| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20200702033221.GA19367@gondor.apana.org.au>
Date: Thu, 2 Jul 2020 13:32:21 +1000
From: Herbert Xu <herbert@...dor.apana.org.au>
To: Naresh Kamboju <naresh.kamboju@...aro.org>
Cc: Eric Biggers <ebiggers@...nel.org>,
Luis Chamberlain <mcgrof@...nel.org>,
LTP List <ltp@...ts.linux.it>,
open list <linux-kernel@...r.kernel.org>,
linux-security-module@...r.kernel.org, keyrings@...r.kernel.org,
lkft-triage@...ts.linaro.org,
Linux Crypto Mailing List <linux-crypto@...r.kernel.org>,
Jan Stancek <jstancek@...hat.com>, chrubis <chrubis@...e.cz>,
"Serge E. Hallyn" <serge@...lyn.com>,
James Morris <jmorris@...ei.org>,
Jarkko Sakkinen <jarkko.sakkinen@...ux.intel.com>,
David Howells <dhowells@...hat.com>,
"David S. Miller" <davem@...emloft.net>,
Sachin Sant <sachinp@...ux.vnet.ibm.com>,
Linux Next Mailing List <linux-next@...r.kernel.org>,
linuxppc-dev <linuxppc-dev@...ts.ozlabs.org>,
linux- stable <stable@...r.kernel.org>
Subject: [v2 PATCH] crypto: af_alg - Fix regression on empty requests
On Tue, Jun 30, 2020 at 02:18:11PM +0530, Naresh Kamboju wrote:
>
> Since we are on this subject,
> LTP af_alg02 test case fails on stable 4.9 and stable 4.4
> This is not a regression because the test case has been failing from
> the beginning.
>
> Is this test case expected to fail on stable 4.9 and 4.4 ?
> or any chance to fix this on these older branches ?
>
> Test output:
> af_alg02.c:52: BROK: Timed out while reading from request socket.
>
> ref:
> https://qa-reports.linaro.org/lkft/linux-stable-rc-4.9-oe/build/v4.9.228-191-g082e807235d7/testrun/2884917/suite/ltp-crypto-tests/test/af_alg02/history/
> https://qa-reports.linaro.org/lkft/linux-stable-rc-4.9-oe/build/v4.9.228-191-g082e807235d7/testrun/2884606/suite/ltp-crypto-tests/test/af_alg02/log
Actually this test really is broken. Even though empty requests
are legal, they should never be done with no write(2) at all.
Because this fundamentally breaks the use of a blocking read(2)
to wait for more data.
Granted this has been broken since 2017 but I'm not going to
reintroduce this just because of a broken test case.
So please either remove af_alg02 or fix it by adding a control
message through sendmsg(2).
Thanks,
---8<---
Some user-space programs rely on crypto requests that have no
control metadata. This broke when a check was added to require
the presence of control metadata with the ctx->init flag.
This patch fixes the regression by setting ctx->init as long as
one sendmsg(2) has been made, with or without a control message.
Reported-by: Sachin Sant <sachinp@...ux.vnet.ibm.com>
Reported-by: Naresh Kamboju <naresh.kamboju@...aro.org>
Fixes: f3c802a1f300 ("crypto: algif_aead - Only wake up when...")
Signed-off-by: Herbert Xu <herbert@...dor.apana.org.au>
diff --git a/crypto/af_alg.c b/crypto/af_alg.c
index 9fcb91ea10c41..5882ed46f1adb 100644
--- a/crypto/af_alg.c
+++ b/crypto/af_alg.c
@@ -851,6 +851,7 @@ int af_alg_sendmsg(struct socket *sock, struct msghdr *msg, size_t size,
err = -EINVAL;
goto unlock;
}
+ ctx->init = true;
if (init) {
ctx->enc = enc;
@@ -858,7 +859,6 @@ int af_alg_sendmsg(struct socket *sock, struct msghdr *msg, size_t size,
memcpy(ctx->iv, con.iv->iv, ivsize);
ctx->aead_assoclen = con.aead_assoclen;
- ctx->init = true;
}
while (size) {
--
Email: Herbert Xu <herbert@...dor.apana.org.au>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt
Powered by blists - more mailing lists