diff options
author | Aris Adamantiadis <aris@0xbadc0de.be> | 2017-06-09 22:47:36 +0200 |
---|---|---|
committer | Andreas Schneider <asn@cryptomilk.org> | 2018-11-21 16:54:36 +0100 |
commit | 55252e4d70ecf58afccf6326091ea4dad66bc01f (patch) | |
tree | 56e6c9e2e01dc488cd268631077c3898e6f564d5 /src | |
parent | 8e002b94153a93c0bcb670acced888cc2d521394 (diff) | |
download | libssh-55252e4d70ecf58afccf6326091ea4dad66bc01f.tar.gz libssh-55252e4d70ecf58afccf6326091ea4dad66bc01f.tar.xz libssh-55252e4d70ecf58afccf6326091ea4dad66bc01f.zip |
libcrypto: disable AES-NI engine when running inside valgrind
Valgrind detects many uninitialized memory false positives from
libcrypto's AES-NI internals. Roll back to software AES when running
tests.
Signed-off-by: Aris Adamantiadis <aris@0xbadc0de.be>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
Diffstat (limited to 'src')
-rw-r--r-- | src/libcrypto.c | 17 |
1 files changed, 16 insertions, 1 deletions
diff --git a/src/libcrypto.c b/src/libcrypto.c index 6b454737..b9b45f64 100644 --- a/src/libcrypto.c +++ b/src/libcrypto.c @@ -58,6 +58,11 @@ #define OLD_CRYPTO #endif +#if (HAVE_VALGRIND_VALGRIND_H && HAVE_OPENSSL_IA32CAP_LOC) +#include <valgrind/valgrind.h> +#define CAN_DISABLE_AESNI +#endif + #include "libssh/crypto.h" struct ssh_mac_ctx_struct { @@ -1059,7 +1064,17 @@ int ssh_crypto_init(void) SSLeay_version(SSLeay()) ); } - +#ifdef CAN_DISABLE_AESNI + /* + * disable AES-NI when running within Valgrind, because they generate + * too many "uninitialized memory access" false positives + */ + if (RUNNING_ON_VALGRIND){ + SSH_LOG(SSH_LOG_INFO, "Running within Valgrind, disabling AES-NI"); + /* Bit #57 denotes AES-NI instruction set extension */ + OPENSSL_ia32cap &= ~(1LL << 57); + } +#endif OpenSSL_add_all_algorithms(); for (i = 0; ssh_ciphertab[i].name != NULL; i++) { |