lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Thu, 2 Jul 2020 13:32:21 +1000 From: Herbert Xu <herbert@...dor.apana.org.au> To: Naresh Kamboju <naresh.kamboju@...aro.org> Cc: Eric Biggers <ebiggers@...nel.org>, Luis Chamberlain <mcgrof@...nel.org>, LTP List <ltp@...ts.linux.it>, open list <linux-kernel@...r.kernel.org>, linux-security-module@...r.kernel.org, keyrings@...r.kernel.org, lkft-triage@...ts.linaro.org, Linux Crypto Mailing List <linux-crypto@...r.kernel.org>, Jan Stancek <jstancek@...hat.com>, chrubis <chrubis@...e.cz>, "Serge E. Hallyn" <serge@...lyn.com>, James Morris <jmorris@...ei.org>, Jarkko Sakkinen <jarkko.sakkinen@...ux.intel.com>, David Howells <dhowells@...hat.com>, "David S. Miller" <davem@...emloft.net>, Sachin Sant <sachinp@...ux.vnet.ibm.com>, Linux Next Mailing List <linux-next@...r.kernel.org>, linuxppc-dev <linuxppc-dev@...ts.ozlabs.org>, linux- stable <stable@...r.kernel.org> Subject: [v2 PATCH] crypto: af_alg - Fix regression on empty requests On Tue, Jun 30, 2020 at 02:18:11PM +0530, Naresh Kamboju wrote: > > Since we are on this subject, > LTP af_alg02 test case fails on stable 4.9 and stable 4.4 > This is not a regression because the test case has been failing from > the beginning. > > Is this test case expected to fail on stable 4.9 and 4.4 ? > or any chance to fix this on these older branches ? > > Test output: > af_alg02.c:52: BROK: Timed out while reading from request socket. > > ref: > https://qa-reports.linaro.org/lkft/linux-stable-rc-4.9-oe/build/v4.9.228-191-g082e807235d7/testrun/2884917/suite/ltp-crypto-tests/test/af_alg02/history/ > https://qa-reports.linaro.org/lkft/linux-stable-rc-4.9-oe/build/v4.9.228-191-g082e807235d7/testrun/2884606/suite/ltp-crypto-tests/test/af_alg02/log Actually this test really is broken. Even though empty requests are legal, they should never be done with no write(2) at all. Because this fundamentally breaks the use of a blocking read(2) to wait for more data. Granted this has been broken since 2017 but I'm not going to reintroduce this just because of a broken test case. So please either remove af_alg02 or fix it by adding a control message through sendmsg(2). Thanks, ---8<--- Some user-space programs rely on crypto requests that have no control metadata. This broke when a check was added to require the presence of control metadata with the ctx->init flag. This patch fixes the regression by setting ctx->init as long as one sendmsg(2) has been made, with or without a control message. Reported-by: Sachin Sant <sachinp@...ux.vnet.ibm.com> Reported-by: Naresh Kamboju <naresh.kamboju@...aro.org> Fixes: f3c802a1f300 ("crypto: algif_aead - Only wake up when...") Signed-off-by: Herbert Xu <herbert@...dor.apana.org.au> diff --git a/crypto/af_alg.c b/crypto/af_alg.c index 9fcb91ea10c41..5882ed46f1adb 100644 --- a/crypto/af_alg.c +++ b/crypto/af_alg.c @@ -851,6 +851,7 @@ int af_alg_sendmsg(struct socket *sock, struct msghdr *msg, size_t size, err = -EINVAL; goto unlock; } + ctx->init = true; if (init) { ctx->enc = enc; @@ -858,7 +859,6 @@ int af_alg_sendmsg(struct socket *sock, struct msghdr *msg, size_t size, memcpy(ctx->iv, con.iv->iv, ivsize); ctx->aead_assoclen = con.aead_assoclen; - ctx->init = true; } while (size) { -- Email: Herbert Xu <herbert@...dor.apana.org.au> Home Page: http://gondor.apana.org.au/~herbert/ PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt
Powered by blists - more mailing lists