[Bug 1929921] [NEW] Ubuntu 20.04.2 - OPENSSL_cleanse() fails with segmentation fault in eddsa_test
Launchpad Bug Tracker
1929921 at bugs.launchpad.net
Mon May 31 10:23:06 UTC 2021
You have been subscribed to a public bug:
---Problem Description---
=======
IBM z15 with D41C Bundle S39a and z/VM 7.2.0 guest with crypto cards attached
OS: Ubuntu 20.04.2 (focal fossa) with 5.4.0-73-generic and libica 3.6.1 installed
Core dump when running the eddsa_test from libica
Details
=======
The available openSSL version is: OpenSSL 1.1.1f 31 Mar 2020
The ibmca engine was installed, but not defined into the openssl.cnf file,
openssl engine displayed the default line:
(dynamic) Dynamic engine loading support
The segmentation fault was generated by `./eddsa_test'.
Program terminated with signal SIGSEGV, Segmentation fault in openSSL
(gdb) bt
#0 0x000003ff896e50be in OPENSSL_cleanse () from /lib/s390x-linux-gnu/libcrypto.so.1.1
#1 0x000003ff898a26fa in ica_ed25519_ctx_del (ctx=0x3fff9b7e010) at ica_api.c:1897
#2 0x000002aa28986f14 in ed25519_stress () at eddsa_test.c:441
#3 0x000002aa289831bc in main (argc=0x1, argv=0x3fff9b7eaf8) at eddsa_test.c:66
See https://wiki.ubuntu.com/Debug%20Symbol%20Packages about how to
define debug repositories
apt install libica3-dbgsym
#0 0x000003ff896e50be in OPENSSL_cleanse () from /lib/s390x-linux-gnu/libcrypto.so.1.1
(gdb) bt
# coredumpctl dump 158582 > eddsa.core
PID: 158582 (eddsa_test)
UID: 0 (root)
GID: 0 (root)
Signal: 11 (SEGV)
Timestamp: Wed 2021-05-26 19:52:28 CEST (15h ago)
Command Line: ./eddsa_test
Executable: /root/crypto/libica-3.6.1/test/eddsa_test
Control Group: /user.slice/user-0.slice/session-9.scope
Unit: session-9.scope
Slice: user-0.slice
Session: 9
Owner UID: 0 (root)
Boot ID: 6a7a23240f464a0d9f2d3fa3e82be73e
Machine ID: c933ae494f9a4c6e8d82625c952945d5
Hostname: t3514002.lnxne.boe
Storage: /var/lib/systemd/coredump/core.eddsa_test.0.6a7a23240f464a0d9f2d3fa3e82be73e.158582.1622051548000000000000.lz4
Message: Process 158582 (eddsa_test) of user 0 dumped core.
Stack trace of thread 158582:
#0 0x000003ff896e50be OPENSSL_cleanse (libcrypto.so.1.1 + 0x1650be)
---uname output---
Linux system 5.4.0-73-generic #82-Ubuntu SMP Wed Apr 14 17:29:32 UTC 2021 s390x s390x s390x GNU/Linux
Machine Type = Manufacturer: IBM Type: 8561 Model: 703 T01
---Debugger---
A debugger was configured, however the system did not enter into the debugger
---Steps to Reproduce---
1.) install the github libica 3.6.1 package
and build the test cases
2.) cd .../libica-3.6.1
3.) ./bootstrap.sh; configure --enable-coverage
4.) make coverage
Watch the segmentation fault to happen
Userspace tool common name: eddsa_test
The userspace tool has the following bit modes: 64bit
Userspace rpm: libica3
Userspace tool obtained from project website: na
The problem could be reproduced with libica 3.6.1, however, it does not show up with libica 3.8.0. Looks like the problem was fixed by commit
https://github.com/opencryptoki/libica/commit/b40d0d2ad4a2aac088cf47befbddd8b3b9fca1c5
After applying this fix on top of 3.6.1, the segfault does not occur
anymore. It's sufficient to apply the 4 changes in eddsa_test.c.
** Affects: ubuntu-z-systems
Importance: High
Status: Invalid
** Affects: openssl (Ubuntu)
Importance: Undecided
Assignee: Skipper Bug Screeners (skipper-screen-team)
Status: Invalid
** Tags: architecture-s39064 bugnameltc-192953 severity-high targetmilestone-inin20042
--
Ubuntu 20.04.2 - OPENSSL_cleanse() fails with segmentation fault in eddsa_test
https://bugs.launchpad.net/bugs/1929921
You received this bug notification because you are a member of Ubuntu Foundations Bugs, which is subscribed to openssl in Ubuntu.
More information about the foundations-bugs
mailing list