On Tue, 8 Jan 2019 at 00:16, Eric Biggers <ebiggers@xxxxxxxxxx> wrote: > > From: Eric Biggers <ebiggers@xxxxxxxxxx> > > Hi Greg, please consider applying this to 4.9-stable and 4.4-stable. > It's a minimal fix for a bug that was fixed incidentally by a large > refactoring in v4.11. > > >8------------------------------------------------------8< > > In chacha20-simd, clear the MAY_SLEEP flag in the blkcipher_desc to > prevent sleeping with preemption disabled, under kernel_fpu_begin(). > > This was fixed upstream incidentally by a large refactoring, > commit 9ae433bc79f9 ("crypto: chacha20 - convert generic and x86 > versions to skcipher"). But syzkaller easily trips over this when > running on older kernels, as it's easily reachable via AF_ALG. > Therefore, this patch makes the minimal fix for older kernels. > > Fixes: c9320b6dcb89 ("crypto: chacha20 - Add a SSSE3 SIMD variant for x86_64") > Cc: linux-crypto@xxxxxxxxxxxxxxx > Cc: Martin Willi <martin@xxxxxxxxxxxxxx> > Cc: Ard Biesheuvel <ard.biesheuvel@xxxxxxxxxx> > Signed-off-by: Eric Biggers <ebiggers@xxxxxxxxxx> Acked-by: Ard Biesheuvel <ard.biesheuvel@xxxxxxxxxx> > --- > arch/x86/crypto/chacha20_glue.c | 1 + > 1 file changed, 1 insertion(+) > > diff --git a/arch/x86/crypto/chacha20_glue.c b/arch/x86/crypto/chacha20_glue.c > index f910d1d449f00..0a5fedf43bdc8 100644 > --- a/arch/x86/crypto/chacha20_glue.c > +++ b/arch/x86/crypto/chacha20_glue.c > @@ -77,6 +77,7 @@ static int chacha20_simd(struct blkcipher_desc *desc, struct scatterlist *dst, > > blkcipher_walk_init(&walk, dst, src, nbytes); > err = blkcipher_walk_virt_block(desc, &walk, CHACHA20_BLOCK_SIZE); > + desc->flags &= ~CRYPTO_TFM_REQ_MAY_SLEEP; > > crypto_chacha20_init(state, crypto_blkcipher_ctx(desc->tfm), walk.iv); > > -- > 2.20.1.97.g81188d93c3-goog >