From: Marcelo Henrique Cerri <marcelo.cerri@canonical.com>
To: Christophe LEROY <christophe.leroy@c-s.fr>
Cc: "Ondrej Mosnáček" <omosnacek@gmail.com>,
"Stephan Mueller" <smueller@chronox.de>,
linux-crypto@vger.kernel.org,
"Herbert Xu" <herbert@gondor.apana.org.au>,
"Benjamin Herrenschmidt" <benh@kernel.crashing.org>,
"Paul Mackerras" <paulus@samba.org>,
"Michael Ellerman" <mpe@ellerman.id.au>,
"linuxppc-dev@lists.ozlabs.org" <linuxppc-dev@lists.ozlabs.org>,
"Paulo Flabiano Smorigo" <pfsmorigo@linux.vnet.ibm.com>
Subject: Re: BUG: libkcapi tests trigger sleep-in-atomic bug in VMX code (ppc64)
Date: Tue, 21 Aug 2018 12:12:00 -0300 [thread overview]
Message-ID: <20180821151200.GD28751@gallifrey> (raw)
In-Reply-To: <708f0ba5-6ce2-19e6-1269-ea9a14090694@c-s.fr>
[-- Attachment #1: Type: text/plain, Size: 2770 bytes --]
CC: Paulo Flabiano Smorigo <pfsmorigo@linux.vnet.ibm.com>
Yes, I do believe that CTR is doing it right. Preemption only needs to be
disabled during the aes_p8_cbc_encrypt() call, to avoid trashing the
VSX registers during the AES operation.
--
Regards,
Marcelo
On Tue, Aug 21, 2018 at 05:03:50PM +0200, Christophe LEROY wrote:
>
>
> Le 21/08/2018 à 16:38, Ondrej Mosnáček a écrit :
> > ut 21. 8. 2018 o 16:18 Stephan Mueller <smueller@chronox.de> napísal(a):
> > > Am Dienstag, 21. August 2018, 14:48:11 CEST schrieb Ondrej Mosnáček:
> > >
> > > Hi Ondrej, Marcelo,
> > >
> > > (+Marcelo)
> > >
> > > > Looking at crypto/algif_skcipher.c, I can see that skcipher_recvmsg()
> > > > holds the socket lock the whole time and yet passes
> > > > CRYPTO_TFM_REQ_MAY_SLEEP to the cipher implementation. Isn't that
> > > > wrong?
> > >
> > > I think you are referring to lock_sock(sk)?
> > >
> > > If so, this should not be the culprit: the socket lock is in essence a mutex-
> > > like operation with its own wait queue that it allowed to sleep. In
> > > lock_sock_nested that is called by lock_sock it even has the call of
> > > might_sleep which indicates that the caller may be put to sleep.
> > >
> > > Looking into the code (without too much debugging) I see in the function
> > > p8_aes_cbc_encrypt that is part of the stack trace the call to
> > > preempt_disable() which starts an atomic context. The preempt_enable() is
> > > invoked after the walk operation.
> > >
> > > The preempt_disable increases the preempt_count. That counter is used by
> > > in_atomic() to check whether we are in atomic context.
> > >
> > > The issue is that blkcipher_walk_done may call crypto_yield() which then
> > > invokes cond_resched if the implementation is allowed to sleep.
> >
> > Indeed, you're right, the issue is actually in the vmx_crypto code. I
> > remember having looked at the 'ctr(aes)' implementation in there a few
> > days ago (I think I was trying to debug this very issue, but for some
> > reason I only looked at ctr(aes)...) and I didn't find any bug, so
> > that's why I jumped to suspecting the algif_skcipher code... I should
> > have double-checked :)
> >
> > It turns out the 'cbc(aes)' (and actually also 'xts(aes)')
> > implementation is coded a bit differently and they both *do* contain
> > the sleep-in-atomic bug. I will try to fix them according to the
> > correct CTR implementation and send a patch.
>
> CC: linuxppc-dev@lists.ozlabs.org <linuxppc-dev@lists.ozlabs.org>
>
> >
> > Thanks,
> > Ondrej
> >
> > > @Marcelo: shouldn't be the sleep flag be cleared when entering the
> > > preempt_disable section?
> > >
> > > Ciao
> > > Stephan
> > >
> > >
[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 488 bytes --]
next prev parent reply other threads:[~2018-08-21 15:12 UTC|newest]
Thread overview: 11+ messages / expand[flat|nested] mbox.gz Atom feed top
[not found] <CAAUqJDvErj0Y4=GBtXgvBRON7MEic7_-jBZNvjacwcOd0TF_2g@mail.gmail.com>
[not found] ` <3627129.cWTIy1uDMC@tauon.chronox.de>
[not found] ` <CAAUqJDt_y04ts7Aq0U0fhXYRus2ckkEohBTkga0pjqfoQaBOCA@mail.gmail.com>
2018-08-21 15:03 ` BUG: libkcapi tests trigger sleep-in-atomic bug in VMX code (ppc64) Christophe LEROY
2018-08-21 15:12 ` Marcelo Henrique Cerri [this message]
[not found] ` <20180821151623.26061-1-omosnace@redhat.com>
2018-08-21 15:24 ` [PATCH] crypto: vmx - Fix sleep-in-atomic bugs Ondrej Mosnáček
2018-08-21 16:41 ` Marcelo Henrique Cerri
2018-08-22 6:05 ` Ondrej Mosnáček
2018-08-22 6:26 ` [PATCH v2] " Ondrej Mosnacek
2018-08-23 0:04 ` Marcelo Henrique Cerri
2018-08-23 20:34 ` Paulo Flabiano Smorigo
2018-08-24 19:47 ` Paulo Flabiano Smorigo
2018-08-24 20:01 ` Ondrej Mosnacek
2018-08-25 13:28 ` Herbert Xu
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20180821151200.GD28751@gallifrey \
--to=marcelo.cerri@canonical.com \
--cc=benh@kernel.crashing.org \
--cc=christophe.leroy@c-s.fr \
--cc=herbert@gondor.apana.org.au \
--cc=linux-crypto@vger.kernel.org \
--cc=linuxppc-dev@lists.ozlabs.org \
--cc=mpe@ellerman.id.au \
--cc=omosnacek@gmail.com \
--cc=paulus@samba.org \
--cc=pfsmorigo@linux.vnet.ibm.com \
--cc=smueller@chronox.de \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).