From: Patrick McHardy <kaber@trash.net>
To: linux-crypto@vger.kernel.org
Cc: Evgeniy Polyakov <johnpol@2ka.mipt.ru>
Subject: HIFN+IPsec crashes in current -git
Date: Wed, 13 Feb 2008 14:17:45 +0100 [thread overview]
Message-ID: <47B2EDF9.6020900@trash.net> (raw)
I'm getting crashes when using HIFN and IPsec (ESP with
AES + MD5) in the current -git tree. I didn't capture the
Oops, but there seem to be a number of problems:
- hifn_setup_session walks over the scatterlist, subtracting
the scatterlist element size from nbytes until nbytes
reaches zero. In my case nbytes is 12 byte smaller than
the scatterlist, so nbytes underflows and it oopses when
walking over the of the scatterlist.
- similar problem in ablkcipher_walk
- After adding a hack to only walk the correct amount of
bytes, I got another crash because the return value
of ablkcipher_walk is not checked for errors, which
can cause sg_num to take a very large value.
- After adding more hacks to work around the crash,
I got "bad page state" on resume and a refcount
underflow in dst_release() called by xfrm_input(),
but that may very well be caused by my hacks.
I couldn't figure out where in the crypto code the
nbytes decrement by 12 bytes compared to the length
seen when setting up the crypto operation happens
or I might have tried to properly fix it myself.
I'll happily test patches in case someone more
familiar with the code does a proper fix.
next reply other threads:[~2008-02-13 13:17 UTC|newest]
Thread overview: 28+ messages / expand[flat|nested] mbox.gz Atom feed top
2008-02-13 13:17 Patrick McHardy [this message]
2008-02-13 14:44 ` HIFN+IPsec crashes in current -git Evgeniy Polyakov
2008-02-14 9:30 ` Evgeniy Polyakov
2008-02-19 16:10 ` Patrick McHardy
2008-02-19 16:14 ` Patrick McHardy
2008-02-19 6:23 ` Herbert Xu
2008-02-19 16:27 ` Patrick McHardy
2008-02-20 0:53 ` Herbert Xu
2008-02-20 12:33 ` Patrick McHardy
2008-02-20 13:19 ` Evgeniy Polyakov
2008-02-20 17:29 ` Herbert Xu
2008-02-20 17:26 ` Herbert Xu
2008-02-21 9:10 ` Evgeniy Polyakov
2008-02-21 14:10 ` Herbert Xu
2008-02-21 14:18 ` Evgeniy Polyakov
2008-02-21 14:20 ` Patrick McHardy
2008-02-21 14:37 ` Evgeniy Polyakov
2008-02-21 14:41 ` Patrick McHardy
2008-02-21 15:29 ` Patrick McHardy
2008-02-21 15:31 ` Patrick McHardy
2008-02-22 12:42 ` Evgeniy Polyakov
2008-02-22 13:53 ` Patrick McHardy
2008-02-22 2:27 ` Test AES-CCM mode via IPSec (NETKEY) Loc Ho
2008-02-22 5:45 ` Herbert Xu
2008-03-13 17:34 ` Loc Ho
2008-03-14 1:12 ` Herbert Xu
2008-04-04 22:37 ` Joy Latten
2008-04-04 23:08 ` Loc Ho
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=47B2EDF9.6020900@trash.net \
--to=kaber@trash.net \
--cc=johnpol@2ka.mipt.ru \
--cc=linux-crypto@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox