From: Luis Henriques <luis.henriques@canonical.com>
To: Ondrej Kozina <okozina@redhat.com>
Cc: stable@vger.kernel.org, herbert@gondor.apana.org.au,
gmazyland@gmail.com, linux-crypto@vger.kernel.org
Subject: Re: crypto: algif - avoid excessive use of socket buffer in skcipher
Date: Wed, 12 Nov 2014 11:58:40 +0000 [thread overview]
Message-ID: <20141112115840.GF11111@hercules> (raw)
In-Reply-To: <5460987C.9030007@redhat.com>
On Mon, Nov 10, 2014 at 11:50:36AM +0100, Ondrej Kozina wrote:
> Hello,
>
> could you please add this patch (already landed in 3.18-rc1) to following
> stable kernels:
>
> 3.17.x, 3.14.x, 3.12.x, 3.4.x, 3.2.x?
>
Thank you, I'm also queuing it for the 3.16.
Cheers,
--
Luís
> The bugfix allows usage of crypto API socket on archs with PAGE_SIZE >= 32
> KiB (I have a typo in original changelog).
>
> Some background for the bug (with reproducer and report from users)
> - http://www.mail-archive.com/linux-crypto@vger.kernel.org/msg11787.html
> - http://bugzilla.redhat.com/show_bug.cgi?id=1160289
>
> Thank you
> Ondrej
>
> -------------------
>
> Upstream commit e2cffb5f493a8b431dc87124388ea59b79f0bccb
> Author: Ondrej Kozina <okozina@redhat.com>
> Date: Mon Aug 25 11:49:54 2014 +0200
>
> crypto: algif - avoid excessive use of socket buffer in skcipher
>
> On archs with PAGE_SIZE >= 64 KiB the function skcipher_alloc_sgl()
> fails with -ENOMEM no matter what user space actually requested.
> This is caused by the fact sock_kmalloc call inside the function tried
> to allocate more memory than allowed by the default kernel socket buffer
> size (kernel param net.core.optmem_max).
>
> Signed-off-by: Ondrej Kozina <okozina@redhat.com>
> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
>
> diff --git a/crypto/algif_skcipher.c b/crypto/algif_skcipher.c
> index a19c027..83187f4 100644
> --- a/crypto/algif_skcipher.c
> +++ b/crypto/algif_skcipher.c
> @@ -49,7 +49,7 @@ struct skcipher_ctx {
> struct ablkcipher_request req;
> };
>
> -#define MAX_SGL_ENTS ((PAGE_SIZE - sizeof(struct skcipher_sg_list)) / \
> +#define MAX_SGL_ENTS ((4096 - sizeof(struct skcipher_sg_list)) / \
> sizeof(struct scatterlist) - 1)
>
> static inline int skcipher_sndbuf(struct sock *sk)
> --
> To unsubscribe from this list: send the line "unsubscribe stable" in
> the body of a message to majordomo@vger.kernel.org
> More majordomo info at http://vger.kernel.org/majordomo-info.html
next prev parent reply other threads:[~2014-11-12 11:58 UTC|newest]
Thread overview: 4+ messages / expand[flat|nested] mbox.gz Atom feed top
2014-11-10 10:50 crypto: algif - avoid excessive use of socket buffer in skcipher Ondrej Kozina
2014-11-10 22:11 ` Greg KH
2014-11-12 11:58 ` Luis Henriques [this message]
2014-12-12 5:20 ` Ben Hutchings
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20141112115840.GF11111@hercules \
--to=luis.henriques@canonical.com \
--cc=gmazyland@gmail.com \
--cc=herbert@gondor.apana.org.au \
--cc=linux-crypto@vger.kernel.org \
--cc=okozina@redhat.com \
--cc=stable@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.