[#1823] replace malloc/calloc/strdup/free with openssl allocator #1926
Conversation
…sl allocator Signed-off-by: Songling Han <[email protected]>
songlingatpan
force-pushed
the
pr_shan_1823_openssl_allocator
branch
from
a93e625
to
b61754c
Compare
|
I will commit another change for copy_from_upstream. |
Signed-off-by: Songling Han <[email protected]>
songlingatpan
requested review from
bhess,
jschanck and
baentsch
as code owners
There was a problem hiding this comment.
Conceptually LGTM, but CI needs to pass; please see https://github.com/open-quantum-safe/liboqs/blob/main/CONTRIBUTING.md#coding-style
|
@baentsch Question: 'bike', 'frodokem', 'ntruprime' is not from upstream. |
Signed-off-by: Songling Han <[email protected]>
Good point. @dstebila : There's surely upstreams for these algorithms, but they're not captured by OQS automation/copy_from_upstream. Question: Are these projects still maintained (and where) or is it OK to change code straight in |
…KEM, and NTRUPrime Signed-off-by: Songling Han <[email protected]>
FrodoKEM is maintained at https://github.com/microsoft/PQCrypto-LWEKE/; I exported the code from there any manually added it to liboqs, as we didn't have as robust a copy_from_upstream at the time. FrodoKEM also needs to do an update from upstream, as there have been new variants introduced in the last year, but I don't have a plan for this update. So to avoid blocking on that, I would say it's fine to make the FrodoKEM changes directly here in this repository. NTRUPrime had been coming from PQClean, but they have stopped supporting it. We only are keeping one variant of NTRUPrime because of its use in OpenSSH. I think we consider a timeline for sunsetting it. But in the interim, I think changes to NTRUPrime can be done directly here in this repository. BIKE was contributed directly by the team at AWS. Our main contact for that has been @dkostic, but I'm not sure if he's still the right contact. Pinging @brian-jarvis-aws for some input. |
done |
I'd prefer to see those as a second PR, since those changes may be less mechanical and might require a closer look. |
|
I suggest we defer merging this until after the 0.11.0 release, otherwise we would need to cut a new release candidate and push the release back a week. |
Signed-off-by: Songling Han <[email protected]>
Signed-off-by: Songling Han <[email protected]>
Signed-off-by: Songling Han <[email protected]>
Signed-off-by: Songling Han <[email protected]>
Signed-off-by: Songling Han <[email protected]>
Signed-off-by: Songling Han <[email protected]>
Signed-off-by: Songling Han <[email protected]>
Signed-off-by: Songling Han <[email protected]>
Signed-off-by: Songling Han <[email protected]>
Signed-off-by: Songling Han <[email protected]>
| @@ -32,7 +32,7 @@ | |||
| #define ppad 769 | |||
| #define endingmask _mm256_set_epi8(1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,0,0,0,0,0,0,0) | |||
| #define crypto_core_weight PQCLEAN_SNTRUP761_AVX2_crypto_core_weightsntrup761 | |||
| #define p 761 | |||
| #define p_param 761 | |||
There was a problem hiding this comment.
I'm not immediately seeing the reason for this name change—could you explain why it's necessary?
There was a problem hiding this comment.
There is some conflict with openssl.
In file included from /Volumes/GIT/git/oqs/liboqs/src/kem/ntruprime/pqclean_sntrup761_clean/kem.c:5: In file included from /Volumes/GIT/git/oqs/liboqs/src/common/pqclean_shims/randombytes.h:6: In file included from /Volumes/GIT/git/oqs/liboqs/build/include/oqs/rand.h:15: In file included from /Volumes/GIT/git/oqs/liboqs/build/include/oqs/common.h:30: In file included from /usr/local/opt/openssl@3/include/openssl/crypto.h:34: In file included from /usr/local/opt/openssl@3/include/openssl/safestack.h:24: /usr/local/opt/openssl@3/include/openssl/stack.h:45:60: error: expected ')' void *OPENSSL_sk_delete_ptr(OPENSSL_STACK *st, const void *p); ^ /Volumes/GIT/git/oqs/liboqs/src/kem/ntruprime/pqclean_sntrup761_clean/params.h:31:11: note: expanded from macro 'p' #define p 761 ^ /usr/local/opt/openssl@3/include/openssl/stack.h:45:28: note: to match this '(' void *OPENSSL_sk_delete_ptr(OPENSSL_STACK *st, const void *p); ^ 1 error generated. [121/1636] Building C object src/kem/frodokem/CMakeFiles/frodokem.dir/external/frodo1344aes.c.o ninja: build stopped: subcommand failed.
