From: Mike Snitzer <snitzer@redhat.com>
To: gmazyland@gmail.com
Cc: dm-devel@redhat.com, Dan Carpenter <dan.carpenter@oracle.com>
Subject: Re: [bug report] dm crypt: add cryptographic data integrity protection (authenticated encryption)
Date: Mon, 13 Mar 2017 12:15:59 -0400 [thread overview]
Message-ID: <20170313161558.GA11245@redhat.com> (raw)
In-Reply-To: <20170313160814.GA11174@redhat.com>
On Mon, Mar 13 2017 at 12:08pm -0400,
Mike Snitzer <snitzer@redhat.com> wrote:
> On Mon, Mar 13 2017 at 10:19am -0400,
> Dan Carpenter <dan.carpenter@oracle.com> wrote:
>
> > Hello Milan Broz,
> >
> > This is a semi-automatic email about new static checker warnings.
> >
> > The patch 858516b7881e: "dm crypt: add cryptographic data integrity
> > protection (authenticated encryption)" from Jan 4, 2017, leads to the
> > following Smatch complaint:
> >
> > drivers/md/dm-crypt.c:1390 crypt_alloc_buffer()
> > error: we previously assumed 'clone' could be null (see line 1362)
> >
> > drivers/md/dm-crypt.c
> > 1361 clone = bio_alloc_bioset(GFP_NOIO, nr_iovecs, cc->bs);
> > 1362 if (!clone)
> > ^^^^^^
> > We can be NULL on this path.
> >
> > 1363 goto return_clone;
> > 1364
> > 1365 clone_init(io, clone);
> > 1366
> > 1367 remaining_size = size;
> > 1368
> > 1369 for (i = 0; i < nr_iovecs; i++) {
> > 1370 page = mempool_alloc(cc->page_pool, gfp_mask);
> > 1371 if (!page) {
> > 1372 crypt_free_buffer_pages(cc, clone);
> > 1373 bio_put(clone);
> > 1374 gfp_mask |= __GFP_DIRECT_RECLAIM;
> > 1375 goto retry;
> > 1376 }
> > 1377
> > 1378 len = (remaining_size > PAGE_SIZE) ? PAGE_SIZE : remaining_size;
> > 1379
> > 1380 bio_add_page(clone, page, len, 0);
> > 1381
> > 1382 remaining_size -= len;
> > 1383 }
> > 1384
> > 1385 return_clone:
> > 1386 if (unlikely(gfp_mask & __GFP_DIRECT_RECLAIM))
> > 1387 mutex_unlock(&cc->bio_alloc_lock);
> > 1388
> > 1389 /* Allocate space for integrity tags */
> > 1390 if (dm_crypt_integrity_io_alloc(io, clone)) {
> > ^^^^^
> > Oops inside new function call.
> >
> > 1391 crypt_free_buffer_pages(cc, clone);
> > 1392 bio_put(clone);
>
> Thanks for the report. This code makes no sense as is.
>
> Milan, please help me understand why you're allocating memory needed for
> integrity tags in this 'return_clone' error path.
I folded in a fix for this, Milan please review crypt_alloc_buffer()
changes in this revised commit:
https://git.kernel.org/pub/scm/linux/kernel/git/device-mapper/linux-dm.git/commit/?h=dm-4.12&id=8896496efaef45ca1a734782a8d7f9082299fa5d
next prev parent reply other threads:[~2017-03-13 16:15 UTC|newest]
Thread overview: 4+ messages / expand[flat|nested] mbox.gz Atom feed top
2017-03-13 14:19 [bug report] dm crypt: add cryptographic data integrity protection (authenticated encryption) Dan Carpenter
2017-03-13 16:08 ` Mike Snitzer
2017-03-13 16:15 ` Mike Snitzer [this message]
2017-03-14 16:47 ` Milan Broz
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20170313161558.GA11245@redhat.com \
--to=snitzer@redhat.com \
--cc=dan.carpenter@oracle.com \
--cc=dm-devel@redhat.com \
--cc=gmazyland@gmail.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.