md5); uadk_md5 = 0;

-- 2.33.0

Zhiqi Song

7:31 p.m.

New subject: [PATCH 03/15] digest: fixup free source method

Fix the issue of inconsistent interfaces used for resource application and release in init and cleanp process.

Signed-off-by: Zhiqi Song songzhiqi1@huawei.com --- src/uadk_digest.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/uadk_digest.c b/src/uadk_digest.c index 984127e..590a888 100644 --- a/src/uadk_digest.c +++ b/src/uadk_digest.c @@ -816,7 +816,7 @@ static int uadk_e_digest_cleanup(EVP_MD_CTX *ctx) }

if (priv && priv->data) - OPENSSL_free(priv->data); + free(priv->data);

return 1; }

-- 2.33.0

Zhiqi Song

7:32 p.m.

New subject: [PATCH 04/15] ecc: fixup free source method inconsistent

EC_POINT_point2buf() use OPENSSL_malloc() to allocate memory for 'point_bin', we should use OPENSSL_free() to release it, rather than free().

Signed-off-by: Zhiqi Song songzhiqi1@huawei.com --- src/uadk_pkey.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/uadk_pkey.c b/src/uadk_pkey.c index b24c196..35a2696 100644 --- a/src/uadk_pkey.c +++ b/src/uadk_pkey.c @@ -375,7 +375,7 @@ int uadk_ecc_set_public_key(handle_t sess, const EC_KEY *eckey) ret = UADK_DO_SOFT; }

- free(point_bin); + OPENSSL_free(point_bin);

return ret; }

-- 2.33.0

Zhiqi Song

7:32 p.m.

New subject: [PATCH 05/15] cipher: fixup error handling in ctx init

When wd_cipher_alloc_sess() failed, it should return in error handling branch. Fixed this problem and make related operation clearer.

Signed-off-by: Zhiqi Song songzhiqi1@huawei.com --- src/uadk_cipher.c | 22 ++++++++++++++++------ 1 file changed, 16 insertions(+), 6 deletions(-)

diff --git a/src/uadk_cipher.c b/src/uadk_cipher.c index 72b5c19..daa456c 100644 --- a/src/uadk_cipher.c +++ b/src/uadk_cipher.c @@ -717,7 +717,7 @@ static int uadk_e_cipher_cleanup(EVP_CIPHER_CTX *ctx) return 1; }

-static void async_cb(struct wd_cipher_req *req, void *data) +static void uadk_e_cipher_cb(struct wd_cipher_req *req, void *data) { struct uadk_e_cb_info *cb_param; struct async_op *op; @@ -792,10 +792,16 @@ static int do_cipher_sync(struct cipher_priv_ctx *priv) { int ret;

- if (unlikely(priv->switch_flag == UADK_DO_SOFT)) + if (unlikely(priv->switch_flag == UADK_DO_SOFT)) { + fprintf(stderr, "switch to soft cipher.\n"); return 0; + }

- if (priv->switch_threshold >= priv->req.in_bytes) + /* + * If the length of the input data does not reach to hardware computing threshold, + * directly switch to soft cipher. + */ + if (priv->req.in_bytes <= priv->switch_threshold) return 0;

ret = wd_do_cipher_sync(priv->sess, &priv->req); @@ -810,14 +816,15 @@ static int do_cipher_async(struct cipher_priv_ctx *priv, struct async_op *op) int idx, ret;

if (unlikely(priv->switch_flag == UADK_DO_SOFT)) { - fprintf(stderr, "async cipher init failed.\n"); + fprintf(stderr, "switch to soft cipher.\n"); return 0; }

cb_param.op = op; cb_param.priv = priv; - priv->req.cb = (void *)async_cb; + priv->req.cb = (void *)uadk_e_cipher_cb; priv->req.cb_param = &cb_param; + ret = async_get_free_task(&idx); if (!ret) return 0; @@ -871,14 +878,17 @@ static void uadk_e_ctx_init(EVP_CIPHER_CTX *ctx, struct cipher_priv_ctx *priv) priv->setup.sched_param = &params; if (!priv->sess) { priv->sess = wd_cipher_alloc_sess(&priv->setup); - if (!priv->sess) + if (!priv->sess) { fprintf(stderr, "uadk failed to alloc session!\n"); + return; + } }

ret = wd_cipher_set_key(priv->sess, priv->key, EVP_CIPHER_CTX_key_length(ctx)); if (ret) { wd_cipher_free_sess(priv->sess); fprintf(stderr, "uadk failed to set key!\n"); + return; } }

-- 2.33.0

Zhiqi Song

7:32 p.m.

New subject: [PATCH 06/15] uadk_engine: modify setting async poll state process

To avoid accessing async task conflict in obtaining and releasing async task process, disable async poll state before free the async task.

Signed-off-by: Zhiqi Song songzhiqi1@huawei.com --- src/uadk_async.c | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/src/uadk_async.c b/src/uadk_async.c index 86aa9e5..dfac1cb 100644 --- a/src/uadk_async.c +++ b/src/uadk_async.c @@ -117,6 +117,9 @@ static void async_poll_task_free(void) int error; struct async_poll_task *task;

+ /* Disable async poll state first */ + uadk_e_set_async_poll_state(DISABLE_ASYNC_POLLING); + error = pthread_mutex_lock(&poll_queue.async_task_mutex); if (error != 0) return; @@ -127,8 +130,6 @@ static void async_poll_task_free(void)

poll_queue.head = NULL;

- uadk_e_set_async_poll_state(DISABLE_ASYNC_POLLING); - pthread_mutex_unlock(&poll_queue.async_task_mutex); sem_destroy(&poll_queue.empty_sem); sem_destroy(&poll_queue.full_sem);

-- 2.33.0

Zhiqi Song

7:32 p.m.

