From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mail.linuxfoundation.org ([140.211.169.12]:60128 "EHLO mail.linuxfoundation.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1751109AbcCMFjH (ORCPT ); Sun, 13 Mar 2016 00:39:07 -0500 Subject: Patch "Revert: "crypto: af_alg - Disallow bind/setkey/... after accept(2)"" has been added to the 3.10-stable tree To: gregkh@linuxfoundation.org, dvyukov@google.com, herbert@gondor.apana.org.au, preed@sigkill.com Cc: , From: Date: Sat, 12 Mar 2016 21:38:43 -0800 Message-ID: <145784752321924@kroah.com> MIME-Version: 1.0 Content-Type: text/plain; charset=ANSI_X3.4-1968 Content-Transfer-Encoding: 8bit Sender: stable-owner@vger.kernel.org List-ID: This is a note to let you know that I've just added the patch titled Revert: "crypto: af_alg - Disallow bind/setkey/... after accept(2)" to the 3.10-stable tree which can be found at: http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=summary The filename of the patch is: revert-crypto-af_alg-disallow-bind-setkey-...-after-accept-2.patch and it can be found in the queue-3.10 subdirectory. If you, or anyone else, feels it should not be added to the stable tree, please let know about it. >>From foo@baz Sat Mar 12 21:30:16 PST 2016 Date: Sat, 12 Mar 2016 21:30:16 -0800 To: Greg KH From: Greg Kroah-Hartman Subject: Revert: "crypto: af_alg - Disallow bind/setkey/... after accept(2)" This reverts commit 5a707f0972e1c9d8a4a921ddae79d0f9dc36a341 which is commit c840ac6af3f8713a71b4d2363419145760bd6044 upstream. It's been widely reported that this patch breaks existing userspace applications when backported to the stable kernel releases. As no fix seems to be forthcoming, just revert it to let systems work again. Reported-by: "J. Paul Reed" Cc: Dmitry Vyukov Cc: Herbert Xu Signed-off-by: Greg Kroah-Hartman --- crypto/af_alg.c | 35 +++-------------------------------- include/crypto/if_alg.h | 8 +++++--- 2 files changed, 8 insertions(+), 35 deletions(-) --- a/crypto/af_alg.c +++ b/crypto/af_alg.c @@ -125,23 +125,6 @@ int af_alg_release(struct socket *sock) } EXPORT_SYMBOL_GPL(af_alg_release); -void af_alg_release_parent(struct sock *sk) -{ - struct alg_sock *ask = alg_sk(sk); - bool last; - - sk = ask->parent; - ask = alg_sk(sk); - - lock_sock(sk); - last = !--ask->refcnt; - release_sock(sk); - - if (last) - sock_put(sk); -} -EXPORT_SYMBOL_GPL(af_alg_release_parent); - static int alg_bind(struct socket *sock, struct sockaddr *uaddr, int addr_len) { struct sock *sk = sock->sk; @@ -149,7 +132,6 @@ static int alg_bind(struct socket *sock, struct sockaddr_alg *sa = (void *)uaddr; const struct af_alg_type *type; void *private; - int err; if (sock->state == SS_CONNECTED) return -EINVAL; @@ -175,22 +157,16 @@ static int alg_bind(struct socket *sock, return PTR_ERR(private); } - err = -EBUSY; lock_sock(sk); - if (ask->refcnt) - goto unlock; swap(ask->type, type); swap(ask->private, private); - err = 0; - -unlock: release_sock(sk); alg_do_release(type, private); - return err; + return 0; } static int alg_setkey(struct sock *sk, char __user *ukey, @@ -223,15 +199,11 @@ static int alg_setsockopt(struct socket struct sock *sk = sock->sk; struct alg_sock *ask = alg_sk(sk); const struct af_alg_type *type; - int err = -EBUSY; + int err = -ENOPROTOOPT; lock_sock(sk); - if (ask->refcnt) - goto unlock; - type = ask->type; - err = -ENOPROTOOPT; if (level != SOL_ALG || !type) goto unlock; @@ -280,8 +252,7 @@ int af_alg_accept(struct sock *sk, struc sk2->sk_family = PF_ALG; - if (!ask->refcnt++) - sock_hold(sk); + sock_hold(sk); alg_sk(sk2)->parent = sk; alg_sk(sk2)->type = type; --- a/include/crypto/if_alg.h +++ b/include/crypto/if_alg.h @@ -30,8 +30,6 @@ struct alg_sock { struct sock *parent; - unsigned int refcnt; - const struct af_alg_type *type; void *private; }; @@ -66,7 +64,6 @@ int af_alg_register_type(const struct af int af_alg_unregister_type(const struct af_alg_type *type); int af_alg_release(struct socket *sock); -void af_alg_release_parent(struct sock *sk); int af_alg_accept(struct sock *sk, struct socket *newsock); int af_alg_make_sg(struct af_alg_sgl *sgl, void __user *addr, int len, @@ -83,6 +80,11 @@ static inline struct alg_sock *alg_sk(st return (struct alg_sock *)sk; } +static inline void af_alg_release_parent(struct sock *sk) +{ + sock_put(alg_sk(sk)->parent); +} + static inline void af_alg_init_completion(struct af_alg_completion *completion) { init_completion(&completion->completion); Patches currently in stable-queue which might be from gregkh@linuxfoundation.org are queue-3.10/kvm-vmx-disable-pebs-before-a-guest-entry.patch queue-3.10/modules-fix-longstanding-proc-kallsyms-vs-module-insertion-race.patch queue-3.10/iwlwifi-mvm-inc-pending-frames-counter-also-when-txing-non-sta.patch queue-3.10/lib-ucs2_string-add-ucs2-utf8-helper-functions.patch queue-3.10/mac80211-minstrel_ht-set-default-tx-aggregation-timeout-to-0.patch queue-3.10/wext-fix-message-delay-ordering.patch queue-3.10/asoc-wm8958-fix-enum-ctl-accesses-in-a-wrong-type.patch queue-3.10/lib-ucs2_string-correct-ucs2-utf8-conversion.patch queue-3.10/tracing-fix-check-for-cpu-online-when-event-is-disabled.patch queue-3.10/revert-crypto-af_alg-disallow-bind-setkey-...-after-accept-2.patch queue-3.10/asoc-wm8994-fix-enum-ctl-accesses-in-a-wrong-type.patch queue-3.10/kvm-x86-move-steal-time-initialization-to-vcpu-entry-time.patch queue-3.10/efi-do-variable-name-validation-tests-in-utf8.patch queue-3.10/powerpc-fix-dedotify-for-binutils-2.26.patch queue-3.10/efi-make-efivarfs-entries-immutable-by-default.patch queue-3.10/mac80211-fix-use-of-uninitialised-values-in-rx-aggregation.patch queue-3.10/efi-add-pstore-variables-to-the-deletion-whitelist.patch queue-3.10/efi-make-our-variable-validation-list-include-the-guid.patch queue-3.10/efi-use-ucs2_as_utf8-in-efivarfs-instead-of-open-coding-a-bad-version.patch