Re: Broken userspace crypto in linux-4.1.18

stable.vger.kernel.org archive mirror
 help / color / mirror / Atom feed

From: Stephan Mueller <smueller@chronox.de>
To: "Thomas D." <whissi@whissi.de>
Cc: Willy Tarreau <w@1wt.eu>, Sasha Levin <sasha.levin@oracle.com>,
	"herbert@gondor.apana.org.au" <herbert@gondor.apana.org.au>,
	"dvyukov@google.com" <dvyukov@google.com>,
	"stable@vger.kernel.org" <stable@vger.kernel.org>,
	"linux-crypto@vger.kernel.org" <linux-crypto@vger.kernel.org>
Subject: Re: Broken userspace crypto in linux-4.1.18
Date: Thu, 18 Feb 2016 09:17:04 +0100	[thread overview]
Message-ID: <4580306.arupsYiYbb@positron.chronox.de> (raw)
In-Reply-To: <56C50725.6080408@whissi.de>

Am Donnerstag, 18. Februar 2016, 00:49:57 schrieb Thomas D.:

Hi Thomas,

> Hi
> 
> Willy Tarreau wrote:
> >> Is there a dependency I missed in 4.1? I don't really see anything that
> >> could have gone wrong there.
> > 
> > Or maybe Thomas can run a bisect ?
> 
> I cannot follow. I did a bisect between 4.1.7 and 4.1.8 as I have written
> 
> in my first mail. The bad commit was:

That breakage was expected and forcasted by Milan Broz a couple of days ago on 
this mailing list. The referenced patch covered a bug that must have been 
fixed but introduced a regression for backwards compatibility. Since then, 
this regression was fixed.



> > commit 0571ba52a19e18a1c20469454231eef681cb1310
> > Author: Herbert Xu
> > Date:   Wed Dec 30 11:47:53 2015 +0800
> > 
> >     crypto: af_alg - Disallow bind/setkey/... after accept(2)
> >     
> >     [ Upstream commit c840ac6af3f8713a71b4d2363419145760bd6044 ]
> >     
> >     Each af_alg parent socket obtained by socket(2) corresponds to a
> >     tfm object once bind(2) has succeeded.  An accept(2) call on that
> >     parent socket creates a context which then uses the tfm object.
> >     
> >     Therefore as long as any child sockets created by accept(2) exist
> >     the parent socket must not be modified or freed.
> >     
> >     This patch guarantees this by using locks and a reference count
> >     on the parent socket.  Any attempt to modify the parent socket will
> >     fail with EBUSY.
> 
> bisect log:
> > Bisecting: 114 revisions left to test after this (roughly 7 steps)
> > [3a1e81ad84e4d880b00ecf7ad8d03b9b772ddfa7] crypto: algif_hash - Fix race
> > condition in hash_check_key Bisecting: 56 revisions left to test after
> > this (roughly 6 steps)
> > [d6341753c418d3699948290d8c0b9d9dc78bd209] udf: Prevent buffer overrun
> > with multi-byte characters Bisecting: 28 revisions left to test after
> > this (roughly 5 steps)
> > [13aedd784b84cb7d8a3bb835941d80e99f5c796e] dmaengine: dw: fix cyclic
> > transfer setup Bisecting: 14 revisions left to test after this (roughly 4
> > steps)
> > [664ecf4f243bac17065cd9878790d40a592e2f3d] zram/zcomp: use GFP_NOIO to
> > allocate streams Bisecting: 7 revisions left to test after this (roughly
> > 3 steps)
> > [0571ba52a19e18a1c20469454231eef681cb1310] crypto: af_alg - Disallow
> > bind/setkey/... after accept(2) Bisecting: 3 revisions left to test after
> > this (roughly 2 steps)
> > [2c641f5b0c8e87d43235ce39890bcc4d0c7cd2fb] memcg: only free spare array
> > when readers are done Bisecting: 1 revision left to test after this
> > (roughly 1 step)
> > [0e19e24c3fe0abde8e2c5f4543616a251ccea6bf] kernel/panic.c: turn off locks
> > debug before releasing console lock Bisecting: 0 revisions left to test
> > after this (roughly 0 steps)
> > [bc24ac15b0746172a8f603171352aa54abcf7c78] printk: do cond_resched()
> > between lines while outputting to consoles
> > 0571ba52a19e18a1c20469454231eef681cb1310 is the first bad commit
> 
> -Thomas
> 
> --
> To unsubscribe from this list: send the line "unsubscribe linux-crypto" in
> the body of a message to majordomo@vger.kernel.org
> More majordomo info at  http://vger.kernel.org/majordomo-info.html


Ciao
Stephan

next prev parent reply	other threads:[~2016-02-18  8:16 UTC|newest]

Thread overview: 36+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2016-02-17 14:04 Broken userspace crypto in linux-4.1.18 Thomas D.
2016-02-17 14:37 ` Sasha Levin
2016-02-17 15:24   ` Thomas D.
2016-02-17 22:12     ` Sasha Levin
2016-02-17 23:33       ` Willy Tarreau
2016-02-17 23:49         ` Thomas D.
2016-02-18  0:01           ` Willy Tarreau
2016-02-18  8:17           ` Stephan Mueller [this message]
2016-02-18  9:41             ` Jiri Slaby
2016-02-18 11:09               ` Thomas D.
2016-02-20 14:33                 ` Thomas D.
2016-02-21 16:40                   ` [PATCH] " Milan Broz
2016-02-23 21:02                     ` Milan Broz
2016-02-23 21:21                       ` Sasha Levin
     [not found]                         ` <CAA-+O6H8TQxrKOQAL+s+PGnkOJe-f3dEs-wKGbM1BFZ7_aC2dg@mail.gmail.com>
2016-02-24  0:10                           ` Thomas D.
2016-02-24  2:24                             ` Greg KH
2016-02-24  8:32                     ` Jiri Slaby
2016-02-24  8:54                       ` Milan Broz
2016-02-24 17:12                         ` Greg KH
2016-02-26 11:25                           ` Milan Broz
2016-02-26 11:44                             ` [PATCH 1/4] crypto: algif_skcipher - Require setkey before accept(2) Milan Broz
2016-02-26 11:44                               ` [PATCH 2/4] crypto: algif_skcipher - Add nokey compatibility path Milan Broz
2016-02-26 11:44                               ` [PATCH 3/4] crypto: algif_skcipher - Remove custom release parent function Milan Broz
2016-02-26 11:44                               ` [PATCH 4/4] crypto: algif_skcipher - Fix race condition in skcipher_check_key Milan Broz
2016-02-27 14:45                               ` [PATCH 1/4] crypto: algif_skcipher - Require setkey before accept(2) Herbert Xu
2016-02-27 21:40                               ` Sasha Levin
2016-02-28  8:18                                 ` Milan Broz
2016-02-26 16:43                             ` [PATCH] Re: Broken userspace crypto in linux-4.1.18 Sasha Levin
2016-04-17 22:17                               ` Thomas D.
2016-04-17 22:39                                 ` Sasha Levin
2016-04-18  2:02                                   ` Herbert Xu
2016-04-18  9:48                                     ` Thomas D.
2016-04-18 12:54                                       ` Sasha Levin
2016-04-18 20:41                                         ` Milan Broz
2016-04-18 20:56                                           ` Thomas D.
2016-04-18 21:03                                             ` Sasha Levin

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=4580306.arupsYiYbb@positron.chronox.de \
    --to=smueller@chronox.de \
    --cc=dvyukov@google.com \
    --cc=herbert@gondor.apana.org.au \
    --cc=linux-crypto@vger.kernel.org \
    --cc=sasha.levin@oracle.com \
    --cc=stable@vger.kernel.org \
    --cc=w@1wt.eu \
    --cc=whissi@whissi.de \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).