New subject: [PATCH 07/15] dh: fixup release source of private key

The private key that allocated in dh_prepare_data() should be released in error handling branch. Fixed this problem and cleanup the related functions.

Signed-off-by: Zhiqi Song songzhiqi1@huawei.com --- src/uadk_dh.c | 82 ++++++++++++++++++++++++--------------------------- 1 file changed, 39 insertions(+), 43 deletions(-)

diff --git a/src/uadk_dh.c b/src/uadk_dh.c index c5ef813..fc91609 100644 --- a/src/uadk_dh.c +++ b/src/uadk_dh.c @@ -51,6 +51,7 @@ #define UADK_E_POLL_FAIL (-1) #define UADK_E_INIT_SUCCESS 0 #define ENV_ENABLED 1 +#define KEY_GEN_BY_ENGINE 1

static DH_METHOD *uadk_dh_method;

@@ -68,6 +69,8 @@ struct uadk_dh_sess { struct wd_dh_req req; DH *alg; __u16 key_size; + /* key_flag: 0 - key is defined by user, 1 - key is generated by engine */ + int key_flag; };

struct dh_res { @@ -162,30 +165,24 @@ static int dh_generate_new_priv_key(const DH *dh, BIGNUM *new_priv_key) return UADK_E_SUCCESS; }

-static int dh_try_get_priv_key(const DH *dh, BIGNUM **priv_key) +static int dh_try_get_priv_key(struct uadk_dh_sess *dh_sess, const DH *dh, BIGNUM **priv_key) { - int generate_new_key = 0; - BIGNUM *new_priv_key; - *priv_key = (BIGNUM *)DH_get0_priv_key(dh); if (!(*priv_key)) { - new_priv_key = BN_secure_new(); - if (!new_priv_key) - goto err; - generate_new_key = 1; - } + *priv_key = BN_secure_new(); + if (!(*priv_key)) + return UADK_E_FAIL;

- if (generate_new_key) { - if (!dh_generate_new_priv_key(dh, new_priv_key)) + if (!dh_generate_new_priv_key(dh, *priv_key)) goto err; - else - *priv_key = new_priv_key; + + dh_sess->key_flag = KEY_GEN_BY_ENGINE; }

return UADK_E_SUCCESS;

err: - BN_free(new_priv_key); + BN_free(*priv_key); return UADK_E_FAIL; }

@@ -526,13 +523,19 @@ static int check_dh_bit_useful(const __u16 bits) return UADK_E_FAIL; }

-static int dh_prepare_data(const __u16 bits, const BIGNUM *g, DH *dh, +static int dh_prepare_data(const BIGNUM *g, DH *dh, struct uadk_dh_sess **dh_sess, BIGNUM **priv_key) { bool is_g2 = BN_is_word(g, DH_GENERATOR_2); + __u16 bits; int ret;

+ /* + * The max module bits of DH is + * OPENSSL_DH_MAX_MODULUS_BITS, 10000 bits. + */ + bits = (__u16)DH_bits(dh); ret = check_dh_bit_useful(bits); if (!ret) { fprintf(stderr, "op size is not supported by uadk engine\n"); @@ -545,8 +548,8 @@ static int dh_prepare_data(const __u16 bits, const BIGNUM *g, DH *dh, return UADK_E_FAIL; }

- ret = dh_try_get_priv_key(dh, priv_key); - if (!ret || !(*priv_key)) { + ret = dh_try_get_priv_key(*dh_sess, dh, priv_key); + if (!ret) { dh_free_eng_session(*dh_sess); return UADK_E_FAIL; } @@ -764,7 +767,6 @@ static int uadk_e_dh_generate_key(DH *dh) const BIGNUM *p = NULL; const BIGNUM *g = NULL; const BIGNUM *q = NULL; - __u16 bits; int ret;

if (!dh) @@ -778,14 +780,8 @@ static int uadk_e_dh_generate_key(DH *dh) if (!p || !g || q) goto exe_soft;

- /* - * The max module bits of DH is - * OPENSSL_DH_MAX_MODULUS_BITS, 10000 bits. - */ - bits = (__u16)DH_bits(dh); - /* Get session and prepare private key */ - ret = dh_prepare_data(bits, g, dh, &dh_sess, &priv_key); + ret = dh_prepare_data(g, dh, &dh_sess, &priv_key); if (!ret) { fprintf(stderr, "prepare dh data failed\n"); goto exe_soft; @@ -794,30 +790,30 @@ static int uadk_e_dh_generate_key(DH *dh) ret = dh_fill_genkey_req(g, p, priv_key, dh_sess); if (!ret) { fprintf(stderr, "failed to fill req\n"); - ret = UADK_DO_SOFT; - goto free_sess; + goto free_data; }

ret = dh_do_crypto(dh_sess); if (!ret) { fprintf(stderr, "failed to generate DH key\n"); - ret = UADK_DO_SOFT; - goto free_sess; + goto free_data; }

ret = dh_get_pubkey(dh_sess, &pub_key); if (!ret) { fprintf(stderr, "failed to get public key\n"); - ret = UADK_DO_SOFT; - goto free_sess; + goto free_data; }

ret = dh_soft_set_pkey(dh, pub_key, priv_key); + dh_free_eng_session(dh_sess);

-free_sess: + return ret; + +free_data: + if (dh_sess->key_flag == KEY_GEN_BY_ENGINE) + BN_free(priv_key); dh_free_eng_session(dh_sess); - if (ret != UADK_DO_SOFT) - return ret; exe_soft: fprintf(stderr, "switch to execute openssl software calculation.\n"); return uadk_e_dh_soft_generate_key(dh); @@ -827,7 +823,6 @@ static int uadk_e_dh_compute_key(unsigned char *key, const BIGNUM *pub_key, DH *dh) { struct uadk_dh_sess *dh_sess = NULL; - __u16 bits = (__u16)DH_bits(dh); BIGNUM *priv_key = NULL; const BIGNUM *p = NULL; const BIGNUM *g = NULL; @@ -845,7 +840,7 @@ static int uadk_e_dh_compute_key(unsigned char *key, const BIGNUM *pub_key, if (!p || !g) goto exe_soft;