There was a problem hiding this comment.
Hmmmm, I see. Is there a clean way to handle this with #include guards or something similar? Renaming seems like a brittle workaround. Suppose for argument's sake that a future version of OpenSSL changes the function parameter to const void *q—then everything would break here again.
There was a problem hiding this comment.
What I wouldn't give for C++ namespaces... 😜
|
Thanks for this work, @songlingatpan! How would you feel about dropping the |
|
After this lands, we may want to add some sort of static analysis to guard against raw |
Signed-off-by: Songling Han <[email protected]>
Signed-off-by: Songling Han <[email protected]>
Addressed the comment in the latest PR. Please review it. |
Correct. We should phase out direct calls to malloc, free, calloc, strdup, and realloc. |
|
Signed-off-by: Songling Han <[email protected]>
Signed-off-by: Songling Han <[email protected]>
Addressed the comment by adding code in test_code_conventions.py. |
Signed-off-by: Songling Han <[email protected]>
src/common/common.c
Outdated
| if (ptr == NULL) { | ||
| fprintf(stderr, "Memory allocation failed\n"); | ||
| abort(); | ||
| return NULL; //abort(); |
There was a problem hiding this comment.
Doesn't this change effectively make OQS_checked_malloc and OQS_mem_malloc the same function (up to printing)?
There was a problem hiding this comment.
True.
Many embedded systems have strict memory constraints, and encountering a malloc failure is not uncommon in such environments.
src/common/common.c
Outdated
| @@ -289,7 +292,7 @@ void *OQS_MEM_checked_aligned_alloc(size_t alignment, size_t size) { | |||
| void *ptr = OQS_MEM_aligned_alloc(alignment, size); | |||
| if (ptr == NULL) { | |||
| fprintf(stderr, "Memory allocation failed\n"); | |||
| abort(); | |||
| return NULL; //abort(); | |||
There was a problem hiding this comment.
Same comment here regarding OQS_MEM_checked_aligned_alloc and OQS_MEM_aligned_alloc.
There was a problem hiding this comment.
yes. Please let me know if you agree to remove the checked functions. If so, I will go ahead and remove them.
There was a problem hiding this comment.
We could—but then we'll be left with a bunch of common-code functions that rely on the "checked" functions aborting if allocation fails. If this code is left unchanged, won't it lead to more crashes and/or memory corruption? If it needs to be changed to handle unchecked functions, is it not simpler to keep the "checked" functions rather than factor out the check everywhere?
There was a problem hiding this comment.
The caller must perform a NULL check before dereferencing the pointer. Additionally, in the case of a NULL check failure, the caller is responsible for releasing any allocated resources to prevent memory leaks.
There was a problem hiding this comment.
The caller must perform a NULL check before dereferencing the pointer. Additionally, in the case of a NULL check failure, the caller is responsible for releasing any allocated resources to prevent memory leaks.
Sure—but those NULL checks are not currently present in the codebase, because the callers were relying on the checked_malloc functions. If we replace the checked_malloc functions with the unchecked versions in this PR, the NULL checks must also be added in this PR. For example this code will dereference NULL on malloc failure.
| continue | ||
| if 'IGNORE free-check' in line: | ||
| # Check if we're inside a multi-line comment | ||
| if '/*' in content[:content.find(line)] and '*/' not in content[:content.find(line)]: |
There was a problem hiding this comment.
Just a note, this will produce a false positive in the following scenario:
/* comment */
/*
malloc(sizeof(int));
*/
OQS_MEM_malloc(sizeof(int));I think you'd have to search backwards for the closest /*, but that seems like overkill.
There was a problem hiding this comment.
@SWilson4 You are right. We can improve it later.
Signed-off-by: Songling Han <[email protected]>
Signed-off-by: Songling Han <[email protected]>
Signed-off-by: Songling Han <[email protected]>
It seems the conflicts issue only occurs for certain openssl version/platform. Didn't see conflicts any more after revert. |
|
@SWilson4 Addressed your 2 comments. |
Replaced malloc, calloc, strdup, and free with the OpenSSL memory allocator to enable the caller to customize memory allocator, addressing issue #1823. This PR does not change the existing behavior or algorithms.