From: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
To: linux-kernel@vger.kernel.org
Cc: Greg Kroah-Hartman <gregkh@linuxfoundation.org>,
stable@vger.kernel.org, Harsh Jain <harsh@chelsio.com>,
Herbert Xu <herbert@gondor.apana.org.au>
Subject: [PATCH 4.4 046/104] crypto: authencesn - Avoid twice completion call in decrypt path
Date: Thu, 24 Jan 2019 20:19:35 +0100 [thread overview]
Message-ID: <20190124190200.627649246@linuxfoundation.org> (raw)
In-Reply-To: <20190124190154.968308875@linuxfoundation.org>
4.4-stable review patch. If anyone has any objections, please let me know.
------------------
From: Harsh Jain <harsh@chelsio.com>
commit a7773363624b034ab198c738661253d20a8055c2 upstream.
Authencesn template in decrypt path unconditionally calls aead_request_complete
after ahash_verify which leads to following kernel panic in after decryption.
[ 338.539800] BUG: unable to handle kernel NULL pointer dereference at 0000000000000004
[ 338.548372] PGD 0 P4D 0
[ 338.551157] Oops: 0000 [#1] SMP PTI
[ 338.554919] CPU: 0 PID: 0 Comm: swapper/0 Kdump: loaded Tainted: G W I 4.19.7+ #13
[ 338.564431] Hardware name: Supermicro X8ST3/X8ST3, BIOS 2.0 07/29/10
[ 338.572212] RIP: 0010:esp_input_done2+0x350/0x410 [esp4]
[ 338.578030] Code: ff 0f b6 68 10 48 8b 83 c8 00 00 00 e9 8e fe ff ff 8b 04 25 04 00 00 00 83 e8 01 48 98 48 8b 3c c5 10 00 00 00 e9 f7 fd ff ff <8b> 04 25 04 00 00 00 83 e8 01 48 98 4c 8b 24 c5 10 00 00 00 e9 3b
[ 338.598547] RSP: 0018:ffff911c97803c00 EFLAGS: 00010246
[ 338.604268] RAX: 0000000000000002 RBX: ffff911c4469ee00 RCX: 0000000000000000
[ 338.612090] RDX: 0000000000000000 RSI: 0000000000000130 RDI: ffff911b87c20400
[ 338.619874] RBP: 0000000000000000 R08: ffff911b87c20498 R09: 000000000000000a
[ 338.627610] R10: 0000000000000001 R11: 0000000000000004 R12: 0000000000000000
[ 338.635402] R13: ffff911c89590000 R14: ffff911c91730000 R15: 0000000000000000
[ 338.643234] FS: 0000000000000000(0000) GS:ffff911c97800000(0000) knlGS:0000000000000000
[ 338.652047] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 338.658299] CR2: 0000000000000004 CR3: 00000001ec20a000 CR4: 00000000000006f0
[ 338.666382] Call Trace:
[ 338.669051] <IRQ>
[ 338.671254] esp_input_done+0x12/0x20 [esp4]
[ 338.675922] chcr_handle_resp+0x3b5/0x790 [chcr]
[ 338.680949] cpl_fw6_pld_handler+0x37/0x60 [chcr]
[ 338.686080] chcr_uld_rx_handler+0x22/0x50 [chcr]
[ 338.691233] uldrx_handler+0x8c/0xc0 [cxgb4]
[ 338.695923] process_responses+0x2f0/0x5d0 [cxgb4]
[ 338.701177] ? bitmap_find_next_zero_area_off+0x3a/0x90
[ 338.706882] ? matrix_alloc_area.constprop.7+0x60/0x90
[ 338.712517] ? apic_update_irq_cfg+0x82/0xf0
[ 338.717177] napi_rx_handler+0x14/0xe0 [cxgb4]
[ 338.722015] net_rx_action+0x2aa/0x3e0
[ 338.726136] __do_softirq+0xcb/0x280
[ 338.730054] irq_exit+0xde/0xf0
[ 338.733504] do_IRQ+0x54/0xd0
[ 338.736745] common_interrupt+0xf/0xf
Fixes: 104880a6b470 ("crypto: authencesn - Convert to new AEAD...")
Signed-off-by: Harsh Jain <harsh@chelsio.com>
Cc: stable@vger.kernel.org
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
---
crypto/authencesn.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
--- a/crypto/authencesn.c
+++ b/crypto/authencesn.c
@@ -276,7 +276,7 @@ static void authenc_esn_verify_ahash_don
struct aead_request *req = areq->data;
err = err ?: crypto_authenc_esn_decrypt_tail(req, 0);
- aead_request_complete(req, err);
+ authenc_esn_request_complete(req, err);
}
static int crypto_authenc_esn_decrypt(struct aead_request *req)
next prev parent reply other threads:[~2019-01-24 19:27 UTC|newest]
Thread overview: 111+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-01-24 19:18 [PATCH 4.4 000/104] 4.4.172-stable review Greg Kroah-Hartman
2019-01-24 19:18 ` [PATCH 4.4 001/104] tty/ldsem: Wake up readers after timed out down_write() Greg Kroah-Hartman
2019-01-24 19:18 ` [PATCH 4.4 002/104] can: gw: ensure DLC boundaries after CAN frame modification Greg Kroah-Hartman
2019-01-24 19:18 ` [PATCH 4.4 003/104] f2fs: clean up argument of recover_data Greg Kroah-Hartman
2019-01-24 19:18 ` [PATCH 4.4 004/104] f2fs: cover more area with nat_tree_lock Greg Kroah-Hartman
2019-01-24 19:18 ` [PATCH 4.4 005/104] f2fs: move sanity checking of cp into get_valid_checkpoint Greg Kroah-Hartman
2019-01-24 19:18 ` [PATCH 4.4 006/104] f2fs: fix to convert inline directory correctly Greg Kroah-Hartman
2019-01-24 19:18 ` [PATCH 4.4 007/104] f2fs: give -EINVAL for norecovery and rw mount Greg Kroah-Hartman
2019-01-24 19:18 ` [PATCH 4.4 008/104] f2fs: remove an obsolete variable Greg Kroah-Hartman
2019-01-24 19:18 ` [PATCH 4.4 009/104] f2fs: factor out fsync inode entry operations Greg Kroah-Hartman
2019-01-24 19:18 ` [PATCH 4.4 010/104] f2fs: fix inode cache leak Greg Kroah-Hartman
2019-01-24 19:19 ` [PATCH 4.4 011/104] f2fs: fix to avoid reading out encrypted data in page cache Greg Kroah-Hartman
2019-01-24 19:19 ` [PATCH 4.4 012/104] f2fs: not allow to write illegal blkaddr Greg Kroah-Hartman
2019-01-24 19:19 ` [PATCH 4.4 013/104] f2fs: avoid unneeded loop in build_sit_entries Greg Kroah-Hartman
2019-01-24 19:19 ` [PATCH 4.4 014/104] f2fs: use crc and cp version to determine roll-forward recovery Greg Kroah-Hartman
2019-01-24 19:19 ` [PATCH 4.4 015/104] f2fs: introduce get_checkpoint_version for cleanup Greg Kroah-Hartman
2019-01-24 19:19 ` [PATCH 4.4 016/104] f2fs: put directory inodes before checkpoint in roll-forward recovery Greg Kroah-Hartman
2019-01-24 19:19 ` [PATCH 4.4 017/104] f2fs: fix to determine start_cp_addr by sbi->cur_cp_pack Greg Kroah-Hartman
2019-01-24 19:19 ` [PATCH 4.4 018/104] f2fs: detect wrong layout Greg Kroah-Hartman
2019-01-24 19:19 ` [PATCH 4.4 019/104] f2fs: free meta pages if sanity check for ckpt is failed Greg Kroah-Hartman
2019-01-24 19:19 ` [PATCH 4.4 020/104] f2fs: fix race condition in between free nid allocator/initializer Greg Kroah-Hartman
2019-01-24 19:19 ` [PATCH 4.4 021/104] f2fs: return error during fill_super Greg Kroah-Hartman
2019-01-24 19:19 ` [PATCH 4.4 022/104] f2fs: check blkaddr more accuratly before issue a bio Greg Kroah-Hartman
2019-01-24 19:19 ` [PATCH 4.4 023/104] f2fs: sanity check on sit entry Greg Kroah-Hartman
2019-01-24 19:19 ` [PATCH 4.4 024/104] f2fs: enhance sanity_check_raw_super() to avoid potential overflow Greg Kroah-Hartman
2019-01-24 19:19 ` [PATCH 4.4 025/104] f2fs: clean up with is_valid_blkaddr() Greg Kroah-Hartman
2019-01-24 19:19 ` [PATCH 4.4 026/104] f2fs: introduce and spread verify_blkaddr Greg Kroah-Hartman
2019-01-24 19:19 ` [PATCH 4.4 027/104] f2fs: fix to do sanity check with secs_per_zone Greg Kroah-Hartman
2019-01-24 19:19 ` [PATCH 4.4 028/104] f2fs: fix to do sanity check with user_block_count Greg Kroah-Hartman
2019-01-24 19:19 ` [PATCH 4.4 029/104] f2fs: Add sanity_check_inode() function Greg Kroah-Hartman
2019-01-24 19:19 ` [PATCH 4.4 030/104] f2fs: fix to do sanity check with node footer and iblocks Greg Kroah-Hartman
2019-01-24 19:19 ` [PATCH 4.4 031/104] f2fs: fix to do sanity check with reserved blkaddr of inline inode Greg Kroah-Hartman
2019-01-24 19:19 ` [PATCH 4.4 032/104] f2fs: fix to do sanity check with block address in main area Greg Kroah-Hartman
2019-01-24 19:19 ` [PATCH 4.4 033/104] f2fs: fix to do sanity check with block address in main area v2 Greg Kroah-Hartman
2019-01-24 19:19 ` [PATCH 4.4 034/104] f2fs: fix to do sanity check with cp_pack_start_sum Greg Kroah-Hartman
2019-01-24 19:19 ` [PATCH 4.4 035/104] f2fs: fix invalid memory access Greg Kroah-Hartman
2019-01-24 19:19 ` [PATCH 4.4 036/104] f2fs: fix missing up_read Greg Kroah-Hartman
2019-01-24 19:19 ` [PATCH 4.4 037/104] f2fs: fix validation of the block count in sanity_check_raw_super Greg Kroah-Hartman
2019-01-24 19:19 ` [PATCH 4.4 038/104] media: em28xx: Fix misplaced reset of dev->v4l::field_count Greg Kroah-Hartman
2019-01-24 19:19 ` [PATCH 4.4 039/104] proc: Remove empty line in /proc/self/status Greg Kroah-Hartman
2019-01-24 19:19 ` [PATCH 4.4 040/104] arm64/kvm: consistently handle host HCR_EL2 flags Greg Kroah-Hartman
2019-01-24 19:19 ` [PATCH 4.4 041/104] arm64: Dont trap host pointer auth use to EL2 Greg Kroah-Hartman
2019-01-24 19:19 ` [PATCH 4.4 042/104] ipv6: fix kernel-infoleak in ipv6_local_error() Greg Kroah-Hartman
2019-01-24 19:19 ` [PATCH 4.4 043/104] net: bridge: fix a bug on using a neighbour cache entry without checking its state Greg Kroah-Hartman
2019-01-24 19:19 ` [PATCH 4.4 044/104] packet: Do not leak dev refcounts on error exit Greg Kroah-Hartman
2019-01-24 19:19 ` [PATCH 4.4 045/104] ip: on queued skb use skb_header_pointer instead of pskb_may_pull Greg Kroah-Hartman
2019-01-24 19:19 ` Greg Kroah-Hartman [this message]
2019-01-24 19:19 ` [PATCH 4.4 047/104] crypto: authenc - fix parsing key with misaligned rta_len Greg Kroah-Hartman
2019-01-24 19:19 ` [PATCH 4.4 048/104] btrfs: wait on ordered extents on abort cleanup Greg Kroah-Hartman
2019-01-24 19:19 ` [PATCH 4.4 049/104] Yama: Check for pid death before checking ancestry Greg Kroah-Hartman
2019-01-24 19:19 ` [PATCH 4.4 050/104] scsi: sd: Fix cache_type_store() Greg Kroah-Hartman
2019-01-24 19:19 ` [PATCH 4.4 051/104] mips: fix n32 compat_ipc_parse_version Greg Kroah-Hartman
2019-01-24 19:19 ` [PATCH 4.4 052/104] mfd: tps6586x: Handle interrupts on suspend Greg Kroah-Hartman