- ret = dh_prepare_data(bits, g, dh, &dh_sess, &priv_key); + ret = dh_prepare_data(g, dh, &dh_sess, &priv_key); if (!ret) { fprintf(stderr, "failed to prepare dh data\n"); goto exe_soft; @@ -854,24 +849,25 @@ static int uadk_e_dh_compute_key(unsigned char *key, const BIGNUM *pub_key, ret = dh_fill_compkey_req(g, p, priv_key, pub_key, dh_sess); if (!ret) { fprintf(stderr, "failed to fill req\n"); - ret = UADK_DO_SOFT; - goto free_sess; + goto free_data; }

ret = dh_do_crypto(dh_sess); if (!ret) { fprintf(stderr, "failed to generate DH shared key\n"); - ret = UADK_DO_SOFT; - goto free_sess; + goto free_data; }

memcpy(key, dh_sess->req.pri, dh_sess->req.pri_bytes); ret = dh_sess->req.pri_bytes; + dh_free_eng_session(dh_sess);

-- 2.33.0

Zhiqi Song

7:32 p.m.

New subject: [PATCH 08/15] ecc: Add pkey method null pointer judgment

Add pkey method null pointer judgement for function get_openssl_pkey_meth(), avoid accessing null pointer in abnormal cases.

Signed-off-by: Zhiqi Song songzhiqi1@huawei.com --- src/uadk_ec.c | 5 +++++ src/uadk_ecx.c | 8 ++++++++ src/uadk_sm2.c | 25 +++++++++++++++++++++++++ 3 files changed, 38 insertions(+)

diff --git a/src/uadk_ec.c b/src/uadk_ec.c index d7ad815..781e7f1 100644 --- a/src/uadk_ec.c +++ b/src/uadk_ec.c @@ -1418,6 +1418,11 @@ int uadk_ec_create_pmeth(struct uadk_pkey_meth *pkey_meth) }

openssl_meth = get_openssl_pkey_meth(EVP_PKEY_EC); + if (!openssl_meth) { + fprintf(stderr, "failed to get ec pkey methods\n"); + return 0; + } + EVP_PKEY_meth_copy(meth, openssl_meth);

pkey_meth->ec = meth; diff --git a/src/uadk_ecx.c b/src/uadk_ecx.c index e45fa5e..aebd808 100644 --- a/src/uadk_ecx.c +++ b/src/uadk_ecx.c @@ -811,6 +811,10 @@ int uadk_x25519_create_pmeth(struct uadk_pkey_meth *pkey_meth) }

openssl_meth = get_openssl_pkey_meth(EVP_PKEY_X25519); + if (!openssl_meth) { + fprintf(stderr, "failed to get x25519 pkey methods\n"); + return UADK_E_FAIL; + }

EVP_PKEY_meth_copy(meth, openssl_meth);

@@ -852,6 +856,10 @@ int uadk_x448_create_pmeth(struct uadk_pkey_meth *pkey_meth) }

openssl_meth = get_openssl_pkey_meth(EVP_PKEY_X448); + if (!openssl_meth) { + fprintf(stderr, "failed to get x448 pkey methods\n"); + return UADK_E_FAIL; + }

EVP_PKEY_meth_copy(meth, openssl_meth);

diff --git a/src/uadk_sm2.c b/src/uadk_sm2.c index 63d4fdf..1f678ed 100644 --- a/src/uadk_sm2.c +++ b/src/uadk_sm2.c @@ -279,6 +279,11 @@ static int openssl_sign(EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen, PFUNC_SIGN sign_pfunc = NULL;

openssl_meth = get_openssl_pkey_meth(EVP_PKEY_SM2); + if (!openssl_meth) { + fprintf(stderr, "failed to get sm2 pkey methods\n"); + return -1; + } + EVP_PKEY_meth_get_sign(openssl_meth, NULL, &sign_pfunc); if (!sign_pfunc) { fprintf(stderr, "sign_pfunc is NULL\n"); @@ -296,6 +301,11 @@ static int openssl_verify(EVP_PKEY_CTX *ctx, PFUNC_VERIFY verify_pfunc = NULL;

openssl_meth = get_openssl_pkey_meth(EVP_PKEY_SM2); + if (!openssl_meth) { + fprintf(stderr, "failed to get sm2 pkey methods\n"); + return -1; + } + EVP_PKEY_meth_get_verify(openssl_meth, NULL, &verify_pfunc); if (!verify_pfunc) { fprintf(stderr, "verify_pfunc is NULL\n"); @@ -313,6 +323,11 @@ static int openssl_encrypt(EVP_PKEY_CTX *ctx, PFUNC_DEC enc_pfunc = NULL;

openssl_meth = get_openssl_pkey_meth(EVP_PKEY_SM2); + if (!openssl_meth) { + fprintf(stderr, "failed to get sm2 pkey methods\n"); + return -1; + } + EVP_PKEY_meth_get_encrypt(openssl_meth, NULL, &enc_pfunc); if (!enc_pfunc) { fprintf(stderr, "enc_pfunc is NULL\n"); @@ -330,6 +345,11 @@ static int openssl_decrypt(EVP_PKEY_CTX *ctx, PFUNC_ENC dec_pfunc = NULL;

openssl_meth = get_openssl_pkey_meth(EVP_PKEY_SM2); + if (!openssl_meth) { + fprintf(stderr, "failed to get sm2 pkey methods\n"); + return -1; + } + EVP_PKEY_meth_get_decrypt(openssl_meth, NULL, &dec_pfunc); if (!dec_pfunc) { fprintf(stderr, "dec_pfunc is NULL\n"); @@ -1614,6 +1634,11 @@ int uadk_sm2_create_pmeth(struct uadk_pkey_meth *pkey_meth) }

openssl_meth = get_openssl_pkey_meth(EVP_PKEY_SM2); + if (!openssl_meth) { + fprintf(stderr, "failed to get sm2 pkey methods\n"); + return -1; + } + EVP_PKEY_meth_copy(meth, openssl_meth);

if (!uadk_e_ecc_get_support_state(SM2_SUPPORT)) {

-- 2.33.0

Zhiqi Song

7:32 p.m.

New subject: [PATCH 09/15] rsa: release source when new kg out failed

Release req.src when wd_rsa_new_kg_out() failed.

Signed-off-by: Zhiqi Song songzhiqi1@huawei.com --- src/uadk_rsa.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/src/uadk_rsa.c b/src/uadk_rsa.c index 23deb3c..8669455 100644 --- a/src/uadk_rsa.c +++ b/src/uadk_rsa.c @@ -1188,8 +1188,10 @@ static int rsa_fill_keygen_data(struct uadk_rsa_sess *rsa_sess, return UADK_E_FAIL;

rsa_sess->req.dst = wd_rsa_new_kg_out(rsa_sess->sess); - if (!rsa_sess->req.dst) + if (!rsa_sess->req.dst) { + wd_rsa_del_kg_in(rsa_sess->sess, rsa_sess->req.src); return UADK_E_FAIL; + }

return UADK_E_SUCCESS; }

-- 2.33.0

Zhiqi Song

7:32 p.m.

New subject: [PATCH 10/15] rsa: bugfix repeated source release

Set 'g_rsa_res.ctx_res' to NULL when init failed. This can avoid repeated source release in uninit in abnormal cases.

Signed-off-by: Zhiqi Song songzhiqi1@huawei.com --- src/uadk_rsa.c | 4 ++++ 1 file changed, 4 insertions(+)

diff --git a/src/uadk_rsa.c b/src/uadk_rsa.c index 8669455..bc51e7d 100644 --- a/src/uadk_rsa.c +++ b/src/uadk_rsa.c @@ -818,6 +818,7 @@ static int uadk_e_rsa_init(void) return UADK_E_INIT_SUCCESS;

err_unlock: + g_rsa_res.ctx_res = NULL; pthread_spin_unlock(&g_rsa_res.lock); free(dev); (void)fprintf(stderr, "failed to init rsa(%d)\n", ret); @@ -831,6 +832,9 @@ static void uadk_e_rsa_uninit(void) __u32 i; int ret;

+ if (!ctx_cfg) + return; + if (g_rsa_res.pid == getpid()) { ret = uadk_e_is_env_enabled("rsa"); if (ret == ENV_ENABLED) {

-- 2.33.0

Zhiqi Song

7:32 p.m.

New subject: [PATCH 11/15] sm2: fixup unreleased source in data conversion

Release the memory that allocated for data conversion between ber format and bin format in abnormal branch. Otherwise, resource leakage will happen in abnormal cases. And cleanup some code related to this issue, make the related code logic clearer.

Signed-off-by: Zhiqi Song songzhiqi1@huawei.com --- src/uadk_sm2.c | 155 ++++++++++++++++++++++++++----------------------- 1 file changed, 81 insertions(+), 74 deletions(-)

diff --git a/src/uadk_sm2.c b/src/uadk_sm2.c index 1f678ed..ba90f68 100644 --- a/src/uadk_sm2.c +++ b/src/uadk_sm2.c @@ -478,7 +478,7 @@ free_sig: return ret; }

-static int cipher_bin_to_ber(const EVP_MD *md, struct wd_ecc_point *c1, +static int cipher_bin_to_ber(struct wd_ecc_point *c1, struct wd_dtb *c2, struct wd_dtb *c3, unsigned char *ber, size_t *ber_len) { @@ -507,29 +507,33 @@ static int cipher_bin_to_ber(const EVP_MD *md, struct wd_ecc_point *c1, goto free_y1; }

+ ret = ASN1_OCTET_STRING_set(ctext_struct.C3, (void *)c3->data, c3->dsize); + if (!ret) + goto free_c3; + ctext_struct.C2 = ASN1_OCTET_STRING_new(); if (!ctext_struct.C2) { ret = -ENOMEM; - goto free_y1; + goto free_c3; }

- if (!ASN1_OCTET_STRING_set(ctext_struct.C3, (void *)c3->data, c3->dsize) - || !ASN1_OCTET_STRING_set(ctext_struct.C2, - (void *)c2->data, c2->dsize)) { - fprintf(stderr, "failed to ASN1_OCTET_STRING_set\n"); - ret = -EINVAL; - goto free_y1; - } + ret = ASN1_OCTET_STRING_set(ctext_struct.C2, (void *)c2->data, c2->dsize); + if (!ret) + goto free_c2;

- ciphertext_leni = i2d_SM2_Ciphertext(&ctext_struct, - (unsigned char **)&ber); + ciphertext_leni = i2d_SM2_Ciphertext(&ctext_struct, &ber); /* Ensure cast to size_t is safe */ if (ciphertext_leni < 0) { ret = -EINVAL; - goto free_y1; + goto free_c2; } *ber_len = (size_t)ciphertext_leni; ret = 0; + +free_c2: + ASN1_OCTET_STRING_free(ctext_struct.C2); +free_c3: + ASN1_OCTET_STRING_free(ctext_struct.C3); free_y1: BN_free(y1); free_x1: @@ -538,29 +542,18 @@ free_x1: return ret; }

-static int cipher_ber_to_bin(unsigned char *ber, size_t ber_len, - struct wd_ecc_point *c1, - struct wd_dtb *c2, - struct wd_dtb *c3) +static int cipher_ber_to_bin(const EVP_MD *md, struct sm2_ciphertext *ctext_struct, + struct wd_ecc_point *c1, struct wd_dtb *c2, struct wd_dtb *c3) { - struct sm2_ciphertext *ctext_struct; - int ret, len, len1; - - ctext_struct = d2i_SM2_Ciphertext(NULL, (const unsigned char **)&ber, - ber_len); - if (!ctext_struct) { - fprintf(stderr, "failed to d2i_SM2_Ciphertext\n"); - return -ENOMEM; - } + int len, len1, md_size;

len = BN_num_bytes(ctext_struct->C1x); len1 = BN_num_bytes(ctext_struct->C1y); c1->x.data = malloc(len + len1 + ctext_struct->C2->length + ctext_struct->C3->length); - if (!c1->x.data) { - ret = -ENOMEM; - goto free_ctext; - } + if (!c1->x.data) + return -ENOMEM; + c1->y.data = c1->x.data + len; c3->data = c1->y.data + len1; c2->data = c3->data + ctext_struct->C3->length; @@ -568,13 +561,17 @@ static int cipher_ber_to_bin(unsigned char *ber, size_t ber_len, memcpy(c3->data, ctext_struct->C3->data, ctext_struct->C3->length); c2->dsize = ctext_struct->C2->length; c3->dsize = ctext_struct->C3->length; + md_size = EVP_MD_size(md); + if (c3->dsize != md_size) { + fprintf(stderr, "invalid: c3 dsize(%u) != hash_size(%d)\n", c3->dsize, md_size); + free(c1->x.data); + return -EINVAL; + } + c1->x.dsize = BN_bn2bin(ctext_struct->C1x, (void *)c1->x.data); c1->y.dsize = BN_bn2bin(ctext_struct->C1y, (void *)c1->y.data);

return 0; -free_ctext: - SM2_Ciphertext_free(ctext_struct); - return ret; }

static size_t ec_field_size(const EC_GROUP *group) @@ -681,21 +678,27 @@ static int sm2_sign_check(EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen, return UADK_DO_SOFT; }

+ if (smctx->init_status != CTX_INIT_SUCC) { + fprintf(stderr, "sm2 ctx init failed\n"); + return UADK_DO_SOFT; + } + if (sig_sz <= 0) { fprintf(stderr, "sig_sz error\n"); return -EINVAL; }

- if (sig == NULL) { - *siglen = (size_t)sig_sz; - return 1; - } - if (*siglen < (size_t)sig_sz) { fprintf(stderr, "siglen(%lu) < sig_sz(%lu)\n", *siglen, (size_t)sig_sz); return -EINVAL; }

+ if (!sig) { + fprintf(stderr, "invalid: sig is NULL\n"); + *siglen = (size_t)sig_sz; + return -EINVAL; + } + if (tbslen > SM2_KEY_BYTES) return UADK_DO_SOFT;

@@ -709,21 +712,15 @@ static int sm2_sign(EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen, const unsigned char *tbs, size_t tbslen) { struct sm2_ctx *smctx = EVP_PKEY_CTX_get_data(ctx); + struct wd_ecc_req req = {0}; struct wd_dtb *r = NULL; struct wd_dtb *s = NULL; - struct wd_ecc_req req; int ret;

ret = sm2_sign_check(ctx, sig, siglen, tbs, tbslen); if (ret) goto do_soft;

- if (smctx->init_status != CTX_INIT_SUCC) { - ret = UADK_DO_SOFT; - goto do_soft; - } - - memset(&req, 0, sizeof(req)); ret = sm2_sign_init_iot(smctx->sess, &req, (void *)tbs, tbslen); if (ret) goto do_soft; @@ -798,6 +795,11 @@ static int sm2_verify_check(EVP_PKEY_CTX *ctx, return UADK_DO_SOFT; }

+ if (smctx->init_status != CTX_INIT_SUCC) { + fprintf(stderr, "sm2 ctx init failed\n"); + return UADK_DO_SOFT; + } + if (tbslen > SM2_KEY_BYTES) return UADK_DO_SOFT;

@@ -816,21 +818,16 @@ static int sm2_verify(EVP_PKEY_CTX *ctx, unsigned char buf_s[UADK_ECC_MAX_KEY_BYTES] = {0}; EVP_PKEY *p_key = EVP_PKEY_CTX_get0_pkey(ctx); EC_KEY *ec = EVP_PKEY_get0(p_key); + struct wd_ecc_req req = {0}; struct wd_dtb e = {0}; struct wd_dtb r = {0}; struct wd_dtb s = {0}; - struct wd_ecc_req req; int ret;

ret = sm2_verify_check(ctx, sig, siglen, tbs, tbslen); if (ret) goto do_soft;

- if (smctx->init_status != CTX_INIT_SUCC) { - ret = UADK_DO_SOFT; - goto do_soft; - } - r.data = (void *)buf_r; s.data = (void *)buf_s; r.bsize = UADK_ECC_MAX_KEY_BYTES; @@ -841,7 +838,6 @@ static int sm2_verify(EVP_PKEY_CTX *ctx,

e.data = (void *)tbs; e.dsize = tbslen; - memset(&req, 0, sizeof(req)); ret = sm2_verify_init_iot(smctx->sess, &req, &e, &r, &s); if (ret) goto do_soft; @@ -910,6 +906,11 @@ static int sm2_encrypt_check(EVP_PKEY_CTX *ctx, return UADK_DO_SOFT; }

+ if (smctx->init_status != CTX_INIT_SUCC) { + fprintf(stderr, "sm2 ctx init failed\n"); + return UADK_DO_SOFT; + } + md = (smctx->ctx.md == NULL) ? EVP_sm3() : smctx->ctx.md; c3_size = EVP_MD_size(md); if (c3_size <= 0) { @@ -941,22 +942,16 @@ static int sm2_encrypt(EVP_PKEY_CTX *ctx, { struct sm2_ctx *smctx = EVP_PKEY_CTX_get_data(ctx); struct wd_ecc_point *c1 = NULL; + struct wd_ecc_req req = {0}; struct wd_dtb *c2 = NULL; struct wd_dtb *c3 = NULL; - struct wd_ecc_req req; const EVP_MD *md; - int ret; + int md_size, ret;

ret = sm2_encrypt_check(ctx, out, outlen, in, inlen); if (ret) goto do_soft;

- if (smctx->init_status != CTX_INIT_SUCC) { - ret = UADK_DO_SOFT; - goto do_soft; - } - - memset(&req, 0, sizeof(req)); ret = sm2_encrypt_init_iot(smctx->sess, &req, (void *)in, inlen); if (ret) goto do_soft; @@ -974,18 +969,25 @@ static int sm2_encrypt(EVP_PKEY_CTX *ctx, goto uninit_iot; }

- md = (smctx->ctx.md == NULL) ? EVP_sm3() : smctx->ctx.md; wd_sm2_get_enc_out_params(req.dst, &c1, &c2, &c3); if (!c1 || !c2 || !c3) { ret = UADK_DO_SOFT; goto uninit_iot; }

- ret = cipher_bin_to_ber(md, c1, c2, c3, out, outlen); + ret = cipher_bin_to_ber(c1, c2, c3, out, outlen); if (ret) goto uninit_iot;

+ md = (smctx->ctx.md == NULL) ? EVP_sm3() : smctx->ctx.md; + md_size = EVP_MD_size(md); + if (c3->dsize != md_size) { + fprintf(stderr, "invalid: c3 dsize(%u) != hash_size(%d)\n", c3->dsize, md_size); + goto uninit_iot; + } + ret = 1; + uninit_iot: wd_ecc_del_in(smctx->sess, req.src); wd_ecc_del_out(smctx->sess, req.dst); @@ -1015,6 +1017,11 @@ static int sm2_decrypt_check(EVP_PKEY_CTX *ctx, return UADK_DO_SOFT; }

+ if (smctx->init_status != CTX_INIT_SUCC) { + fprintf(stderr, "sm2 ctx init failed\n"); + return UADK_DO_SOFT; + } + md = (smctx->ctx.md == NULL) ? EVP_sm3() : smctx->ctx.md; hash_size = EVP_MD_size(md); if (hash_size <= 0) { @@ -1092,8 +1099,9 @@ static int sm2_decrypt(EVP_PKEY_CTX *ctx, const unsigned char *in, size_t inlen) { struct sm2_ctx *smctx = EVP_PKEY_CTX_get_data(ctx); + struct sm2_ciphertext *ctext_struct; + struct wd_ecc_req req = {0}; struct wd_ecc_point c1; - struct wd_ecc_req req; struct wd_dtb c2, c3; const EVP_MD *md; int ret; @@ -1102,24 +1110,20 @@ static int sm2_decrypt(EVP_PKEY_CTX *ctx, if (ret) goto do_soft;

- if (smctx->init_status != CTX_INIT_SUCC) { - ret = UADK_DO_SOFT; - goto do_soft; - } - md = (smctx->ctx.md == NULL) ? EVP_sm3() : smctx->ctx.md;

- ret = cipher_ber_to_bin((void *)in, inlen, &c1, &c2, &c3); - if (ret) + ctext_struct = d2i_SM2_Ciphertext(NULL, &in, inlen); + if (!ctext_struct) { + ret = UADK_DO_SOFT; goto do_soft; + }

- if (c3.dsize != EVP_MD_size(md)) { - fprintf(stderr, "c3 dsize != hash_size\n"); - ret = -EINVAL; - goto free_c1; + ret = cipher_ber_to_bin(md, ctext_struct, &c1, &c2, &c3); + if (ret) { + ret = UADK_DO_SOFT; + goto free_ctext; }

- memset(&req, 0, sizeof(req)); ret = sm2_decrypt_init_iot(smctx->sess, &req, &c1, &c2, &c3); if (ret) goto free_c1; @@ -1142,10 +1146,13 @@ static int sm2_decrypt(EVP_PKEY_CTX *ctx, goto uninit_iot;

ret = 1; + uninit_iot: sm2_decrypt_uninit_iot(smctx->sess, &req); free_c1: free(c1.x.data); +free_ctext: + SM2_Ciphertext_free(ctext_struct); do_soft: if (ret != UADK_DO_SOFT) return ret;

-- 2.33.0

Zhiqi Song

7:32 p.m.

New subject: [PATCH 12/15] ecc: add openssl method null pointer judgement

Add openssl method null pointer judgement of ecc algs to avoid null pointer access in abnornal cases. And release the pkey method in error handling branch.

Signed-off-by: Zhiqi Song songzhiqi1@huawei.com --- src/uadk_ec.c | 21 +++++++++++++++++++++ src/uadk_ecx.c | 2 ++ src/uadk_sm2.c | 1 + 3 files changed, 24 insertions(+)

diff --git a/src/uadk_ec.c b/src/uadk_ec.c index 781e7f1..5852d04 100644 --- a/src/uadk_ec.c +++ b/src/uadk_ec.c @@ -405,6 +405,11 @@ static ECDSA_SIG *openssl_do_sign(const unsigned char *dgst, int dlen, EC_KEY_METHOD *openssl_meth;

openssl_meth = (EC_KEY_METHOD *)EC_KEY_OpenSSL(); + if (!openssl_meth) { + fprintf(stderr, "failed to get OpenSSL method\n"); + return NULL; + } + EC_KEY_METHOD_get_sign(openssl_meth, NULL, NULL, &sign_sig_pfunc); if (!sign_sig_pfunc) { @@ -647,6 +652,11 @@ static int openssl_do_verify(const unsigned char *dgst, int dlen, EC_KEY_METHOD *openssl_meth;

openssl_meth = (EC_KEY_METHOD *)EC_KEY_OpenSSL(); + if (!openssl_meth) { + fprintf(stderr, "failed to get OpenSSL method\n"); + return -1; + } + EC_KEY_METHOD_get_verify(openssl_meth, NULL, &verify_sig_pfunc); if (!verify_sig_pfunc) { @@ -814,6 +824,11 @@ static int openssl_do_generate(EC_KEY *eckey) EC_KEY_METHOD *openssl_meth;

openssl_meth = (EC_KEY_METHOD *)EC_KEY_OpenSSL(); + if (!openssl_meth) { + fprintf(stderr, "failed to get OpenSSL method\n"); + return -1; + } + EC_KEY_METHOD_get_keygen(openssl_meth, &gen_key_pfunc); if (!gen_key_pfunc) { fprintf(stderr, "gen_key_pfunc is NULL\n"); @@ -1255,6 +1270,11 @@ static int openssl_do_compute(unsigned char **pout, EC_KEY_METHOD *openssl_meth;

openssl_meth = (EC_KEY_METHOD *)EC_KEY_OpenSSL(); + if (!openssl_meth) { + fprintf(stderr, "failed to get OpenSSL method\n"); + return -1; + } + EC_KEY_METHOD_get_compute_key(openssl_meth, &comp_key_pfunc); if (!comp_key_pfunc) { fprintf(stderr, "comp_key_pfunc is NULL\n"); @@ -1420,6 +1440,7 @@ int uadk_ec_create_pmeth(struct uadk_pkey_meth *pkey_meth) openssl_meth = get_openssl_pkey_meth(EVP_PKEY_EC); if (!openssl_meth) { fprintf(stderr, "failed to get ec pkey methods\n"); + EVP_PKEY_meth_free(meth); return 0; }

diff --git a/src/uadk_ecx.c b/src/uadk_ecx.c index aebd808..3eafdfb 100644 --- a/src/uadk_ecx.c +++ b/src/uadk_ecx.c @@ -813,6 +813,7 @@ int uadk_x25519_create_pmeth(struct uadk_pkey_meth *pkey_meth) openssl_meth = get_openssl_pkey_meth(EVP_PKEY_X25519); if (!openssl_meth) { fprintf(stderr, "failed to get x25519 pkey methods\n"); + EVP_PKEY_meth_free(meth); return UADK_E_FAIL; }

@@ -858,6 +859,7 @@ int uadk_x448_create_pmeth(struct uadk_pkey_meth *pkey_meth) openssl_meth = get_openssl_pkey_meth(EVP_PKEY_X448); if (!openssl_meth) { fprintf(stderr, "failed to get x448 pkey methods\n"); + EVP_PKEY_meth_free(meth); return UADK_E_FAIL; }

diff --git a/src/uadk_sm2.c b/src/uadk_sm2.c index ba90f68..f393641 100644 --- a/src/uadk_sm2.c +++ b/src/uadk_sm2.c @@ -1643,6 +1643,7 @@ int uadk_sm2_create_pmeth(struct uadk_pkey_meth *pkey_meth) openssl_meth = get_openssl_pkey_meth(EVP_PKEY_SM2); if (!openssl_meth) { fprintf(stderr, "failed to get sm2 pkey methods\n"); + EVP_PKEY_meth_free(meth); return -1; }

-- 2.33.0

Zhiqi Song

7:32 p.m.

New subject: [PATCH 13/15] async: add null pointer judgment

Add null pointer judgment for async job to avoid null pointer access in abnormal cases.

Signed-off-by: Zhiqi Song songzhiqi1@huawei.com --- src/uadk_async.c | 8 ++++++++ 1 file changed, 8 insertions(+)

diff --git a/src/uadk_async.c b/src/uadk_async.c index dfac1cb..2577fde 100644 --- a/src/uadk_async.c +++ b/src/uadk_async.c @@ -223,6 +223,11 @@ int async_get_free_task(int *id) poll_queue.status[idx] = 1; task_queue = poll_queue.head; task = &task_queue[idx]; + if (!task) { + ret = 0; + goto out; + } + task->op = NULL; ret = 1;

@@ -241,6 +246,9 @@ static int async_add_poll_task(void *ctx, struct async_op *op, enum task_type ty

task_queue = poll_queue.head; task = &task_queue[id]; + if (!task) + return 0; + task->ctx = ctx; task->type = type; task->op = op;

-- 2.33.0

Zhiqi Song

7:32 p.m.

New subject: [PATCH 14/15] uadk_engine: cleanup call form of callback func

Modify the call form of callback function in async mode, matching the definition in uadk.

diff --git a/src/uadk_cipher.c b/src/uadk_cipher.c index daa456c..7ddb135 100644 --- a/src/uadk_cipher.c +++ b/src/uadk_cipher.c @@ -717,17 +717,17 @@ static int uadk_e_cipher_cleanup(EVP_CIPHER_CTX *ctx) return 1; }

-static void uadk_e_cipher_cb(struct wd_cipher_req *req, void *data) +static void *uadk_e_cipher_cb(struct wd_cipher_req *req, void *data) { struct uadk_e_cb_info *cb_param; struct async_op *op;

if (!req) - return; + return NULL;

cb_param = req->cb_param; if (!cb_param) - return; + return NULL;

op = cb_param->op; if (op && op->job && !op->done) { @@ -735,6 +735,8 @@ static void uadk_e_cipher_cb(struct wd_cipher_req *req, void *data) async_free_poll_task(op->idx, 1); async_wake_job(op->job); } + + return NULL; }

/* Increment counter (128-bit int) by c */ @@ -822,7 +824,7 @@ static int do_cipher_async(struct cipher_priv_ctx *priv, struct async_op *op)

cb_param.op = op; cb_param.priv = priv; - priv->req.cb = (void *)uadk_e_cipher_cb; + priv->req.cb = uadk_e_cipher_cb; priv->req.cb_param = &cb_param;

ret = async_get_free_task(&idx); diff --git a/src/uadk_dh.c b/src/uadk_dh.c index fc91609..acb5b8a 100644 --- a/src/uadk_dh.c +++ b/src/uadk_dh.c @@ -711,7 +711,7 @@ static int dh_do_crypto(struct uadk_dh_sess *dh_sess) } else { cb_param.op = &op; cb_param.priv = &dh_sess->req; - dh_sess->req.cb = (void *)uadk_e_dh_cb; + dh_sess->req.cb = uadk_e_dh_cb; dh_sess->req.cb_param = &cb_param; dh_sess->req.status = -1; ret = async_get_free_task(&idx); diff --git a/src/uadk_digest.c b/src/uadk_digest.c index 590a888..b75c408 100644 --- a/src/uadk_digest.c +++ b/src/uadk_digest.c @@ -674,23 +674,27 @@ soft_update: return digest_soft_update(priv, data, data_len); }

-static void async_cb(struct wd_digest_req *req, void *data) +static void *uadk_e_digest_cb(void *data) { + struct wd_digest_req *req = (struct wd_digest_req *)data; struct uadk_e_cb_info *cb_param; struct async_op *op;

if (!req) - return; + return NULL;

cb_param = req->cb_param; if (!cb_param) - return; + return NULL; + op = cb_param->op; if (op && op->job && !op->done) { op->done = 1; async_free_poll_task(op->idx, 1); async_wake_job(op->job); } + + return NULL; }

static int do_digest_sync(struct digest_priv_ctx *priv) @@ -721,7 +725,7 @@ static int do_digest_async(struct digest_priv_ctx *priv, struct async_op *op)

cb_param.op = op; cb_param.priv = priv; - priv->req.cb = (void *)async_cb; + priv->req.cb = uadk_e_digest_cb; priv->req.cb_param = &cb_param;

ret = async_get_free_task(&idx); diff --git a/src/uadk_pkey.c b/src/uadk_pkey.c index 35a2696..60e3238 100644 --- a/src/uadk_pkey.c +++ b/src/uadk_pkey.c @@ -76,7 +76,7 @@ static int ecc_poll_policy(handle_t h_sched_ctx, __u32 expect, __u32 *count) return 0; }

-void uadk_ecc_cb(void *req_t) +void uadk_e_ecc_cb(void *req_t) { struct wd_ecc_req *req_new = (struct wd_ecc_req *)req_t; struct uadk_e_cb_info *cb_param; @@ -296,7 +296,7 @@ int uadk_ecc_crypto(handle_t sess, struct wd_ecc_req *req, void *usr) cb_param.op = &op; cb_param.priv = req; req->cb_param = &cb_param; - req->cb = (void *)uadk_ecc_cb; + req->cb = uadk_e_ecc_cb; req->status = -1; ret = async_get_free_task(&idx); if (!ret) diff --git a/src/uadk_pkey.h b/src/uadk_pkey.h index b80e425..3168474 100644 --- a/src/uadk_pkey.h +++ b/src/uadk_pkey.h @@ -58,7 +58,7 @@ struct uadk_pkey_meth { bool uadk_is_all_zero(const unsigned char *data, size_t dlen); bool uadk_support_algorithm(const char *alg); int uadk_ecc_get_rand(char *out, size_t out_len, void *usr); -void uadk_ecc_cb(void *req_t); +void uadk_e_ecc_cb(void *req_t); void uadk_ecc_fill_req(struct wd_ecc_req *req, unsigned int op, void *in, void *out); int uadk_ecc_set_private_key(handle_t sess, const EC_KEY *eckey); diff --git a/src/uadk_rsa.c b/src/uadk_rsa.c index bc51e7d..d0780a7 100644 --- a/src/uadk_rsa.c +++ b/src/uadk_rsa.c @@ -1101,7 +1101,7 @@ static int rsa_do_crypto(struct uadk_rsa_sess *rsa_sess) } cb_param.op = &op; cb_param.priv = &(rsa_sess->req); - rsa_sess->req.cb = (void *)uadk_e_rsa_cb; + rsa_sess->req.cb = uadk_e_rsa_cb; rsa_sess->req.cb_param = &cb_param; rsa_sess->req.status = -1;

-- 2.33.0

Zhiqi Song

7:32 p.m.

New subject: [PATCH 15/15] uadk_engine/v1: clean the empty body in an if statement

From: Hao Fang fanghao11@huawei.com

Fix the warning:[-Wempty-body] suggest braces around empty body in an ‘if’ statement.

Just simplify the code.

Signed-off-by: Hao Fang fanghao11@huawei.com --- src/v1/utils/engine_log.c | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/src/v1/utils/engine_log.c b/src/v1/utils/engine_log.c index ef009e5..330defb 100644 --- a/src/v1/utils/engine_log.c +++ b/src/v1/utils/engine_log.c @@ -158,8 +158,7 @@ void ENGINE_LOG_LIMIT(int level, int times, int limit, const char *fmt, ...) fprintf(g_kae_debug_log_file, "\n"); if (ftell(g_kae_debug_log_file) > KAE_LOG_MAX_SIZE) { kae_save_log(g_kae_debug_log_file); - if (ftruncate(g_kae_debug_log_file->_fileno, 0)) - ; + ftruncate(g_kae_debug_log_file->_fileno, 0); fseek(g_kae_debug_log_file, 0, SEEK_SET); } pthread_mutex_unlock(&g_debug_file_mutex);

-- 2.33.0

517

Age (days ago)

517

Last active (days ago)

acc@openeuler.org

15 comments

1 participants

tags (0)

participants (1)

Zhiqi Song