Fully initialize *ctx, including the buf field which sha256_init()
doesn't initialize, to avoid a KMSAN warning when comparing *ctx to
orig_ctx.  This KMSAN warning slipped in while KMSAN was not working
reliably due to a stackdepot bug, which has now been fixed.

Fixes: 6733968be7cb ("lib/crypto: tests: Add tests and benchmark for sha256_finup_2x()")
Cc: stable@vger.kernel.org
Signed-off-by: Eric Biggers <ebiggers@kernel.org>
---
 lib/crypto/tests/sha256_kunit.c | 1 +
 1 file changed, 1 insertion(+)

diff --git a/lib/crypto/tests/sha256_kunit.c b/lib/crypto/tests/sha256_kunit.c
index dcedfca06df6..5dccdee79693 100644
--- a/lib/crypto/tests/sha256_kunit.c
+++ b/lib/crypto/tests/sha256_kunit.c
@@ -66,10 +66,11 @@ static void test_sha256_finup_2x(struct kunit *test)
 	ctx = alloc_guarded_buf(test, sizeof(*ctx));
 
 	rand_bytes(data1_buf, max_data_len);
 	rand_bytes(data2_buf, max_data_len);
 	rand_bytes(salt, sizeof(salt));
+	memset(ctx, 0, sizeof(*ctx));
 
 	for (size_t i = 0; i < 500; i++) {
 		size_t salt_len = rand_length(sizeof(salt));
 		size_t data_len = rand_length(max_data_len);
 		const u8 *data1 = data1_buf + max_data_len - data_len;

base-commit: 10a1140107e0b98bd67d37ae7af72989dd7df00b
-- 
2.51.2

On Thu, Nov 20, 2025 at 07:34:31PM -0800, Eric Biggers wrote:
> Fully initialize *ctx, including the buf field which sha256_init()
> doesn't initialize, to avoid a KMSAN warning when comparing *ctx to
> orig_ctx.  This KMSAN warning slipped in while KMSAN was not working
> reliably due to a stackdepot bug, which has now been fixed.
> 
> Fixes: 6733968be7cb ("lib/crypto: tests: Add tests and benchmark for sha256_finup_2x()")
> Cc: stable@vger.kernel.org
> Signed-off-by: Eric Biggers <ebiggers@kernel.org>
> ---
>  lib/crypto/tests/sha256_kunit.c | 1 +
>  1 file changed, 1 insertion(+)
> 

Applied to https://git.kernel.org/pub/scm/linux/kernel/git/ebiggers/linux.git/log/?h=libcrypto-fixes
(I dropped the Cc stable.  I'll just send it in for v6.18-rc7 instead.)

- Eric

On Fri, 21 Nov 2025 at 04:36, Eric Biggers <ebiggers@kernel.org> wrote:
>
> Fully initialize *ctx, including the buf field which sha256_init()
> doesn't initialize, to avoid a KMSAN warning when comparing *ctx to
> orig_ctx.  This KMSAN warning slipped in while KMSAN was not working
> reliably due to a stackdepot bug, which has now been fixed.
>
> Fixes: 6733968be7cb ("lib/crypto: tests: Add tests and benchmark for sha256_finup_2x()")
> Cc: stable@vger.kernel.org
> Signed-off-by: Eric Biggers <ebiggers@kernel.org>

Acked-by: Ard Biesheuvel <ardb@kernel.org>

> ---
>  lib/crypto/tests/sha256_kunit.c | 1 +
>  1 file changed, 1 insertion(+)
>
> diff --git a/lib/crypto/tests/sha256_kunit.c b/lib/crypto/tests/sha256_kunit.c
> index dcedfca06df6..5dccdee79693 100644
> --- a/lib/crypto/tests/sha256_kunit.c
> +++ b/lib/crypto/tests/sha256_kunit.c
> @@ -66,10 +66,11 @@ static void test_sha256_finup_2x(struct kunit *test)
>         ctx = alloc_guarded_buf(test, sizeof(*ctx));
>
>         rand_bytes(data1_buf, max_data_len);
>         rand_bytes(data2_buf, max_data_len);
>         rand_bytes(salt, sizeof(salt));
> +       memset(ctx, 0, sizeof(*ctx));
>
>         for (size_t i = 0; i < 500; i++) {
>                 size_t salt_len = rand_length(sizeof(salt));
>                 size_t data_len = rand_length(max_data_len);
>                 const u8 *data1 = data1_buf + max_data_len - data_len;
>
> base-commit: 10a1140107e0b98bd67d37ae7af72989dd7df00b
> --
> 2.51.2
>