This is a note to let you know that I've just added the patch titled crypto: algif_skcipher - Do not assume that req is unchanged to the 4.4-stable tree which can be found at: http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=summary The filename of the patch is: crypto-algif_skcipher-do-not-assume-that-req-is-unchanged.patch and it can be found in the queue-4.4 subdirectory. If you, or anyone else, feels it should not be added to the stable tree, please let <stable@xxxxxxxxxxxxxxx> know about it. >From ec69bbfb9902c32a5c1492f2b1b8ad032a66d724 Mon Sep 17 00:00:00 2001 From: Herbert Xu <herbert@xxxxxxxxxxxxxxxxxxx> Date: Wed, 3 Feb 2016 21:39:24 +0800 Subject: crypto: algif_skcipher - Do not assume that req is unchanged From: Herbert Xu <herbert@xxxxxxxxxxxxxxxxxxx> commit ec69bbfb9902c32a5c1492f2b1b8ad032a66d724 upstream. The async path in algif_skcipher assumes that the crypto completion function will be called with the original request. This is not necessarily the case. In fact there is no need for this anyway since we already embed information into the request with struct skcipher_async_req. This patch adds a pointer to that struct and then passes it as the data to the callback function. Signed-off-by: Herbert Xu <herbert@xxxxxxxxxxxxxxxxxxx> Tested-by: Tadeusz Struk <tadeusz.struk@xxxxxxxxx> Signed-off-by: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx> --- crypto/algif_skcipher.c | 60 ++++++++++++++++++++++-------------------------- 1 file changed, 28 insertions(+), 32 deletions(-) --- a/crypto/algif_skcipher.c +++ b/crypto/algif_skcipher.c @@ -65,18 +65,10 @@ struct skcipher_async_req { struct skcipher_async_rsgl first_sgl; struct list_head list; struct scatterlist *tsg; - char iv[]; + atomic_t *inflight; + struct skcipher_request req; }; -#define GET_SREQ(areq, ctx) (struct skcipher_async_req *)((char *)areq + \ - crypto_skcipher_reqsize(crypto_skcipher_reqtfm(&ctx->req))) - -#define GET_REQ_SIZE(ctx) \ - crypto_skcipher_reqsize(crypto_skcipher_reqtfm(&ctx->req)) - -#define GET_IV_SIZE(ctx) \ - crypto_skcipher_ivsize(crypto_skcipher_reqtfm(&ctx->req)) - #define MAX_SGL_ENTS ((4096 - sizeof(struct skcipher_sg_list)) / \ sizeof(struct scatterlist) - 1) @@ -102,15 +94,12 @@ static void skcipher_free_async_sgls(str static void skcipher_async_cb(struct crypto_async_request *req, int err) { - struct sock *sk = req->data; - struct alg_sock *ask = alg_sk(sk); - struct skcipher_ctx *ctx = ask->private; - struct skcipher_async_req *sreq = GET_SREQ(req, ctx); + struct skcipher_async_req *sreq = req->data; struct kiocb *iocb = sreq->iocb; - atomic_dec(&ctx->inflight); + atomic_dec(sreq->inflight); skcipher_free_async_sgls(sreq); - kfree(req); + kzfree(sreq); iocb->ki_complete(iocb, err, err); } @@ -509,37 +498,42 @@ static int skcipher_recvmsg_async(struct { struct sock *sk = sock->sk; struct alg_sock *ask = alg_sk(sk); + struct sock *psk = ask->parent; + struct alg_sock *pask = alg_sk(psk); struct skcipher_ctx *ctx = ask->private; + struct skcipher_tfm *skc = pask->private; + struct crypto_skcipher *tfm = skc->skcipher; struct skcipher_sg_list *sgl; struct scatterlist *sg; struct skcipher_async_req *sreq; struct skcipher_request *req; struct skcipher_async_rsgl *last_rsgl = NULL; unsigned int txbufs = 0, len = 0, tx_nents = skcipher_all_sg_nents(ctx); - unsigned int reqlen = sizeof(struct skcipher_async_req) + - GET_REQ_SIZE(ctx) + GET_IV_SIZE(ctx); + unsigned int reqsize = crypto_skcipher_reqsize(tfm); + unsigned int ivsize = crypto_skcipher_ivsize(tfm); int err = -ENOMEM; bool mark = false; + char *iv; - lock_sock(sk); - req = kmalloc(reqlen, GFP_KERNEL); - if (unlikely(!req)) - goto unlock; + sreq = kzalloc(sizeof(*sreq) + reqsize + ivsize, GFP_KERNEL); + if (unlikely(!sreq)) + goto out; - sreq = GET_SREQ(req, ctx); + req = &sreq->req; + iv = (char *)(req + 1) + reqsize; sreq->iocb = msg->msg_iocb; - memset(&sreq->first_sgl, '\0', sizeof(struct skcipher_async_rsgl)); INIT_LIST_HEAD(&sreq->list); + sreq->inflight = &ctx->inflight; + + lock_sock(sk); sreq->tsg = kcalloc(tx_nents, sizeof(*sg), GFP_KERNEL); - if (unlikely(!sreq->tsg)) { - kfree(req); + if (unlikely(!sreq->tsg)) goto unlock; - } sg_init_table(sreq->tsg, tx_nents); - memcpy(sreq->iv, ctx->iv, GET_IV_SIZE(ctx)); - skcipher_request_set_tfm(req, crypto_skcipher_reqtfm(&ctx->req)); + memcpy(iv, ctx->iv, ivsize); + skcipher_request_set_tfm(req, tfm); skcipher_request_set_callback(req, CRYPTO_TFM_REQ_MAY_BACKLOG, - skcipher_async_cb, sk); + skcipher_async_cb, sreq); while (iov_iter_count(&msg->msg_iter)) { struct skcipher_async_rsgl *rsgl; @@ -615,20 +609,22 @@ static int skcipher_recvmsg_async(struct sg_mark_end(sreq->tsg + txbufs - 1); skcipher_request_set_crypt(req, sreq->tsg, sreq->first_sgl.sgl.sg, - len, sreq->iv); + len, iv); err = ctx->enc ? crypto_skcipher_encrypt(req) : crypto_skcipher_decrypt(req); if (err == -EINPROGRESS) { atomic_inc(&ctx->inflight); err = -EIOCBQUEUED; + sreq = NULL; goto unlock; } free: skcipher_free_async_sgls(sreq); - kfree(req); unlock: skcipher_wmem_wakeup(sk); release_sock(sk); + kzfree(sreq); +out: return err; } Patches currently in stable-queue which might be from herbert@xxxxxxxxxxxxxxxxxxx are queue-4.4/crypto-af_alg-disallow-bind-setkey-...-after-accept-2.patch queue-4.4/crypto-crc32c-fix-crc32c-soft-dependency.patch queue-4.4/crypto-af_alg-forbid-bind-2-when-nokey-child-sockets-are-present.patch queue-4.4/crypto-algif_hash-fix-race-condition-in-hash_check_key.patch queue-4.4/crypto-skcipher-add-crypto_skcipher_has_setkey.patch queue-4.4/crypto-atmel-sha-remove-calls-of-clk_prepare-from-atomic-contexts.patch queue-4.4/crypto-chacha20-ssse3-align-stack-pointer-to-64-bytes.patch queue-4.4/crypto-algif_skcipher-add-key-check-exception-for-cipher_null.patch queue-4.4/crypto-algif_skcipher-do-not-assume-that-req-is-unchanged.patch queue-4.4/crypto-algif_hash-remove-custom-release-parent-function.patch queue-4.4/crypto-algif_skcipher-load-tx-sg-list-after-waiting.patch queue-4.4/crypto-algif_skcipher-require-setkey-before-accept-2.patch queue-4.4/crypto-user-lock-crypto_alg_list-on-alg-dump.patch queue-4.4/crypto-atmel-sha-fix-atmel_sha_remove.patch queue-4.4/crypto-marvell-cesa-fix-test-in-mv_cesa_dev_dma_init.patch queue-4.4/crypto-algif_skcipher-add-nokey-compatibility-path.patch queue-4.4/crypto-shash-fix-has_key-setting.patch queue-4.4/crypto-algif_skcipher-do-not-dereference-ctx-without-socket-lock.patch queue-4.4/crypto-algif_skcipher-remove-custom-release-parent-function.patch queue-4.4/crypto-af_alg-allow-af_af_alg_release_parent-to-be-called-on-nokey-path.patch queue-4.4/crypto-hash-add-crypto_ahash_has_setkey.patch queue-4.4/crypto-af_alg-add-nokey-compatibility-path.patch queue-4.4/crypto-algif_skcipher-do-not-set-may_backlog-on-the-async-path.patch queue-4.4/crypto-sun4i-ss-add-missing-statesize.patch queue-4.4/crypto-algif_hash-require-setkey-before-accept-2.patch queue-4.4/crypto-algif_skcipher-sendmsg-sg-marking-is-off-by-one.patch queue-4.4/crypto-algif_skcipher-fix-race-condition-in-skcipher_check_key.patch queue-4.4/crypto-algif_hash-wait-for-crypto_ahash_init-to-complete.patch queue-4.4/crypto-caam-make-write-transactions-bufferable-on-ppc-platforms.patch queue-4.4/crypto-af_alg-fix-socket-double-free-when-accept-fails.patch -- To unsubscribe from this list: send the line "unsubscribe stable" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html