On 04/30/2017 01:04 AM, Jan Stancek wrote:
> Hi,
>
> I'm seeing rare crashes during NFS cthon with krb5 auth. After
> some digging I arrived at potential problem with sha1-avx2.
>
> Problem appears to be that sha1_transform_avx2() reads beyond
> number of blocks you pass, if it is an odd number. It appears
> to try read one block more.
It's not just odd vs even number of blocks. It appears to be
doing read ahead (in size of 2 blocks). For example,
for data starting at page offset 1 with length 3967, it still
crashes on access to subsequent page.
Patch below fixes it for me, but it feels more like workaround.
Regards,
Jan
diff --git a/arch/x86/crypto/sha1_ssse3_glue.c b/arch/x86/crypto/sha1_ssse3_glue.c
index fc61739150e7..736128267715 100644
--- a/arch/x86/crypto/sha1_ssse3_glue.c
+++ b/arch/x86/crypto/sha1_ssse3_glue.c
@@ -212,10 +212,41 @@ static bool avx2_usable(void)
static void sha1_apply_transform_avx2(u32 *digest, const char *data,
unsigned int rounds)
{
+ const char *last;
+ unsigned int rounds_avx2;
+
/* Select the optimal transform based on data block size */
- if (rounds >= SHA1_AVX2_BLOCK_OPTSIZE)
- sha1_transform_avx2(digest, data, rounds);
- else
+ if (rounds < SHA1_AVX2_BLOCK_OPTSIZE)
+ goto avx;
+
+ /*
+ * sha1_transform_avx2() can read ahead couple blocks, which
+ * can cause problems if it crosses page boundary and next
+ * page doesn't exist. It operates on even number of blocks.
+ * Code below checks for worst case, where it can access
+ * up to 3 consecutive blocks after data end. In that case
+ * sha1_transform_avx2() is passed 3 blocks less and rest
+ * of data is handled by sha1_transform_avx().
+ *
+ * +----------+---------+---------+---------+
+ * 2x SHA1_BLOCK_SIZE | 2*SHA1_BLOCK_SIZE
+ * +----------+---------+---------+---------+
+ * ^ data end
+ */
+ last = data + (rounds + 3) * SHA1_BLOCK_SIZE - 1;
+ if (offset_in_page(last) >= 3 * SHA1_BLOCK_SIZE) {
+ rounds_avx2 = rounds;
+ } else {
+ rounds_avx2 = rounds - 3;
+ if (rounds_avx2 < SHA1_AVX2_BLOCK_OPTSIZE)
+ goto avx;
+ }
+
+ sha1_transform_avx2(digest, data, rounds_avx2);
+ data += SHA1_BLOCK_SIZE * rounds_avx2;
+ rounds -= rounds_avx2;
+avx:
+ if (rounds)
sha1_transform_avx(digest, data, rounds);
}
