From: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
To: stable@vger.kernel.org
Cc: Greg Kroah-Hartman <gregkh@linuxfoundation.org>,
patches@lists.linux.dev, Dudu Lu <phx0fer@gmail.com>,
Herbert Xu <herbert@gondor.apana.org.au>
Subject: [PATCH 7.0 05/42] crypto: krb5enc - fix async decrypt skipping hash verification
Date: Fri, 24 Apr 2026 15:30:30 +0200 [thread overview]
Message-ID: <20260424132421.509292782@linuxfoundation.org> (raw)
In-Reply-To: <20260424132420.410310336@linuxfoundation.org>
7.0-stable review patch. If anyone has any objections, please let me know.
------------------
From: Dudu Lu <phx0fer@gmail.com>
commit 3bfbf5f0a99c991769ec562721285df7ab69240b upstream.
krb5enc_dispatch_decrypt() sets req->base.complete as the skcipher
callback, which is the caller's own completion handler. When the
skcipher completes asynchronously, this signals "done" to the caller
without executing krb5enc_dispatch_decrypt_hash(), completely bypassing
the integrity verification (hash check).
Compare with the encrypt path which correctly uses
krb5enc_encrypt_done as an intermediate callback to chain into the
hash computation on async completion.
Fix by adding krb5enc_decrypt_done as an intermediate callback that
chains into krb5enc_dispatch_decrypt_hash() upon async skcipher
completion, matching the encrypt path's callback pattern.
Also fix EBUSY/EINPROGRESS handling throughout: remove
krb5enc_request_complete() which incorrectly swallowed EINPROGRESS
notifications that must be passed up to callers waiting on backlogged
requests, and add missing EBUSY checks in krb5enc_encrypt_ahash_done
for the dispatch_encrypt return value.
Fixes: d1775a177f7f ("crypto: Add 'krb5enc' hash and cipher AEAD algorithm")
Signed-off-by: Dudu Lu <phx0fer@gmail.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Unset MAY_BACKLOG on the async completion path so the user won't
see back-to-back EINPROGRESS notifications.
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
---
crypto/krb5enc.c | 52 +++++++++++++++++++++++++++++++---------------------
1 file changed, 31 insertions(+), 21 deletions(-)
--- a/crypto/krb5enc.c
+++ b/crypto/krb5enc.c
@@ -39,12 +39,6 @@ struct krb5enc_request_ctx {
char tail[];
};
-static void krb5enc_request_complete(struct aead_request *req, int err)
-{
- if (err != -EINPROGRESS)
- aead_request_complete(req, err);
-}
-
/**
* crypto_krb5enc_extractkeys - Extract Ke and Ki keys from the key blob.
* @keys: Where to put the key sizes and pointers
@@ -127,7 +121,7 @@ static void krb5enc_encrypt_done(void *d
{
struct aead_request *req = data;
- krb5enc_request_complete(req, err);
+ aead_request_complete(req, err);
}
/*
@@ -188,14 +182,16 @@ static void krb5enc_encrypt_ahash_done(v
struct ahash_request *ahreq = (void *)(areq_ctx->tail + ictx->reqoff);
if (err)
- return krb5enc_request_complete(req, err);
+ goto out;
krb5enc_insert_checksum(req, ahreq->result);
- err = krb5enc_dispatch_encrypt(req,
- aead_request_flags(req) & ~CRYPTO_TFM_REQ_MAY_SLEEP);
- if (err != -EINPROGRESS)
- aead_request_complete(req, err);
+ err = krb5enc_dispatch_encrypt(req, 0);
+ if (err == -EINPROGRESS)
+ return;
+
+out:
+ aead_request_complete(req, err);
}
/*
@@ -265,17 +261,16 @@ static void krb5enc_decrypt_hash_done(vo
{
struct aead_request *req = data;
- if (err)
- return krb5enc_request_complete(req, err);
-
- err = krb5enc_verify_hash(req);
- krb5enc_request_complete(req, err);
+ if (!err)
+ err = krb5enc_verify_hash(req);
+ aead_request_complete(req, err);
}
/*
* Dispatch the hashing of the plaintext after we've done the decryption.
*/
-static int krb5enc_dispatch_decrypt_hash(struct aead_request *req)
+static int krb5enc_dispatch_decrypt_hash(struct aead_request *req,
+ unsigned int flags)
{
struct crypto_aead *krb5enc = crypto_aead_reqtfm(req);
struct aead_instance *inst = aead_alg_instance(krb5enc);
@@ -291,7 +286,7 @@ static int krb5enc_dispatch_decrypt_hash
ahash_request_set_tfm(ahreq, auth);
ahash_request_set_crypt(ahreq, req->dst, hash,
req->assoclen + req->cryptlen - authsize);
- ahash_request_set_callback(ahreq, aead_request_flags(req),
+ ahash_request_set_callback(ahreq, flags,
krb5enc_decrypt_hash_done, req);
err = crypto_ahash_digest(ahreq);
@@ -301,6 +296,21 @@ static int krb5enc_dispatch_decrypt_hash
return krb5enc_verify_hash(req);
}
+static void krb5enc_decrypt_done(void *data, int err)
+{
+ struct aead_request *req = data;
+
+ if (err)
+ goto out;
+
+ err = krb5enc_dispatch_decrypt_hash(req, 0);
+ if (err == -EINPROGRESS)
+ return;
+
+out:
+ aead_request_complete(req, err);
+}
+
/*
* Dispatch the decryption of the ciphertext.
*/
@@ -324,7 +334,7 @@ static int krb5enc_dispatch_decrypt(stru
skcipher_request_set_tfm(skreq, ctx->enc);
skcipher_request_set_callback(skreq, aead_request_flags(req),
- req->base.complete, req->base.data);
+ krb5enc_decrypt_done, req);
skcipher_request_set_crypt(skreq, src, dst,
req->cryptlen - authsize, req->iv);
@@ -339,7 +349,7 @@ static int krb5enc_decrypt(struct aead_r
if (err < 0)
return err;
- return krb5enc_dispatch_decrypt_hash(req);
+ return krb5enc_dispatch_decrypt_hash(req, aead_request_flags(req));
}
static int krb5enc_init_tfm(struct crypto_aead *tfm)
next prev parent reply other threads:[~2026-04-24 13:32 UTC|newest]
Thread overview: 54+ messages / expand[flat|nested] mbox.gz Atom feed top
2026-04-24 13:30 [PATCH 7.0 00/42] 7.0.2-rc1 review Greg Kroah-Hartman
2026-04-24 13:30 ` [PATCH 7.0 01/42] crypto: authencesn - Fix src offset when decrypting in-place Greg Kroah-Hartman
2026-04-24 13:30 ` [PATCH 7.0 02/42] pwm: th1520: fix `CLIPPY=1` warning Greg Kroah-Hartman
2026-04-24 13:30 ` [PATCH 7.0 03/42] drm/amdgpu: replace PASID IDR with XArray Greg Kroah-Hartman
2026-04-24 13:30 ` [PATCH 7.0 04/42] crypto: krb5enc - fix sleepable flag handling in encrypt dispatch Greg Kroah-Hartman
2026-04-24 13:30 ` Greg Kroah-Hartman [this message]
2026-04-24 13:30 ` [PATCH 7.0 06/42] ksmbd: fix use-after-free in __ksmbd_close_fd() via durable scavenger Greg Kroah-Hartman
2026-04-24 13:30 ` [PATCH 7.0 07/42] ksmbd: validate owner of durable handle on reconnect Greg Kroah-Hartman
2026-04-24 13:30 ` [PATCH 7.0 08/42] scripts: generate_rust_analyzer.py: define scripts Greg Kroah-Hartman
2026-04-24 13:30 ` [PATCH 7.0 09/42] scripts/dtc: Remove unused dts_version in dtc-lexer.l Greg Kroah-Hartman
2026-04-24 13:30 ` [PATCH 7.0 10/42] fs/ntfs3: validate rec->used in journal-replay file record check Greg Kroah-Hartman
2026-04-24 13:30 ` [PATCH 7.0 11/42] f2fs: fix to do sanity check on dcc->discard_cmd_cnt conditionally Greg Kroah-Hartman
2026-04-24 13:30 ` [PATCH 7.0 12/42] f2fs: fix UAF caused by decrementing sbi->nr_pages[] in f2fs_write_end_io() Greg Kroah-Hartman
2026-04-24 13:30 ` [PATCH 7.0 13/42] f2fs: fix to avoid memory leak in f2fs_rename() Greg Kroah-Hartman
2026-04-24 13:30 ` [PATCH 7.0 14/42] f2fs: fix to avoid uninit-value access in f2fs_sanity_check_node_footer Greg Kroah-Hartman
2026-04-24 13:30 ` [PATCH 7.0 15/42] fuse: reject oversized dirents in page cache Greg Kroah-Hartman
2026-04-24 13:30 ` [PATCH 7.0 16/42] fuse: abort on fatal signal during sync init Greg Kroah-Hartman
2026-04-24 13:30 ` [PATCH 7.0 17/42] fuse: Check for large folio with SPLICE_F_MOVE Greg Kroah-Hartman
2026-04-24 13:30 ` [PATCH 7.0 18/42] fuse: quiet down complaints in fuse_conn_limit_write Greg Kroah-Hartman
2026-04-24 13:30 ` [PATCH 7.0 19/42] fuse: fuse_dev_ioctl_clone() should wait for device file to be initialized Greg Kroah-Hartman
2026-04-24 13:30 ` [PATCH 7.0 20/42] ksmbd: require minimum ACE size in smb_check_perm_dacl() Greg Kroah-Hartman
2026-04-24 13:30 ` [PATCH 7.0 21/42] smb: server: fix active_num_conn leak on transport allocation failure Greg Kroah-Hartman
2026-04-24 13:30 ` [PATCH 7.0 22/42] smb: client: fix dir separator in SMB1 UNIX mounts Greg Kroah-Hartman
2026-04-24 13:30 ` [PATCH 7.0 23/42] smb: server: fix max_connections off-by-one in tcp accept path Greg Kroah-Hartman
2026-04-24 13:30 ` [PATCH 7.0 24/42] smb: client: require a full NFS mode SID before reading mode bits Greg Kroah-Hartman
2026-04-24 13:30 ` [PATCH 7.0 25/42] smb: client: validate the whole DACL before rewriting it in cifsacl Greg Kroah-Hartman
2026-04-24 13:30 ` [PATCH 7.0 26/42] smb: client: fix OOB read in smb2_ioctl_query_info QUERY_INFO path Greg Kroah-Hartman
2026-04-24 13:30 ` [PATCH 7.0 27/42] ksmbd: validate response sizes in ipc_validate_msg() Greg Kroah-Hartman
2026-04-24 13:30 ` [PATCH 7.0 28/42] ksmbd: validate num_aces and harden ACE walk in smb_inherit_dacl() Greg Kroah-Hartman
2026-04-24 13:30 ` [PATCH 7.0 29/42] ksmbd: fix out-of-bounds write in smb2_get_ea() EA alignment Greg Kroah-Hartman
2026-04-24 13:30 ` [PATCH 7.0 30/42] ksmbd: use check_add_overflow() to prevent u16 DACL size overflow Greg Kroah-Hartman
2026-04-24 13:30 ` [PATCH 7.0 31/42] ksmbd: reset rcount per connection in ksmbd_conn_wait_idle_sess_id() Greg Kroah-Hartman
2026-04-24 13:30 ` [PATCH 7.0 32/42] writeback: Fix use after free in inode_switch_wbs_work_fn() Greg Kroah-Hartman
2026-04-24 13:30 ` [PATCH 7.0 33/42] f2fs: fix use-after-free of sbi in f2fs_compress_write_end_io() Greg Kroah-Hartman
2026-04-24 13:30 ` [PATCH 7.0 34/42] ALSA: usb-audio: apply quirk for MOONDROP JU Jiu Greg Kroah-Hartman
2026-04-24 13:31 ` [PATCH 7.0 35/42] ALSA: hda/realtek: Add quirk for Legion S7 15IMH Greg Kroah-Hartman
2026-04-24 13:31 ` [PATCH 7.0 36/42] ALSA: caiaq: take a reference on the USB device in create_card() Greg Kroah-Hartman
2026-04-24 13:31 ` [PATCH 7.0 37/42] net/packet: fix TOCTOU race on mmapd vnet_hdr in tpacket_snd() Greg Kroah-Hartman
2026-04-24 13:31 ` [PATCH 7.0 38/42] crypto: ccp: Dont attempt to copy CSR to userspace if PSP command failed Greg Kroah-Hartman
2026-04-24 13:31 ` [PATCH 7.0 39/42] crypto: ccp: Dont attempt to copy PDH cert " Greg Kroah-Hartman
2026-04-24 13:31 ` [PATCH 7.0 40/42] crypto: ccp: Dont attempt to copy ID " Greg Kroah-Hartman
2026-04-24 13:31 ` [PATCH 7.0 41/42] rxrpc: Fix missing validation of ticket length in non-XDR key preparsing Greg Kroah-Hartman
2026-04-24 13:31 ` [PATCH 7.0 42/42] mshv_vtl: Fix vmemmap_shift exceeding MAX_FOLIO_ORDER Greg Kroah-Hartman
2026-04-24 14:09 ` [PATCH 7.0 00/42] 7.0.2-rc1 review Ronald Warsow
2026-04-24 16:19 ` Takeshi Ogasawara
2026-04-24 21:04 ` Florian Fainelli
2026-04-24 21:22 ` Mark Brown
2026-04-24 22:16 ` Peter Schneider
2026-04-24 22:22 ` Shuah Khan
2026-04-25 7:33 ` Brett A C Sheffield
2026-04-25 11:49 ` Miguel Ojeda
2026-04-25 22:19 ` Dileep malepu
2026-04-26 6:58 ` Barry K. Nathan
2026-04-26 18:19 ` Justin Forbes
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20260424132421.509292782@linuxfoundation.org \
--to=gregkh@linuxfoundation.org \
--cc=herbert@gondor.apana.org.au \
--cc=patches@lists.linux.dev \
--cc=phx0fer@gmail.com \
--cc=stable@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox