On 10/28/2020 11:07 AM, Ard Biesheuvel wrote:
> On Wed, 28 Oct 2020 at 10:03, Horia Geantă <horia.geanta@xxxxxxx> wrote:
>>
>> Loading the module deadlocks since:
>> -local cbc(aes) implementation needs a fallback and
>> -crypto API tries to find one but the request_module() resolves back to
>> the same module
>>
>> Fix this by changing the module alias for cbc(aes) and
>> using the NEED_FALLBACK flag when requesting for a fallback algorithm.
>>
>> Fixes: 00b99ad2bac2 ("crypto: arm/aes-neonbs - Use generic cbc encryption path")
>> Signed-off-by: Horia Geantă <horia.geanta@xxxxxxx>
>
> Not sure what is happening here: IIRC the intention was to rely on the
> fact that only the sync cbc(aes) implementation needs the fallback,
> and therefore, allocating a sync skcipher explicitly would avoid this
> recursion.
>
My understanding is the following:
1. Local cbc_init() tries to allocate a fallback tfm for cbc(aes)
2. crypto API cbc(aes) tries to find a cbc(aes) algorithm implementation
crypto_alloc_skcipher ->
crypto_alloc_tfm ->
crypto_alloc_tfm_node ->
crypto_find_alg ->
crypto_alg_mod_lookup ->
crypto_larval_lookup
Here crypto_alg_lookup() fails to find a cbc(aes) implementation.
3. Next step is to try to dynamically load a module (request_module)
that supports this implementation. And here it deadlocks, since it tries
to load aes-arm-bs module...
The fix is providing a way to (partially) skip the dynamic module loading
in crypto_alg_lookup() and allow for the last method of finding an algorithm
implementation, which is creating the cbc(aes) on the fly
via the cbc template - see:
ok = crypto_probing_notify(CRYPTO_MSG_ALG_REQUEST, larval);
in crypto_alg_mod_lookup().
Horia
