Fix corner case in cpuinfo parser.

I realized looking at the sigalgs parser that I messed up the
space-splitting logic slightly. If the CPU features are "foo bar baz",
it would not parse "baz". This doesn't particular matter (the last one
is "crc32"), but better to parse it correctly.

Fix this and add a unit test. While I'm here, may as well add a fuzzer
too.

Change-Id: Ifc1603b8f70d975f391d10e51ede95deec31a83d
Reviewed-on: https://boringssl-review.googlesource.com/31464
Commit-Queue: David Benjamin <[email protected]>
CQ-Verified: CQ bot account: [email protected] <[email protected]>
Reviewed-by: Adam Langley <[email protected]>

crypto/CMakeLists.txt

@@ -237,6 +237,7 @@ add_executable(
   cmac/cmac_test.cc
   compiler_test.cc
   constant_time_test.cc
+  cpu-arm-linux_test.cc
   curve25519/ed25519_test.cc
   curve25519/spake25519_test.cc
   curve25519/x25519_test.cc

crypto/cpu-arm-linux.c

@@ -14,150 +14,23 @@
 
 #include <openssl/cpu.h>
 
-#if defined(OPENSSL_ARM) && !defined(OPENSSL_STATIC_ARMCAP)
+#include "cpu-arm-linux.h"
+#include "internal.h"
 
+#if defined(OPENSSL_ARM) && !defined(OPENSSL_STATIC_ARMCAP)
 #include <errno.h>
 #include <fcntl.h>
-#include <string.h>
 #include <sys/types.h>
 #include <unistd.h>
 
 #include <openssl/arm_arch.h>
 #include <openssl/buf.h>
 #include <openssl/mem.h>
+#endif
 
-#include "internal.h"
-
-
-#define AT_HWCAP 16
-#define AT_HWCAP2 26
-
-#define HWCAP_NEON (1 << 12)
-
-// See /usr/include/asm/hwcap.h on an ARM installation for the source of
-// these values.
-#define HWCAP2_AES (1 << 0)
-#define HWCAP2_PMULL (1 << 1)
-#define HWCAP2_SHA1 (1 << 2)
-#define HWCAP2_SHA2 (1 << 3)
-
-// |getauxval| is not available on Android until API level 20. Link it as a weak
-// symbol and use other methods as fallback.
-unsigned long getauxval(unsigned long type) __attribute__((weak));
-
-static int open_eintr(const char *path, int flags) {
-  int ret;
-  do {
-    ret = open(path, flags);
-  } while (ret < 0 && errno == EINTR);
-  return ret;
-}
-
-static ssize_t read_eintr(int fd, void *out, size_t len) {
-  ssize_t ret;
-  do {
-    ret = read(fd, out, len);
-  } while (ret < 0 && errno == EINTR);
-  return ret;
-}
-
-// read_full reads exactly |len| bytes from |fd| to |out|. On error or end of
-// file, it returns zero.
-static int read_full(int fd, void *out, size_t len) {
-  char *outp = out;
-  while (len > 0) {
-    ssize_t ret = read_eintr(fd, outp, len);
-    if (ret <= 0) {
-      return 0;
-    }
-    outp += ret;
-    len -= ret;
-  }
-  return 1;
-}
-
-// read_file opens |path| and reads until end-of-file. On success, it returns
-// one and sets |*out_ptr| and |*out_len| to a newly-allocated buffer with the
-// contents. Otherwise, it returns zero.
-static int read_file(char **out_ptr, size_t *out_len, const char *path) {
-  int fd = open_eintr(path, O_RDONLY);
-  if (fd < 0) {
-    return 0;
-  }
-
-  static const size_t kReadSize = 1024;
-  int ret = 0;
-  size_t cap = kReadSize, len = 0;
-  char *buf = OPENSSL_malloc(cap);
-  if (buf == NULL) {
-    goto err;
-  }
-
-  for (;;) {
-    if (cap - len < kReadSize) {
-      size_t new_cap = cap * 2;
-      if (new_cap < cap) {
-        goto err;
-      }
-      char *new_buf = OPENSSL_realloc(buf, new_cap);
-      if (new_buf == NULL) {
-        goto err;
-      }
-      buf = new_buf;
-      cap = new_cap;
-    }
-
-    ssize_t bytes_read = read_eintr(fd, buf + len, kReadSize);
-    if (bytes_read < 0) {
-      goto err;
-    }
-    if (bytes_read == 0) {
-      break;
-    }
-    len += bytes_read;
-  }
-
-  *out_ptr = buf;
-  *out_len = len;
-  ret = 1;
-  buf = NULL;
-
-err:
-  OPENSSL_free(buf);
-  close(fd);
-  return ret;
-}
-
-// getauxval_proc behaves like |getauxval| but reads from /proc/self/auxv.
-static unsigned long getauxval_proc(unsigned long type) {
-  int fd = open_eintr("/proc/self/auxv", O_RDONLY);
-  if (fd < 0) {
-    return 0;
-  }
 
-  struct {
-    unsigned long tag;
-    unsigned long value;
-  } entry;
-
-  for (;;) {
-    if (!read_full(fd, &entry, sizeof(entry)) ||
-        (entry.tag == 0 && entry.value == 0)) {
-      break;
-    }
-    if (entry.tag == type) {
-      close(fd);
-      return entry.value;
-    }
-  }
-  close(fd);
-  return 0;
-}
-
-typedef struct {
-  const char *data;
-  size_t len;
-} STRING_PIECE;
+// The following functions are only used in ARM, but they are defined on all
+// platforms for testing and fuzzing purposes.
 
 static int STRING_PIECE_equals(const STRING_PIECE *a, const char *b) {
   size_t b_len = strlen(b);
@@ -182,6 +55,23 @@ static int STRING_PIECE_split(STRING_PIECE *out_left, STRING_PIECE *out_right,
   return 1;
 }
 
+// STRING_PIECE_get_delimited reads a |sep|-delimited entry from |s|, writing it
+// to |out| and updating |s| to point beyond it. It returns one on success and
+// zero if |s| is empty. If |s| is has no copies of |sep| and is non-empty, it
+// reads the entire string to |out|.
+static int STRING_PIECE_get_delimited(STRING_PIECE *s, STRING_PIECE *out, char sep) {
+  if (s->len == 0) {
+    return 0;
+  }
+  if (!STRING_PIECE_split(out, s, s, sep)) {
+    // |s| had no instances of |sep|. Return the entire string.
+    *out = *s;
+    s->data += s->len;
+    s->len = 0;
+  }
+  return 1;
+}
+
 // STRING_PIECE_trim removes leading and trailing whitespace from |s|.
 static void STRING_PIECE_trim(STRING_PIECE *s) {
   while (s->len != 0 && (s->data[0] == ' ' || s->data[0] == '\t')) {
@@ -195,13 +85,13 @@ static void STRING_PIECE_trim(STRING_PIECE *s) {
 }
 
 // extract_cpuinfo_field extracts a /proc/cpuinfo field named |field| from
-// |in|.  If found, it sets |*out| to the value and returns one. Otherwise, it
+// |in|. If found, it sets |*out| to the value and returns one. Otherwise, it
 // returns zero.
 static int extract_cpuinfo_field(STRING_PIECE *out, const STRING_PIECE *in,
                                  const char *field) {
   // Process |in| one line at a time.
   STRING_PIECE remaining = *in, line;
-  while (STRING_PIECE_split(&line, &remaining, &remaining, '\n')) {
+  while (STRING_PIECE_get_delimited(&remaining, &line, '\n')) {
     STRING_PIECE key, value;
     if (!STRING_PIECE_split(&key, &value, &line, ':')) {
       continue;
@@ -228,15 +118,15 @@ static int cpuinfo_field_equals(const STRING_PIECE *cpuinfo, const char *field,
 // one if |item| is contained in |list| and zero otherwise.
 static int has_list_item(const STRING_PIECE *list, const char *item) {
   STRING_PIECE remaining = *list, feature;
-  while (STRING_PIECE_split(&feature, &remaining, &remaining, ' ')) {
+  while (STRING_PIECE_get_delimited(&remaining, &feature, ' ')) {
     if (STRING_PIECE_equals(&feature, item)) {
       return 1;
     }
   }
   return 0;
 }
 
-static unsigned long get_hwcap_cpuinfo(const STRING_PIECE *cpuinfo) {
+unsigned long crypto_get_arm_hwcap_from_cpuinfo(const STRING_PIECE *cpuinfo) {
   if (cpuinfo_field_equals(cpuinfo, "CPU architecture", "8")) {
     // This is a 32-bit ARM binary running on a 64-bit kernel. NEON is always
     // available on ARMv8. Linux omits required features, so reading the
@@ -254,7 +144,7 @@ static unsigned long get_hwcap_cpuinfo(const STRING_PIECE *cpuinfo) {
   return 0;
 }
 
-static unsigned long get_hwcap2_cpuinfo(const STRING_PIECE *cpuinfo) {
+unsigned long crypto_get_arm_hwcap2_from_cpuinfo(const STRING_PIECE *cpuinfo) {
   STRING_PIECE features;
   if (!extract_cpuinfo_field(&features, cpuinfo, "Features")) {
     return 0;
@@ -276,16 +166,132 @@ static unsigned long get_hwcap2_cpuinfo(const STRING_PIECE *cpuinfo) {
   return ret;
 }
 
-// has_broken_neon returns one if |in| matches a CPU known to have a broken
-// NEON unit. See https://crbug.com/341598.
-static int has_broken_neon(const STRING_PIECE *cpuinfo) {
+int crypto_cpuinfo_has_broken_neon(const STRING_PIECE *cpuinfo) {
   return cpuinfo_field_equals(cpuinfo, "CPU implementer", "0x51") &&
          cpuinfo_field_equals(cpuinfo, "CPU architecture", "7") &&
          cpuinfo_field_equals(cpuinfo, "CPU variant", "0x1") &&
          cpuinfo_field_equals(cpuinfo, "CPU part", "0x04d") &&
          cpuinfo_field_equals(cpuinfo, "CPU revision", "0");
 }
 
+#if defined(OPENSSL_ARM) && !defined(OPENSSL_STATIC_ARMCAP)
+
+#define AT_HWCAP 16
+#define AT_HWCAP2 26
+
+// |getauxval| is not available on Android until API level 20. Link it as a weak
+// symbol and use other methods as fallback.
+unsigned long getauxval(unsigned long type) __attribute__((weak));
+
+static int open_eintr(const char *path, int flags) {
+  int ret;
+  do {
+    ret = open(path, flags);
+  } while (ret < 0 && errno == EINTR);
+  return ret;
+}
+
+static ssize_t read_eintr(int fd, void *out, size_t len) {
+  ssize_t ret;
+  do {
+    ret = read(fd, out, len);
+  } while (ret < 0 && errno == EINTR);
+  return ret;
+}
+
+// read_full reads exactly |len| bytes from |fd| to |out|. On error or end of
+// file, it returns zero.
+static int read_full(int fd, void *out, size_t len) {
+  char *outp = out;
+  while (len > 0) {
+    ssize_t ret = read_eintr(fd, outp, len);
+    if (ret <= 0) {
+      return 0;
+    }
+    outp += ret;
+    len -= ret;
+  }
+  return 1;
+}
+
+// read_file opens |path| and reads until end-of-file. On success, it returns
+// one and sets |*out_ptr| and |*out_len| to a newly-allocated buffer with the
+// contents. Otherwise, it returns zero.
+static int read_file(char **out_ptr, size_t *out_len, const char *path) {
+  int fd = open_eintr(path, O_RDONLY);
+  if (fd < 0) {
+    return 0;
+  }
+
+  static const size_t kReadSize = 1024;
+  int ret = 0;
+  size_t cap = kReadSize, len = 0;
+  char *buf = OPENSSL_malloc(cap);
+  if (buf == NULL) {
+    goto err;
+  }
+
+  for (;;) {
+    if (cap - len < kReadSize) {
+      size_t new_cap = cap * 2;
+      if (new_cap < cap) {
+        goto err;
+      }
+      char *new_buf = OPENSSL_realloc(buf, new_cap);
+      if (new_buf == NULL) {
+        goto err;
+      }
+      buf = new_buf;
+      cap = new_cap;
+    }
+
+    ssize_t bytes_read = read_eintr(fd, buf + len, kReadSize);
+    if (bytes_read < 0) {
+      goto err;
+    }
+    if (bytes_read == 0) {
+      break;
+    }
+    len += bytes_read;
+  }
+
+  *out_ptr = buf;
+  *out_len = len;
+  ret = 1;
+  buf = NULL;
+
+err:
+  OPENSSL_free(buf);
+  close(fd);
+  return ret;
+}
+
+// getauxval_proc behaves like |getauxval| but reads from /proc/self/auxv.
+static unsigned long getauxval_proc(unsigned long type) {
+  int fd = open_eintr("/proc/self/auxv", O_RDONLY);
+  if (fd < 0) {
+    return 0;
+  }
+
+  struct {
+    unsigned long tag;
+    unsigned long value;
+  } entry;
+
+  for (;;) {
+    if (!read_full(fd, &entry, sizeof(entry)) ||
+        (entry.tag == 0 && entry.value == 0)) {
+      break;
+    }
+    if (entry.tag == type) {
+      close(fd);
+      return entry.value;
+    }
+  }
+  close(fd);
+  return 0;
+}
+
 extern uint32_t OPENSSL_armcap_P;
 
 static int g_has_broken_neon, g_needs_hwcap2_workaround;
@@ -315,11 +321,11 @@ void OPENSSL_cpuid_setup(void) {
     hwcap = getauxval_proc(AT_HWCAP);
   }
   if (hwcap == 0) {
-    hwcap = get_hwcap_cpuinfo(&cpuinfo);
+    hwcap = crypto_get_arm_hwcap_from_cpuinfo(&cpuinfo);
   }
 
   // Clear NEON support if known broken.
-  g_has_broken_neon = has_broken_neon(&cpuinfo);
+  g_has_broken_neon = crypto_cpuinfo_has_broken_neon(&cpuinfo);
   if (g_has_broken_neon) {
     hwcap &= ~HWCAP_NEON;
   }
@@ -335,7 +341,7 @@ void OPENSSL_cpuid_setup(void) {
       hwcap2 = getauxval(AT_HWCAP2);
     }
     if (hwcap2 == 0) {
-      hwcap2 = get_hwcap2_cpuinfo(&cpuinfo);
+      hwcap2 = crypto_get_arm_hwcap2_from_cpuinfo(&cpuinfo);
       g_needs_hwcap2_workaround = hwcap2 != 0;
     }