* [PATCH] crypto: krb5enc - fix async decrypt skipping hash verification
@ 2026-04-16 13:54 Dudu Lu
2026-04-17 8:48 ` Herbert Xu
0 siblings, 1 reply; 2+ messages in thread
From: Dudu Lu @ 2026-04-16 13:54 UTC (permalink / raw)
To: linux-crypto; +Cc: herbert, Dudu Lu
krb5enc_dispatch_decrypt() sets req->base.complete as the skcipher
callback, which is the caller's own completion handler. When the
skcipher completes asynchronously, this signals "done" to the caller
without executing krb5enc_dispatch_decrypt_hash(), completely bypassing
the integrity verification (hash check).
Compare with the encrypt path which correctly uses
krb5enc_encrypt_done as an intermediate callback to chain into the
hash computation on async completion.
Fix by adding krb5enc_decrypt_done as an intermediate callback that
chains into krb5enc_dispatch_decrypt_hash() upon async skcipher
completion, matching the encrypt path's callback pattern. Handle
both -EINPROGRESS and -EBUSY notifications from backlogged requests,
consistent with authenc's authenc_request_complete(). Also fix
krb5enc_request_complete() to filter -EBUSY in addition to
-EINPROGRESS, matching the authenc reference implementation.
Fixes: d1775a177f7f ("crypto: Add 'krb5enc' hash and cipher AEAD algorithm")
Signed-off-by: Dudu Lu <phx0fer@gmail.com>
---
crypto/krb5enc.c | 22 ++++++++++++++++++++--
1 file changed, 20 insertions(+), 2 deletions(-)
diff --git a/crypto/krb5enc.c b/crypto/krb5enc.c
index a1de55994d92..2490343873a9 100644
--- a/crypto/krb5enc.c
+++ b/crypto/krb5enc.c
@@ -41,7 +41,7 @@ struct krb5enc_request_ctx {
static void krb5enc_request_complete(struct aead_request *req, int err)
{
- if (err != -EINPROGRESS)
+ if (err != -EINPROGRESS && err != -EBUSY)
aead_request_complete(req, err);
}
@@ -300,6 +300,24 @@ static int krb5enc_dispatch_decrypt_hash(struct aead_request *req)
return krb5enc_verify_hash(req);
}
+static void krb5enc_decrypt_done(void *data, int err)
+{
+ struct aead_request *req = data;
+
+ if (err == -EINPROGRESS || err == -EBUSY)
+ return krb5enc_request_complete(req, err);
+
+ if (err)
+ goto out;
+
+ err = krb5enc_dispatch_decrypt_hash(req);
+ if (err == -EINPROGRESS || err == -EBUSY)
+ return;
+
+out:
+ aead_request_complete(req, err);
+}
+
/*
* Dispatch the decryption of the ciphertext.
*/
@@ -323,7 +341,7 @@ static int krb5enc_dispatch_decrypt(struct aead_request *req)
skcipher_request_set_tfm(skreq, ctx->enc);
skcipher_request_set_callback(skreq, aead_request_flags(req),
- req->base.complete, req->base.data);
+ krb5enc_decrypt_done, req);
skcipher_request_set_crypt(skreq, src, dst,
req->cryptlen - authsize, req->iv);
--
2.39.3 (Apple Git-145)
^ permalink raw reply related [flat|nested] 2+ messages in thread
* Re: [PATCH] crypto: krb5enc - fix async decrypt skipping hash verification
2026-04-16 13:54 [PATCH] crypto: krb5enc - fix async decrypt skipping hash verification Dudu Lu
@ 2026-04-17 8:48 ` Herbert Xu
0 siblings, 0 replies; 2+ messages in thread
From: Herbert Xu @ 2026-04-17 8:48 UTC (permalink / raw)
To: Dudu Lu; +Cc: linux-crypto
On Thu, Apr 16, 2026 at 09:54:24PM +0800, Dudu Lu wrote:
>
> diff --git a/crypto/krb5enc.c b/crypto/krb5enc.c
> index a1de55994d92..2490343873a9 100644
> --- a/crypto/krb5enc.c
> +++ b/crypto/krb5enc.c
> @@ -41,7 +41,7 @@ struct krb5enc_request_ctx {
>
> static void krb5enc_request_complete(struct aead_request *req, int err)
> {
> - if (err != -EINPROGRESS)
> + if (err != -EINPROGRESS && err != -EBUSY)
This shouldn't filter anything out. The filtering needs to occur
further up the call stack. In fact just get rid of it and use
aead_request_complete directly.
The encrypt path is just as broken as the decrypt path and
needs to be fixed accordingly to filter out EBUSY/EINPROGRESS.
In particular, this should be done in krb5enc_encrypt_ahash_done.
Currently it's only filtering out EINPROGRESS.
> +static void krb5enc_decrypt_done(void *data, int err)
> +{
> + struct aead_request *req = data;
> +
> + if (err == -EINPROGRESS || err == -EBUSY)
> + return krb5enc_request_complete(req, err);
EINPROGRESS should always get passed up here because it means
that we originally returned an EBUSY and the caller is potentially
blocking on this notification.
EBUSY cannot occur in the context of the callback so there is no
need to check for it.
So this should simply become
if (err)
goto out;
> + err = krb5enc_dispatch_decrypt_hash(req);
> + if (err == -EINPROGRESS || err == -EBUSY)
> + return;
This is the only place where EBUSY needs to be checked.
Thanks,
--
Email: Herbert Xu <herbert@gondor.apana.org.au>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt
^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2026-04-17 8:48 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2026-04-16 13:54 [PATCH] crypto: krb5enc - fix async decrypt skipping hash verification Dudu Lu
2026-04-17 8:48 ` Herbert Xu
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox