| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20171031041015.GB24806@gondor.apana.org.au>
Date: Tue, 31 Oct 2017 12:10:15 +0800
From: Herbert Xu <herbert@...dor.apana.org.au>
To: Ilya Lesokhin <ilyal@...lanox.com>
Cc: "netdev@...r.kernel.org" <netdev@...r.kernel.org>,
"sd@...asysnail.net" <sd@...asysnail.net>,
Boris Pismenny <borisp@...lanox.com>
Subject: Re: Using the aesni generic gcm(aes) aead in atomic context
On Mon, Oct 30, 2017 at 03:18:21PM +0000, Ilya Lesokhin wrote:
> Hi,
> I've tried using the aesni generic gcm(aes) aead to implement TLS SW fallback and
> I'm getting
> [ 3356.839506] BUG: sleeping function called from invalid context at ./include/crypto/algapi.h:417
>
> The warning is coming from a ___might_sleep() macro that is called if CRYPTO_TFM_REQ_MAY_SLEEP is set.
> I'm getting the warning regardless of if pass CRYPTO_ALG_ASYNC or 0 as flags to crypto_alloc_aead("gcm(aes)", 0, flags).
>
> I've also noticed that rfc4106_encrypt() includes a irq_fpu_usable() check while generic_gcmaes_encrypt() doesn't.
> Is the generic gcm(aes) aead unsafe in atomic context?
> And if so which aead should I use?
>
> Finally, out of curiosity, doesn't macsec crypto run in atomic context?
Are you allocating the tfm from atomic context? That is not allowed.
Normally you would allocate the tfm in process context, e.g., when
the connection is setup.
Cheers,
--
Email: Herbert Xu <herbert@...dor.apana.org.au>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt
Powered by blists - more mailing lists