2019-01-24 19:19 ` [PATCH 4.4 053/104] Disable MSI also when pcie-octeon.pcie_disable on Greg Kroah-Hartman
2019-01-24 19:19 ` [PATCH 4.4 054/104] omap2fb: Fix stack memory disclosure Greg Kroah-Hartman
2019-01-24 19:19 ` [PATCH 4.4 055/104] media: vivid: fix error handling of kthread_run Greg Kroah-Hartman
2019-01-24 19:19 ` [PATCH 4.4 056/104] media: vivid: set min width/height to a value > 0 Greg Kroah-Hartman
2019-01-24 19:19 ` [PATCH 4.4 057/104] LSM: Check for NULL cred-security on free Greg Kroah-Hartman
2019-01-24 19:19 ` [PATCH 4.4 058/104] media: vb2: vb2_mmap: move lock up Greg Kroah-Hartman
2019-01-24 19:19 ` [PATCH 4.4 059/104] sunrpc: handle ENOMEM in rpcb_getport_async Greg Kroah-Hartman
2019-01-24 19:19 ` [PATCH 4.4 060/104] selinux: fix GPF on invalid policy Greg Kroah-Hartman
2019-01-24 19:19 ` [PATCH 4.4 061/104] sctp: allocate sctp_sockaddr_entry with kzalloc Greg Kroah-Hartman
2019-01-24 19:19 ` [PATCH 4.4 062/104] tipc: fix uninit-value in tipc_nl_compat_link_reset_stats Greg Kroah-Hartman
2019-01-24 19:19 ` [PATCH 4.4 063/104] tipc: fix uninit-value in tipc_nl_compat_bearer_enable Greg Kroah-Hartman
2019-01-24 19:19 ` [PATCH 4.4 064/104] tipc: fix uninit-value in tipc_nl_compat_link_set Greg Kroah-Hartman
2019-01-24 19:19 ` [PATCH 4.4 065/104] tipc: fix uninit-value in tipc_nl_compat_name_table_dump Greg Kroah-Hartman
2019-01-24 19:19 ` [PATCH 4.4 066/104] tipc: fix uninit-value in tipc_nl_compat_doit Greg Kroah-Hartman
2019-01-24 19:19 ` [PATCH 4.4 067/104] block/loop: Use global lock for ioctl() operation Greg Kroah-Hartman
2019-01-24 19:19 ` [PATCH 4.4 068/104] loop: Fold __loop_release into loop_release Greg Kroah-Hartman
2019-01-28 13:31 ` Jan Kara
2019-01-30 7:30 ` Greg Kroah-Hartman
2019-01-24 19:19 ` [PATCH 4.4 069/104] loop: Get rid of loop_index_mutex Greg Kroah-Hartman
2019-01-24 19:19 ` [PATCH 4.4 070/104] loop: Fix double mutex_unlock(&loop_ctl_mutex) in loop_control_ioctl() Greg Kroah-Hartman
2019-01-24 19:20 ` [PATCH 4.4 071/104] drm/fb-helper: Ignore the value of fb_var_screeninfo.pixclock Greg Kroah-Hartman
2019-01-24 19:20 ` [PATCH 4.4 072/104] media: vb2: be sure to unlock mutex on errors Greg Kroah-Hartman
2019-01-24 19:20 ` [PATCH 4.4 073/104] r8169: Add support for new Realtek Ethernet Greg Kroah-Hartman
2019-01-24 19:20 ` [PATCH 4.4 074/104] ipv6: Consider sk_bound_dev_if when binding a socket to a v4 mapped address Greg Kroah-Hartman
2019-01-24 19:20 ` [PATCH 4.4 075/104] ipv6: Take rcu_read_lock in __inet6_bind for mapped addresses Greg Kroah-Hartman
2019-01-24 19:20 ` [PATCH 4.4 076/104] xfs: dont fail when converting shortform attr to long form during ATTR_REPLACE Greg Kroah-Hartman
2019-01-24 19:20 ` [PATCH 4.4 077/104] platform/x86: asus-wmi: Tell the EC the OS will handle the display off hotkey Greg Kroah-Hartman
2019-01-24 19:20 ` [PATCH 4.4 078/104] e1000e: allow non-monotonic SYSTIM readings Greg Kroah-Hartman
2019-01-24 19:20 ` [PATCH 4.4 079/104] writeback: dont decrement wb->refcnt if !wb->bdi Greg Kroah-Hartman
2019-01-24 19:20 ` [PATCH 4.4 080/104] MIPS: SiByte: Enable swiotlb for SWARM, LittleSur and BigSur Greg Kroah-Hartman
