crypto: algif - avoid excessive use of socket buffer in skcipher

crypto: algif - avoid excessive use of socket buffer in skcipher

[Ondrej Kozina]

Hello,

could you please add this patch (already landed in 3.18-rc1) to 
following stable kernels:

3.17.x, 3.14.x, 3.12.x, 3.4.x, 3.2.x?

The bugfix allows usage of crypto API socket on archs with PAGE_SIZE >= 
32 KiB (I have a typo in original changelog).

Some background for the bug (with reproducer and report from users)
- http://www.mail-archive.com/linux-crypto@vger.kernel.org/msg11787.html
- http://bugzilla.redhat.com/show_bug.cgi?id=1160289

Thank you
Ondrej

-------------------

Upstream commit e2cffb5f493a8b431dc87124388ea59b79f0bccb
Author: Ondrej Kozina <okozina@redhat.com>
Date:   Mon Aug 25 11:49:54 2014 +0200

     crypto: algif - avoid excessive use of socket buffer in skcipher

     On archs with PAGE_SIZE >= 64 KiB the function skcipher_alloc_sgl()
     fails with -ENOMEM no matter what user space actually requested.
     This is caused by the fact sock_kmalloc call inside the function tried
     to allocate more memory than allowed by the default kernel socket 
buffer
     size (kernel param net.core.optmem_max).

     Signed-off-by: Ondrej Kozina <okozina@redhat.com>
     Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>

diff --git a/crypto/algif_skcipher.c b/crypto/algif_skcipher.c
index a19c027..83187f4 100644
--- a/crypto/algif_skcipher.c
+++ b/crypto/algif_skcipher.c
@@ -49,7 +49,7 @@ struct skcipher_ctx {
  	struct ablkcipher_request req;
  };

-#define MAX_SGL_ENTS ((PAGE_SIZE - sizeof(struct skcipher_sg_list)) / \
+#define MAX_SGL_ENTS ((4096 - sizeof(struct skcipher_sg_list)) / \
  		      sizeof(struct scatterlist) - 1)

  static inline int skcipher_sndbuf(struct sock *sk)

Re: crypto: algif - avoid excessive use of socket buffer in skcipher

[Greg KH]

On Mon, Nov 10, 2014 at 11:50:36AM +0100, Ondrej Kozina wrote:
> Hello,
> 
> could you please add this patch (already landed in 3.18-rc1) to following
> stable kernels:
> 
> 3.17.x, 3.14.x, 3.12.x, 3.4.x, 3.2.x?
> 
> The bugfix allows usage of crypto API socket on archs with PAGE_SIZE >= 32
> KiB (I have a typo in original changelog).
> 
> Some background for the bug (with reproducer and report from users)
> - http://www.mail-archive.com/linux-crypto@vger.kernel.org/msg11787.html
> - http://bugzilla.redhat.com/show_bug.cgi?id=1160289

Now applied to .17, .14, and .10-stable kernels, thanks.

greg k-h

Re: crypto: algif - avoid excessive use of socket buffer in skcipher

[Luis Henriques]

On Mon, Nov 10, 2014 at 11:50:36AM +0100, Ondrej Kozina wrote:
> Hello,
> 
> could you please add this patch (already landed in 3.18-rc1) to following
> stable kernels:
> 
> 3.17.x, 3.14.x, 3.12.x, 3.4.x, 3.2.x?
> 

Thank you, I'm also queuing it for the 3.16.

Cheers,
--
Luís

> The bugfix allows usage of crypto API socket on archs with PAGE_SIZE >= 32
> KiB (I have a typo in original changelog).
> 
> Some background for the bug (with reproducer and report from users)
> - http://www.mail-archive.com/linux-crypto@vger.kernel.org/msg11787.html
> - http://bugzilla.redhat.com/show_bug.cgi?id=1160289
> 
> Thank you
> Ondrej
> 
> -------------------
> 
> Upstream commit e2cffb5f493a8b431dc87124388ea59b79f0bccb
> Author: Ondrej Kozina <okozina@redhat.com>
> Date:   Mon Aug 25 11:49:54 2014 +0200
> 
>     crypto: algif - avoid excessive use of socket buffer in skcipher
> 
>     On archs with PAGE_SIZE >= 64 KiB the function skcipher_alloc_sgl()
>     fails with -ENOMEM no matter what user space actually requested.
>     This is caused by the fact sock_kmalloc call inside the function tried
>     to allocate more memory than allowed by the default kernel socket buffer
>     size (kernel param net.core.optmem_max).
> 
>     Signed-off-by: Ondrej Kozina <okozina@redhat.com>
>     Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
> 
> diff --git a/crypto/algif_skcipher.c b/crypto/algif_skcipher.c
> index a19c027..83187f4 100644
> --- a/crypto/algif_skcipher.c
> +++ b/crypto/algif_skcipher.c
> @@ -49,7 +49,7 @@ struct skcipher_ctx {
>  	struct ablkcipher_request req;
>  };
> 
> -#define MAX_SGL_ENTS ((PAGE_SIZE - sizeof(struct skcipher_sg_list)) / \
> +#define MAX_SGL_ENTS ((4096 - sizeof(struct skcipher_sg_list)) / \
>  		      sizeof(struct scatterlist) - 1)
> 
>  static inline int skcipher_sndbuf(struct sock *sk)
> --
> To unsubscribe from this list: send the line "unsubscribe stable" in
> the body of a message to majordomo@vger.kernel.org
> More majordomo info at  http://vger.kernel.org/majordomo-info.html

Re: crypto: algif - avoid excessive use of socket buffer in skcipher

[Ben Hutchings]

[-- Attachment #1: Type: text/plain, Size: 764 bytes --]

On Mon, 2014-11-10 at 11:50 +0100, Ondrej Kozina wrote:
> Hello,
> 
> could you please add this patch (already landed in 3.18-rc1) to 
> following stable kernels:
> 
> 3.17.x, 3.14.x, 3.12.x, 3.4.x, 3.2.x?
> 
> The bugfix allows usage of crypto API socket on archs with PAGE_SIZE >= 
> 32 KiB (I have a typo in original changelog).
> 
> Some background for the bug (with reproducer and report from users)
> - http://www.mail-archive.com/linux-crypto@vger.kernel.org/msg11787.html
> - http://bugzilla.redhat.com/show_bug.cgi?id=1160289
[...]

I've queued this up for 3.2, thanks.

Ben.

-- 
Ben Hutchings
Kids!  Bringing about Armageddon can be dangerous.  Do not attempt it in
your own home. - Terry Pratchett and Neil Gaiman, `Good Omens'

[-- Attachment #2: This is a digitally signed message part --]
[-- Type: application/pgp-signature, Size: 811 bytes --]