On Wed, Nov 27, 2019 at 11:14:52AM -0800, Eric Biggers wrote: > > I tried applying the following patches and running syzkaller again: > > padata: Remove unused padata_remove_cpu > padata: Remove broken queue flushing > crypto: pcrypt - Fix user-after-free on module unload > [v3] crypto: pcrypt - Avoid deadlock by using per-instance padata queues > > This time I got a crypto self-test failure when > "pcrypt(pcrypt(rfc4106-gcm-aesni))" was instantiated: > > [ 2220.165113] alg: aead: pcrypt(pcrypt(rfc4106-gcm-aesni)) encryption corrupted request struct on test vector 0, cfg="uneven misaligned splits, may sleep" > [ 2220.170295] alg: aead: changed 'req->base.flags' > [ 2220.171799] Kernel panic - not syncing: alg: self-tests for pcrypt(pcrypt(rfc4106-gcm-aesni)) (rfc4106(gcm(aes))) failed in panic_on_fail mode! > > So the algorithm is not preserving aead_request::base.flags. Thanks for the report. This is a preexisting bug in pcrypt. Here is a patch for it. ---8<--- We should not be modifying the original request's MAY_SLEEP flag upon completion. It makes no sense to do so anyway. Reported-by: Eric Biggers <ebiggers@xxxxxxxxxx> Fixes: 5068c7a883d1 ("crypto: pcrypt - Add pcrypt crypto...") Signed-off-by: Herbert Xu <herbert@xxxxxxxxxxxxxxxxxxx> diff --git a/crypto/pcrypt.c b/crypto/pcrypt.c index 543792e0ebf0..2f6f81183e45 100644 --- a/crypto/pcrypt.c +++ b/crypto/pcrypt.c @@ -63,7 +63,6 @@ static void pcrypt_aead_done(struct crypto_async_request *areq, int err) struct padata_priv *padata = pcrypt_request_padata(preq); padata->info = err; - req->base.flags &= ~CRYPTO_TFM_REQ_MAY_SLEEP; padata_do_serial(padata); } -- Email: Herbert Xu <herbert@xxxxxxxxxxxxxxxxxxx> Home Page: http://gondor.apana.org.au/~herbert/ PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt