* [android-common:upstream-f2fs-stable-linux-4.19.y 289/1172] fs/crypto/hkdf.c:47:9: sparse: sparse: Variable length array is used.
@ 2023-06-14 11:59 kernel test robot
0 siblings, 0 replies; 8+ messages in thread
From: kernel test robot @ 2023-06-14 11:59 UTC (permalink / raw)
To: cros-kernel-buildreports; +Cc: oe-kbuild-all
tree: https://android.googlesource.com/kernel/common upstream-f2fs-stable-linux-4.19.y
head: b9aeb147225616494256fcf913c559afd4088a05
commit: 6ad6af5912f72ad8c40baa072c3dabd321695dc1 [289/1172] fscrypt: add an HKDF-SHA512 implementation
config: i386-randconfig-s052-20230614 (https://download.01.org/0day-ci/archive/20230614/202306141910.WL32Ks9Y-lkp@intel.com/config)
compiler: gcc-12 (Debian 12.2.0-14) 12.2.0
reproduce:
# apt-get install sparse
# sparse version: v0.6.4-39-gce1a6720-dirty
git remote add android-common https://android.googlesource.com/kernel/common
git fetch --no-tags android-common upstream-f2fs-stable-linux-4.19.y
git checkout 6ad6af5912f72ad8c40baa072c3dabd321695dc1
# save the config file
mkdir build_dir && cp config build_dir/.config
make W=1 C=1 CF='-fdiagnostic-prefix -D__CHECK_ENDIAN__' O=build_dir ARCH=i386 olddefconfig
make W=1 C=1 CF='-fdiagnostic-prefix -D__CHECK_ENDIAN__' O=build_dir ARCH=i386 SHELL=/bin/bash drivers/cpuidle/ drivers/of/ fs/crypto/ kernel/dma/
If you fix the issue in a separate patch/commit (i.e. not just a new version of
the same patch/commit), kindly add following tags
| Reported-by: kernel test robot <lkp@intel.com>
| Closes: https://lore.kernel.org/oe-kbuild-all/202306141910.WL32Ks9Y-lkp@intel.com/
sparse warnings: (new ones prefixed by >>)
>> fs/crypto/hkdf.c:47:9: sparse: sparse: Variable length array is used.
fs/crypto/hkdf.c:120:9: sparse: sparse: Variable length array is used.
In file included from include/linux/gfp.h:6,
from include/linux/slab.h:15,
from include/linux/crypto.h:24,
from include/crypto/hash.h:16,
from fs/crypto/hkdf.c:12:
include/linux/mmzone.h: In function '__nr_to_section':
include/linux/mmzone.h:1156:13: warning: the comparison will always evaluate as 'true' for the address of 'mem_section' will never be NULL [-Waddress]
1156 | if (!mem_section[SECTION_NR_TO_ROOT(nr)])
| ^
include/linux/mmzone.h:1147:27: note: 'mem_section' declared here
1147 | extern struct mem_section mem_section[NR_SECTION_ROOTS][SECTIONS_PER_ROOT];
| ^~~~~~~~~~~
vim +47 fs/crypto/hkdf.c
25
26 /*
27 * HKDF consists of two steps:
28 *
29 * 1. HKDF-Extract: extract a pseudorandom key of length HKDF_HASHLEN bytes from
30 * the input keying material and optional salt.
31 * 2. HKDF-Expand: expand the pseudorandom key into output keying material of
32 * any length, parameterized by an application-specific info string.
33 *
34 * HKDF-Extract can be skipped if the input is already a pseudorandom key of
35 * length HKDF_HASHLEN bytes. However, cipher modes other than AES-256-XTS take
36 * shorter keys, and we don't want to force users of those modes to provide
37 * unnecessarily long master keys. Thus fscrypt still does HKDF-Extract. No
38 * salt is used, since fscrypt master keys should already be pseudorandom and
39 * there's no way to persist a random salt per master key from kernel mode.
40 */
41
42 /* HKDF-Extract (RFC 5869 section 2.2), unsalted */
43 static int hkdf_extract(struct crypto_shash *hmac_tfm, const u8 *ikm,
44 unsigned int ikmlen, u8 prk[HKDF_HASHLEN])
45 {
46 static const u8 default_salt[HKDF_HASHLEN];
> 47 SHASH_DESC_ON_STACK(desc, hmac_tfm);
48 int err;
49
50 err = crypto_shash_setkey(hmac_tfm, default_salt, HKDF_HASHLEN);
51 if (err)
52 return err;
53
54 desc->tfm = hmac_tfm;
55 desc->flags = 0;
56 err = crypto_shash_digest(desc, ikm, ikmlen, prk);
57 shash_desc_zero(desc);
58 return err;
59 }
60
--
0-DAY CI Kernel Test Service
https://github.com/intel/lkp-tests/wiki
^ permalink raw reply [flat|nested] 8+ messages in thread
* [android-common:upstream-f2fs-stable-linux-4.19.y 289/1172] fs/crypto/hkdf.c:47:9: sparse: sparse: Variable length array is used.
@ 2023-06-18 1:08 kernel test robot
0 siblings, 0 replies; 8+ messages in thread
From: kernel test robot @ 2023-06-18 1:08 UTC (permalink / raw)
To: cros-kernel-buildreports; +Cc: oe-kbuild-all
tree: https://android.googlesource.com/kernel/common upstream-f2fs-stable-linux-4.19.y
head: b9aeb147225616494256fcf913c559afd4088a05
commit: 6ad6af5912f72ad8c40baa072c3dabd321695dc1 [289/1172] fscrypt: add an HKDF-SHA512 implementation
config: i386-randconfig-s002-20230614 (https://download.01.org/0day-ci/archive/20230618/202306180836.RxjP1fTs-lkp@intel.com/config)
compiler: gcc-12 (Debian 12.2.0-14) 12.2.0
reproduce: (https://download.01.org/0day-ci/archive/20230618/202306180836.RxjP1fTs-lkp@intel.com/reproduce)
If you fix the issue in a separate patch/commit (i.e. not just a new version of
the same patch/commit), kindly add following tags
| Reported-by: kernel test robot <lkp@intel.com>
| Closes: https://lore.kernel.org/oe-kbuild-all/202306180836.RxjP1fTs-lkp@intel.com/
sparse warnings: (new ones prefixed by >>)
>> fs/crypto/hkdf.c:47:9: sparse: sparse: Variable length array is used.
fs/crypto/hkdf.c:120:9: sparse: sparse: Variable length array is used.
vim +47 fs/crypto/hkdf.c
25
26 /*
27 * HKDF consists of two steps:
28 *
29 * 1. HKDF-Extract: extract a pseudorandom key of length HKDF_HASHLEN bytes from
30 * the input keying material and optional salt.
31 * 2. HKDF-Expand: expand the pseudorandom key into output keying material of
32 * any length, parameterized by an application-specific info string.
33 *
34 * HKDF-Extract can be skipped if the input is already a pseudorandom key of
35 * length HKDF_HASHLEN bytes. However, cipher modes other than AES-256-XTS take
36 * shorter keys, and we don't want to force users of those modes to provide
37 * unnecessarily long master keys. Thus fscrypt still does HKDF-Extract. No
38 * salt is used, since fscrypt master keys should already be pseudorandom and
39 * there's no way to persist a random salt per master key from kernel mode.
40 */
41
42 /* HKDF-Extract (RFC 5869 section 2.2), unsalted */
43 static int hkdf_extract(struct crypto_shash *hmac_tfm, const u8 *ikm,
44 unsigned int ikmlen, u8 prk[HKDF_HASHLEN])
45 {
46 static const u8 default_salt[HKDF_HASHLEN];
> 47 SHASH_DESC_ON_STACK(desc, hmac_tfm);
48 int err;
49
50 err = crypto_shash_setkey(hmac_tfm, default_salt, HKDF_HASHLEN);
51 if (err)
52 return err;
53
54 desc->tfm = hmac_tfm;
55 desc->flags = 0;
56 err = crypto_shash_digest(desc, ikm, ikmlen, prk);
57 shash_desc_zero(desc);
58 return err;
59 }
60
--
0-DAY CI Kernel Test Service
https://github.com/intel/lkp-tests/wiki
^ permalink raw reply [flat|nested] 8+ messages in thread
* [android-common:upstream-f2fs-stable-linux-4.19.y 289/1172] fs/crypto/hkdf.c:47:9: sparse: sparse: Variable length array is used.
@ 2023-09-11 21:14 kernel test robot
0 siblings, 0 replies; 8+ messages in thread
From: kernel test robot @ 2023-09-11 21:14 UTC (permalink / raw)
To: cros-kernel-buildreports; +Cc: oe-kbuild-all
tree: https://android.googlesource.com/kernel/common upstream-f2fs-stable-linux-4.19.y
head: b9aeb147225616494256fcf913c559afd4088a05
commit: 6ad6af5912f72ad8c40baa072c3dabd321695dc1 [289/1172] fscrypt: add an HKDF-SHA512 implementation
config: x86_64-randconfig-121-20230910 (https://download.01.org/0day-ci/archive/20230912/202309120549.h3411DHW-lkp@intel.com/config)
compiler: gcc-12 (Debian 12.2.0-14) 12.2.0
reproduce (this is a W=1 build): (https://download.01.org/0day-ci/archive/20230912/202309120549.h3411DHW-lkp@intel.com/reproduce)
If you fix the issue in a separate patch/commit (i.e. not just a new version of
the same patch/commit), kindly add following tags
| Reported-by: kernel test robot <lkp@intel.com>
| Closes: https://lore.kernel.org/oe-kbuild-all/202309120549.h3411DHW-lkp@intel.com/
sparse warnings: (new ones prefixed by >>)
>> fs/crypto/hkdf.c:47:9: sparse: sparse: Variable length array is used.
fs/crypto/hkdf.c:120:9: sparse: sparse: Variable length array is used.
fs/crypto/hkdf.o: warning: objtool: fscrypt_init_hkdf()+0x97: sibling call from callable instruction with modified stack frame
vim +47 fs/crypto/hkdf.c
25
26 /*
27 * HKDF consists of two steps:
28 *
29 * 1. HKDF-Extract: extract a pseudorandom key of length HKDF_HASHLEN bytes from
30 * the input keying material and optional salt.
31 * 2. HKDF-Expand: expand the pseudorandom key into output keying material of
32 * any length, parameterized by an application-specific info string.
33 *
34 * HKDF-Extract can be skipped if the input is already a pseudorandom key of
35 * length HKDF_HASHLEN bytes. However, cipher modes other than AES-256-XTS take
36 * shorter keys, and we don't want to force users of those modes to provide
37 * unnecessarily long master keys. Thus fscrypt still does HKDF-Extract. No
38 * salt is used, since fscrypt master keys should already be pseudorandom and
39 * there's no way to persist a random salt per master key from kernel mode.
40 */
41
42 /* HKDF-Extract (RFC 5869 section 2.2), unsalted */
43 static int hkdf_extract(struct crypto_shash *hmac_tfm, const u8 *ikm,
44 unsigned int ikmlen, u8 prk[HKDF_HASHLEN])
45 {
46 static const u8 default_salt[HKDF_HASHLEN];
> 47 SHASH_DESC_ON_STACK(desc, hmac_tfm);
48 int err;
49
50 err = crypto_shash_setkey(hmac_tfm, default_salt, HKDF_HASHLEN);
51 if (err)
52 return err;
53
54 desc->tfm = hmac_tfm;
55 desc->flags = 0;
56 err = crypto_shash_digest(desc, ikm, ikmlen, prk);
57 shash_desc_zero(desc);
58 return err;
59 }
60
--
0-DAY CI Kernel Test Service
https://github.com/intel/lkp-tests/wiki
^ permalink raw reply [flat|nested] 8+ messages in thread
* [android-common:upstream-f2fs-stable-linux-4.19.y 289/1172] fs/crypto/hkdf.c:47:9: sparse: sparse: Variable length array is used.
@ 2023-09-30 23:15 kernel test robot
0 siblings, 0 replies; 8+ messages in thread
From: kernel test robot @ 2023-09-30 23:15 UTC (permalink / raw)
To: cros-kernel-buildreports; +Cc: oe-kbuild-all
tree: https://android.googlesource.com/kernel/common upstream-f2fs-stable-linux-4.19.y
head: b9aeb147225616494256fcf913c559afd4088a05
commit: 6ad6af5912f72ad8c40baa072c3dabd321695dc1 [289/1172] fscrypt: add an HKDF-SHA512 implementation
config: i386-randconfig-062-20231001 (https://download.01.org/0day-ci/archive/20231001/202310010739.4mStCpOF-lkp@intel.com/config)
compiler: gcc-12 (Debian 12.2.0-14) 12.2.0
reproduce (this is a W=1 build): (https://download.01.org/0day-ci/archive/20231001/202310010739.4mStCpOF-lkp@intel.com/reproduce)
If you fix the issue in a separate patch/commit (i.e. not just a new version of
the same patch/commit), kindly add following tags
| Reported-by: kernel test robot <lkp@intel.com>
| Closes: https://lore.kernel.org/oe-kbuild-all/202310010739.4mStCpOF-lkp@intel.com/
sparse warnings: (new ones prefixed by >>)
>> fs/crypto/hkdf.c:47:9: sparse: sparse: Variable length array is used.
fs/crypto/hkdf.c:120:9: sparse: sparse: Variable length array is used.
vim +47 fs/crypto/hkdf.c
25
26 /*
27 * HKDF consists of two steps:
28 *
29 * 1. HKDF-Extract: extract a pseudorandom key of length HKDF_HASHLEN bytes from
30 * the input keying material and optional salt.
31 * 2. HKDF-Expand: expand the pseudorandom key into output keying material of
32 * any length, parameterized by an application-specific info string.
33 *
34 * HKDF-Extract can be skipped if the input is already a pseudorandom key of
35 * length HKDF_HASHLEN bytes. However, cipher modes other than AES-256-XTS take
36 * shorter keys, and we don't want to force users of those modes to provide
37 * unnecessarily long master keys. Thus fscrypt still does HKDF-Extract. No
38 * salt is used, since fscrypt master keys should already be pseudorandom and
39 * there's no way to persist a random salt per master key from kernel mode.
40 */
41
42 /* HKDF-Extract (RFC 5869 section 2.2), unsalted */
43 static int hkdf_extract(struct crypto_shash *hmac_tfm, const u8 *ikm,
44 unsigned int ikmlen, u8 prk[HKDF_HASHLEN])
45 {
46 static const u8 default_salt[HKDF_HASHLEN];
> 47 SHASH_DESC_ON_STACK(desc, hmac_tfm);
48 int err;
49
50 err = crypto_shash_setkey(hmac_tfm, default_salt, HKDF_HASHLEN);
51 if (err)
52 return err;
53
54 desc->tfm = hmac_tfm;
55 desc->flags = 0;
56 err = crypto_shash_digest(desc, ikm, ikmlen, prk);
57 shash_desc_zero(desc);
58 return err;
59 }
60
--
0-DAY CI Kernel Test Service
https://github.com/intel/lkp-tests/wiki
^ permalink raw reply [flat|nested] 8+ messages in thread
* [android-common:upstream-f2fs-stable-linux-4.19.y 289/1172] fs/crypto/hkdf.c:47:9: sparse: sparse: Variable length array is used.
@ 2023-10-09 21:53 kernel test robot
0 siblings, 0 replies; 8+ messages in thread
From: kernel test robot @ 2023-10-09 21:53 UTC (permalink / raw)
To: cros-kernel-buildreports; +Cc: oe-kbuild-all
tree: https://android.googlesource.com/kernel/common upstream-f2fs-stable-linux-4.19.y
head: b9aeb147225616494256fcf913c559afd4088a05
commit: 6ad6af5912f72ad8c40baa072c3dabd321695dc1 [289/1172] fscrypt: add an HKDF-SHA512 implementation
config: i386-randconfig-062-20231001 (https://download.01.org/0day-ci/archive/20231010/202310100540.BRYngStb-lkp@intel.com/config)
compiler: gcc-12 (Debian 12.2.0-14) 12.2.0
reproduce (this is a W=1 build): (https://download.01.org/0day-ci/archive/20231010/202310100540.BRYngStb-lkp@intel.com/reproduce)
If you fix the issue in a separate patch/commit (i.e. not just a new version of
the same patch/commit), kindly add following tags
| Reported-by: kernel test robot <lkp@intel.com>
| Closes: https://lore.kernel.org/oe-kbuild-all/202310100540.BRYngStb-lkp@intel.com/
sparse warnings: (new ones prefixed by >>)
>> fs/crypto/hkdf.c:47:9: sparse: sparse: Variable length array is used.
fs/crypto/hkdf.c:120:9: sparse: sparse: Variable length array is used.
vim +47 fs/crypto/hkdf.c
25
26 /*
27 * HKDF consists of two steps:
28 *
29 * 1. HKDF-Extract: extract a pseudorandom key of length HKDF_HASHLEN bytes from
30 * the input keying material and optional salt.
31 * 2. HKDF-Expand: expand the pseudorandom key into output keying material of
32 * any length, parameterized by an application-specific info string.
33 *
34 * HKDF-Extract can be skipped if the input is already a pseudorandom key of
35 * length HKDF_HASHLEN bytes. However, cipher modes other than AES-256-XTS take
36 * shorter keys, and we don't want to force users of those modes to provide
37 * unnecessarily long master keys. Thus fscrypt still does HKDF-Extract. No
38 * salt is used, since fscrypt master keys should already be pseudorandom and
39 * there's no way to persist a random salt per master key from kernel mode.
40 */
41
42 /* HKDF-Extract (RFC 5869 section 2.2), unsalted */
43 static int hkdf_extract(struct crypto_shash *hmac_tfm, const u8 *ikm,
44 unsigned int ikmlen, u8 prk[HKDF_HASHLEN])
45 {
46 static const u8 default_salt[HKDF_HASHLEN];
> 47 SHASH_DESC_ON_STACK(desc, hmac_tfm);
48 int err;
49
50 err = crypto_shash_setkey(hmac_tfm, default_salt, HKDF_HASHLEN);
51 if (err)
52 return err;
53
54 desc->tfm = hmac_tfm;
55 desc->flags = 0;
56 err = crypto_shash_digest(desc, ikm, ikmlen, prk);
57 shash_desc_zero(desc);
58 return err;
59 }
60
--
0-DAY CI Kernel Test Service
https://github.com/intel/lkp-tests/wiki
^ permalink raw reply [flat|nested] 8+ messages in thread
* [android-common:upstream-f2fs-stable-linux-4.19.y 289/1172] fs/crypto/hkdf.c:47:9: sparse: sparse: Variable length array is used.
@ 2023-10-10 12:20 kernel test robot
0 siblings, 0 replies; 8+ messages in thread
From: kernel test robot @ 2023-10-10 12:20 UTC (permalink / raw)
To: cros-kernel-buildreports; +Cc: oe-kbuild-all
tree: https://android.googlesource.com/kernel/common upstream-f2fs-stable-linux-4.19.y
head: b9aeb147225616494256fcf913c559afd4088a05
commit: 6ad6af5912f72ad8c40baa072c3dabd321695dc1 [289/1172] fscrypt: add an HKDF-SHA512 implementation
config: i386-randconfig-062-20231001 (https://download.01.org/0day-ci/archive/20231010/202310102046.sXzDvJtJ-lkp@intel.com/config)
compiler: gcc-12 (Debian 12.2.0-14) 12.2.0
reproduce (this is a W=1 build): (https://download.01.org/0day-ci/archive/20231010/202310102046.sXzDvJtJ-lkp@intel.com/reproduce)
If you fix the issue in a separate patch/commit (i.e. not just a new version of
the same patch/commit), kindly add following tags
| Reported-by: kernel test robot <lkp@intel.com>
| Closes: https://lore.kernel.org/oe-kbuild-all/202310102046.sXzDvJtJ-lkp@intel.com/
sparse warnings: (new ones prefixed by >>)
>> fs/crypto/hkdf.c:47:9: sparse: sparse: Variable length array is used.
fs/crypto/hkdf.c:120:9: sparse: sparse: Variable length array is used.
vim +47 fs/crypto/hkdf.c
25
26 /*
27 * HKDF consists of two steps:
28 *
29 * 1. HKDF-Extract: extract a pseudorandom key of length HKDF_HASHLEN bytes from
30 * the input keying material and optional salt.
31 * 2. HKDF-Expand: expand the pseudorandom key into output keying material of
32 * any length, parameterized by an application-specific info string.
33 *
34 * HKDF-Extract can be skipped if the input is already a pseudorandom key of
35 * length HKDF_HASHLEN bytes. However, cipher modes other than AES-256-XTS take
36 * shorter keys, and we don't want to force users of those modes to provide
37 * unnecessarily long master keys. Thus fscrypt still does HKDF-Extract. No
38 * salt is used, since fscrypt master keys should already be pseudorandom and
39 * there's no way to persist a random salt per master key from kernel mode.
40 */
41
42 /* HKDF-Extract (RFC 5869 section 2.2), unsalted */
43 static int hkdf_extract(struct crypto_shash *hmac_tfm, const u8 *ikm,
44 unsigned int ikmlen, u8 prk[HKDF_HASHLEN])
45 {
46 static const u8 default_salt[HKDF_HASHLEN];
> 47 SHASH_DESC_ON_STACK(desc, hmac_tfm);
48 int err;
49
50 err = crypto_shash_setkey(hmac_tfm, default_salt, HKDF_HASHLEN);
51 if (err)
52 return err;
53
54 desc->tfm = hmac_tfm;
55 desc->flags = 0;
56 err = crypto_shash_digest(desc, ikm, ikmlen, prk);
57 shash_desc_zero(desc);
58 return err;
59 }
60
--
0-DAY CI Kernel Test Service
https://github.com/intel/lkp-tests/wiki
^ permalink raw reply [flat|nested] 8+ messages in thread
* [android-common:upstream-f2fs-stable-linux-4.19.y 289/1172] fs/crypto/hkdf.c:47:9: sparse: sparse: Variable length array is used.
@ 2023-11-11 3:20 kernel test robot
0 siblings, 0 replies; 8+ messages in thread
From: kernel test robot @ 2023-11-11 3:20 UTC (permalink / raw)
To: cros-kernel-buildreports; +Cc: oe-kbuild-all
tree: https://android.googlesource.com/kernel/common upstream-f2fs-stable-linux-4.19.y
head: b9aeb147225616494256fcf913c559afd4088a05
commit: 6ad6af5912f72ad8c40baa072c3dabd321695dc1 [289/1172] fscrypt: add an HKDF-SHA512 implementation
config: x86_64-randconfig-121-20230910 (https://download.01.org/0day-ci/archive/20231111/202311111156.hQCKOmT1-lkp@intel.com/config)
compiler: gcc-12 (Debian 12.2.0-14) 12.2.0
reproduce (this is a W=1 build): (https://download.01.org/0day-ci/archive/20231111/202311111156.hQCKOmT1-lkp@intel.com/reproduce)
If you fix the issue in a separate patch/commit (i.e. not just a new version of
the same patch/commit), kindly add following tags
| Reported-by: kernel test robot <lkp@intel.com>
| Closes: https://lore.kernel.org/oe-kbuild-all/202311111156.hQCKOmT1-lkp@intel.com/
sparse warnings: (new ones prefixed by >>)
>> fs/crypto/hkdf.c:47:9: sparse: sparse: Variable length array is used.
fs/crypto/hkdf.c:120:9: sparse: sparse: Variable length array is used.
fs/crypto/hkdf.o: warning: objtool: fscrypt_init_hkdf()+0x97: sibling call from callable instruction with modified stack frame
vim +47 fs/crypto/hkdf.c
25
26 /*
27 * HKDF consists of two steps:
28 *
29 * 1. HKDF-Extract: extract a pseudorandom key of length HKDF_HASHLEN bytes from
30 * the input keying material and optional salt.
31 * 2. HKDF-Expand: expand the pseudorandom key into output keying material of
32 * any length, parameterized by an application-specific info string.
33 *
34 * HKDF-Extract can be skipped if the input is already a pseudorandom key of
35 * length HKDF_HASHLEN bytes. However, cipher modes other than AES-256-XTS take
36 * shorter keys, and we don't want to force users of those modes to provide
37 * unnecessarily long master keys. Thus fscrypt still does HKDF-Extract. No
38 * salt is used, since fscrypt master keys should already be pseudorandom and
39 * there's no way to persist a random salt per master key from kernel mode.
40 */
41
42 /* HKDF-Extract (RFC 5869 section 2.2), unsalted */
43 static int hkdf_extract(struct crypto_shash *hmac_tfm, const u8 *ikm,
44 unsigned int ikmlen, u8 prk[HKDF_HASHLEN])
45 {
46 static const u8 default_salt[HKDF_HASHLEN];
> 47 SHASH_DESC_ON_STACK(desc, hmac_tfm);
48 int err;
49
50 err = crypto_shash_setkey(hmac_tfm, default_salt, HKDF_HASHLEN);
51 if (err)
52 return err;
53
54 desc->tfm = hmac_tfm;
55 desc->flags = 0;
56 err = crypto_shash_digest(desc, ikm, ikmlen, prk);
57 shash_desc_zero(desc);
58 return err;
59 }
60
--
0-DAY CI Kernel Test Service
https://github.com/intel/lkp-tests/wiki
^ permalink raw reply [flat|nested] 8+ messages in thread
* [android-common:upstream-f2fs-stable-linux-4.19.y 289/1172] fs/crypto/hkdf.c:47:9: sparse: sparse: Variable length array is used.
@ 2024-09-27 6:00 kernel test robot
0 siblings, 0 replies; 8+ messages in thread
From: kernel test robot @ 2024-09-27 6:00 UTC (permalink / raw)
To: cros-kernel-buildreports; +Cc: oe-kbuild-all
tree: https://android.googlesource.com/kernel/common upstream-f2fs-stable-linux-4.19.y
head: b9aeb147225616494256fcf913c559afd4088a05
commit: 6ad6af5912f72ad8c40baa072c3dabd321695dc1 [289/1172] fscrypt: add an HKDF-SHA512 implementation
config: x86_64-randconfig-122-20240919 (https://download.01.org/0day-ci/archive/20240927/202409271313.cWCYAj6k-lkp@intel.com/config)
compiler: gcc-12 (Debian 12.2.0-14) 12.2.0
reproduce (this is a W=1 build): (https://download.01.org/0day-ci/archive/20240927/202409271313.cWCYAj6k-lkp@intel.com/reproduce)
If you fix the issue in a separate patch/commit (i.e. not just a new version of
the same patch/commit), kindly add following tags
| Reported-by: kernel test robot <lkp@intel.com>
| Closes: https://lore.kernel.org/oe-kbuild-all/202409271313.cWCYAj6k-lkp@intel.com/
sparse warnings: (new ones prefixed by >>)
>> fs/crypto/hkdf.c:47:9: sparse: sparse: Variable length array is used.
fs/crypto/hkdf.c:120:9: sparse: sparse: Variable length array is used.
fs/crypto/hkdf.o: warning: objtool: fscrypt_init_hkdf()+0x97: sibling call from callable instruction with modified stack frame
vim +47 fs/crypto/hkdf.c
25
26 /*
27 * HKDF consists of two steps:
28 *
29 * 1. HKDF-Extract: extract a pseudorandom key of length HKDF_HASHLEN bytes from
30 * the input keying material and optional salt.
31 * 2. HKDF-Expand: expand the pseudorandom key into output keying material of
32 * any length, parameterized by an application-specific info string.
33 *
34 * HKDF-Extract can be skipped if the input is already a pseudorandom key of
35 * length HKDF_HASHLEN bytes. However, cipher modes other than AES-256-XTS take
36 * shorter keys, and we don't want to force users of those modes to provide
37 * unnecessarily long master keys. Thus fscrypt still does HKDF-Extract. No
38 * salt is used, since fscrypt master keys should already be pseudorandom and
39 * there's no way to persist a random salt per master key from kernel mode.
40 */
41
42 /* HKDF-Extract (RFC 5869 section 2.2), unsalted */
43 static int hkdf_extract(struct crypto_shash *hmac_tfm, const u8 *ikm,
44 unsigned int ikmlen, u8 prk[HKDF_HASHLEN])
45 {
46 static const u8 default_salt[HKDF_HASHLEN];
> 47 SHASH_DESC_ON_STACK(desc, hmac_tfm);
48 int err;
49
50 err = crypto_shash_setkey(hmac_tfm, default_salt, HKDF_HASHLEN);
51 if (err)
52 return err;
53
54 desc->tfm = hmac_tfm;
55 desc->flags = 0;
56 err = crypto_shash_digest(desc, ikm, ikmlen, prk);
57 shash_desc_zero(desc);
58 return err;
59 }
60
--
0-DAY CI Kernel Test Service
https://github.com/intel/lkp-tests/wiki
^ permalink raw reply [flat|nested] 8+ messages in thread
end of thread, other threads:[~2024-09-27 6:01 UTC | newest]
Thread overview: 8+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2023-09-30 23:15 [android-common:upstream-f2fs-stable-linux-4.19.y 289/1172] fs/crypto/hkdf.c:47:9: sparse: sparse: Variable length array is used kernel test robot
-- strict thread matches above, loose matches on Subject: below --
2024-09-27 6:00 kernel test robot
2023-11-11 3:20 kernel test robot
2023-10-10 12:20 kernel test robot
2023-10-09 21:53 kernel test robot
2023-09-11 21:14 kernel test robot
2023-06-18 1:08 kernel test robot
2023-06-14 11:59 kernel test robot
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.