aboutsummaryrefslogtreecommitdiff
path: root/src
diff options
context:
space:
mode:
authorAris Adamantiadis <aris@0xbadc0de.be>2017-06-09 22:47:36 +0200
committerAndreas Schneider <asn@cryptomilk.org>2018-11-21 16:54:36 +0100
commit55252e4d70ecf58afccf6326091ea4dad66bc01f (patch)
tree56e6c9e2e01dc488cd268631077c3898e6f564d5 /src
parent8e002b94153a93c0bcb670acced888cc2d521394 (diff)
downloadlibssh-55252e4d70ecf58afccf6326091ea4dad66bc01f.tar.gz
libssh-55252e4d70ecf58afccf6326091ea4dad66bc01f.tar.xz
libssh-55252e4d70ecf58afccf6326091ea4dad66bc01f.zip
libcrypto: disable AES-NI engine when running inside valgrind
Valgrind detects many uninitialized memory false positives from libcrypto's AES-NI internals. Roll back to software AES when running tests. Signed-off-by: Aris Adamantiadis <aris@0xbadc0de.be> Reviewed-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
Diffstat (limited to 'src')
-rw-r--r--src/libcrypto.c17
1 files changed, 16 insertions, 1 deletions
diff --git a/src/libcrypto.c b/src/libcrypto.c
index 6b454737..b9b45f64 100644
--- a/src/libcrypto.c
+++ b/src/libcrypto.c
@@ -58,6 +58,11 @@
#define OLD_CRYPTO
#endif
+#if (HAVE_VALGRIND_VALGRIND_H && HAVE_OPENSSL_IA32CAP_LOC)
+#include <valgrind/valgrind.h>
+#define CAN_DISABLE_AESNI
+#endif
+
#include "libssh/crypto.h"
struct ssh_mac_ctx_struct {
@@ -1059,7 +1064,17 @@ int ssh_crypto_init(void)
SSLeay_version(SSLeay())
);
}
-
+#ifdef CAN_DISABLE_AESNI
+ /*
+ * disable AES-NI when running within Valgrind, because they generate
+ * too many "uninitialized memory access" false positives
+ */
+ if (RUNNING_ON_VALGRIND){
+ SSH_LOG(SSH_LOG_INFO, "Running within Valgrind, disabling AES-NI");
+ /* Bit #57 denotes AES-NI instruction set extension */
+ OPENSSL_ia32cap &= ~(1LL << 57);
+ }
+#endif
OpenSSL_add_all_algorithms();
for (i = 0; ssh_ciphertab[i].name != NULL; i++) {