2019-01-24 19:20 ` [PATCH 4.4 081/104] arm64: perf: set suppress_bind_attrs flag to true Greg Kroah-Hartman
2019-01-24 19:20 ` [PATCH 4.4 082/104] jffs2: Fix use of uninitialized delayed_work, lockdep breakage Greg Kroah-Hartman
2019-01-24 19:20 ` [PATCH 4.4 083/104] pstore/ram: Do not treat empty buffers as valid Greg Kroah-Hartman
2019-01-24 19:20 ` [PATCH 4.4 084/104] powerpc/pseries/cpuidle: Fix preempt warning Greg Kroah-Hartman
2019-01-24 19:20 ` [PATCH 4.4 085/104] media: firewire: Fix app_info parameter type in avc_ca{,_app}_info Greg Kroah-Hartman
2019-01-24 19:20 ` [PATCH 4.4 086/104] net: call sk_dst_reset when set SO_DONTROUTE Greg Kroah-Hartman
2019-01-24 19:20 ` [PATCH 4.4 087/104] scsi: target: use consistent left-aligned ASCII INQUIRY data Greg Kroah-Hartman
2019-01-24 19:20 ` [PATCH 4.4 088/104] clk: imx6q: reset exclusive gates on init Greg Kroah-Hartman
2019-01-24 19:20 ` [PATCH 4.4 089/104] kconfig: fix file name and line number of warn_ignored_character() Greg Kroah-Hartman
2019-01-24 19:20 ` [PATCH 4.4 090/104] kconfig: fix memory leak when EOF is encountered in quotation Greg Kroah-Hartman
2019-01-24 19:20 ` [PATCH 4.4 091/104] mmc: atmel-mci: do not assume idle after atmci_request_end Greg Kroah-Hartman
2019-01-24 19:20 ` [PATCH 4.4 092/104] perf intel-pt: Fix error with config term "pt=0" Greg Kroah-Hartman
2019-01-24 19:20 ` [PATCH 4.4 093/104] perf svghelper: Fix unchecked usage of strncpy() Greg Kroah-Hartman
2019-01-24 19:20 ` [PATCH 4.4 094/104] perf parse-events: " Greg Kroah-Hartman
2019-01-24 19:20 ` [PATCH 4.4 095/104] dm kcopyd: Fix bug causing workqueue stalls Greg Kroah-Hartman
2019-01-24 19:20 ` [PATCH 4.4 096/104] dm snapshot: Fix excessive memory usage and " Greg Kroah-Hartman
2019-01-24 19:20 ` [PATCH 4.4 097/104] ALSA: bebob: fix model-id of unit for Apogee Ensemble Greg Kroah-Hartman
2019-01-24 19:20 ` [PATCH 4.4 098/104] sysfs: Disable lockdep for driver bind/unbind files Greg Kroah-Hartman
2019-01-24 19:20 ` [PATCH 4.4 099/104] scsi: megaraid: fix out-of-bound array accesses Greg Kroah-Hartman
2019-01-24 19:20 ` [PATCH 4.4 100/104] ocfs2: fix panic due to unrecovered local alloc Greg Kroah-Hartman
2019-01-24 19:20 ` [PATCH 4.4 101/104] mm/page-writeback.c: dont break integrity writeback on ->writepage() error Greg Kroah-Hartman
2019-01-24 19:20 ` [PATCH 4.4 102/104] mm, proc: be more verbose about unstable VMA flags in /proc/<pid>/smaps Greg Kroah-Hartman
2019-01-24 19:20 ` [PATCH 4.4 103/104] net: speed up skb_rbtree_purge() Greg Kroah-Hartman
2019-01-24 19:20 ` [PATCH 4.4 104/104] ipmi:ssif: Fix handling of multi-part return messages Greg Kroah-Hartman
2019-01-25 16:32 ` [PATCH 4.4 000/104] 4.4.172-stable review Naresh Kamboju
2019-01-25 16:34 ` shuah
2019-01-25 23:16 ` Guenter Roeck
2019-01-26 12:06 ` Jon Hunter
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20190124190200.627649246@linuxfoundation.org \
--to=gregkh@linuxfoundation.org \
--cc=harsh@chelsio.com \
--cc=herbert@gondor.apana.org.au \
--cc=linux-kernel@vger.kernel.org \
--cc=stable@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).