lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Thu, 10 Jul 2008 17:43:45 +0800 From: Herbert Xu <herbert@...dor.apana.org.au> To: Thomas Zeitlhofer <tzeitlho+lkml@...tuwien.ac.at> Cc: linux-kernel@...r.kernel.org, netdev@...r.kernel.org Subject: Re: IPSEC in 2.6.25 causes stalled connections On Wed, Jul 09, 2008 at 04:43:34PM +0800, Herbert Xu wrote: > > Thanks! I've reproduced the problem. Now we just need to figure > out what it is :) OK, found it: chainiv never called the completion function! commit 066068afee313b7746e7a3de05b57dcd4149a2fe Author: Herbert Xu <herbert@...dor.apana.org.au> Date: Thu Jul 10 17:42:36 2008 +0800 crypto: chainiv - Invoke completion function When chainiv postpones requests it never calls their completion functions. This causes symptoms such as memory leaks when IPsec is in use. Signed-off-by: Herbert Xu <herbert@...dor.apana.org.au> diff --git a/crypto/chainiv.c b/crypto/chainiv.c index 6da3f57..9affade 100644 --- a/crypto/chainiv.c +++ b/crypto/chainiv.c @@ -117,6 +117,7 @@ static int chainiv_init(struct crypto_tfm *tfm) static int async_chainiv_schedule_work(struct async_chainiv_ctx *ctx) { int queued; + int err = ctx->err; if (!ctx->queue.qlen) { smp_mb__before_clear_bit(); @@ -131,7 +132,7 @@ static int async_chainiv_schedule_work(struct async_chainiv_ctx *ctx) BUG_ON(!queued); out: - return ctx->err; + return err; } static int async_chainiv_postpone_request(struct skcipher_givcrypt_request *req) @@ -227,6 +228,7 @@ static void async_chainiv_do_postponed(struct work_struct *work) postponed); struct skcipher_givcrypt_request *req; struct ablkcipher_request *subreq; + int err; /* Only handle one request at a time to avoid hogging keventd. */ spin_lock_bh(&ctx->lock); @@ -241,7 +243,11 @@ static void async_chainiv_do_postponed(struct work_struct *work) subreq = skcipher_givcrypt_reqctx(req); subreq->base.flags |= CRYPTO_TFM_REQ_MAY_SLEEP; - async_chainiv_givencrypt_tail(req); + err = async_chainiv_givencrypt_tail(req); + + local_bh_disable(); + skcipher_givcrypt_complete(req, err); + local_bh_enable(); } static int async_chainiv_init(struct crypto_tfm *tfm) Thanks, -- Visit Openswan at http://www.openswan.org/ Email: Herbert Xu ~{PmV>HI~} <herbert@...dor.apana.org.au> Home Page: http://gondor.apana.org.au/~herbert/ PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt -- To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists