From: Jiri Slaby <jslaby@suse.cz>
To: Milan Broz <gmazyland@gmail.com>, "Thomas D." <whissi@whissi.de>,
Stephan Mueller <smueller@chronox.de>
Cc: Willy Tarreau <w@1wt.eu>, Sasha Levin <sasha.levin@oracle.com>,
"herbert@gondor.apana.org.au" <herbert@gondor.apana.org.au>,
"dvyukov@google.com" <dvyukov@google.com>,
"stable@vger.kernel.org" <stable@vger.kernel.org>,
"linux-crypto@vger.kernel.org" <linux-crypto@vger.kernel.org>,
Greg KH <gregkh@linuxfoundation.org>,
Ondrej Kozina <okozina@redhat.com>
Subject: Re: [PATCH] Re: Broken userspace crypto in linux-4.1.18
Date: Wed, 24 Feb 2016 09:32:54 +0100 [thread overview]
Message-ID: <56CD6AB6.7000801@suse.cz> (raw)
In-Reply-To: <56C9E865.3050500@gmail.com>
On 02/21/2016, 05:40 PM, Milan Broz wrote:
> On 02/20/2016 03:33 PM, Thomas D. wrote:
>> Hi,
>>
>> FYI: v3.10.97, v3.14.61 and 3.18.27 are also affected.
>>
>> v4.3.6 works. Looks like the patch set is only compatible with >=linux-4.3.
>>
>> v3.12.54 works because it doesn't contain the patch in question.
>
> Hi,
>
> indeed, because whoever backported this patchset skipped two patches
> from series (because of skcipher interface file was introduced later).
>
> I tried to backport it (on 4.1.18 tree, see patch below) and it fixes the problem
> for me.
>
> Anyway, it is just quick test what is the problem, patch need proper review or
> backport from someone who knows the code better.
>
> I will release stable cryptsetup soon that will work with new kernel even without
> this patch but I would strongly recommend that stable kernels get these compatibility
> backports as well to avoid breaking existing userspace.
>
> Thanks,
> Milan
> -
>
> This patch backports missing parts of crypto API compatibility changes:
>
> dd504589577d8e8e70f51f997ad487a4cb6c026f
> crypto: algif_skcipher - Require setkey before accept(2)
>
> a0fa2d037129a9849918a92d91b79ed6c7bd2818
> crypto: algif_skcipher - Add nokey compatibility path
>
> --- crypto/algif_skcipher.c.orig 2016-02-21 16:44:27.172312990 +0100
> +++ crypto/algif_skcipher.c 2016-02-21 17:03:58.555785347 +0100
...
> @@ -790,24 +912,50 @@
> af_alg_release_parent(sk);
This,
> }
>
> -static int skcipher_accept_parent(void *private, struct sock *sk)
> +static void skcipher_sock_destruct(struct sock *sk)
> +{
> + skcipher_sock_destruct_common(sk);
> + af_alg_release_parent(sk);
this,
> +}
> +
> +static void skcipher_release_parent_nokey(struct sock *sk)
> +{
> + struct alg_sock *ask = alg_sk(sk);
> +
> + if (!ask->refcnt) {
> + sock_put(ask->parent);
> + return;
> + }
> +
> + af_alg_release_parent(sk);
and this occurs to me like a double release?
thanks,
--
js
suse labs
next prev parent reply other threads:[~2016-02-24 8:32 UTC|newest]
Thread overview: 36+ messages / expand[flat|nested] mbox.gz Atom feed top
2016-02-17 14:04 Broken userspace crypto in linux-4.1.18 Thomas D.
2016-02-17 14:37 ` Sasha Levin
2016-02-17 15:24 ` Thomas D.
2016-02-17 22:12 ` Sasha Levin
2016-02-17 23:33 ` Willy Tarreau
2016-02-17 23:49 ` Thomas D.
2016-02-18 0:01 ` Willy Tarreau
2016-02-18 8:17 ` Stephan Mueller
2016-02-18 9:41 ` Jiri Slaby
2016-02-18 11:09 ` Thomas D.
2016-02-20 14:33 ` Thomas D.
2016-02-21 16:40 ` [PATCH] " Milan Broz
2016-02-23 21:02 ` Milan Broz
2016-02-23 21:21 ` Sasha Levin
[not found] ` <CAA-+O6H8TQxrKOQAL+s+PGnkOJe-f3dEs-wKGbM1BFZ7_aC2dg@mail.gmail.com>
2016-02-24 0:10 ` Thomas D.
2016-02-24 2:24 ` Greg KH
2016-02-24 8:32 ` Jiri Slaby [this message]
2016-02-24 8:54 ` Milan Broz
2016-02-24 17:12 ` Greg KH
2016-02-26 11:25 ` Milan Broz
2016-02-26 11:44 ` [PATCH 1/4] crypto: algif_skcipher - Require setkey before accept(2) Milan Broz
2016-02-26 11:44 ` [PATCH 2/4] crypto: algif_skcipher - Add nokey compatibility path Milan Broz
2016-02-26 11:44 ` [PATCH 3/4] crypto: algif_skcipher - Remove custom release parent function Milan Broz
2016-02-26 11:44 ` [PATCH 4/4] crypto: algif_skcipher - Fix race condition in skcipher_check_key Milan Broz
2016-02-27 14:45 ` [PATCH 1/4] crypto: algif_skcipher - Require setkey before accept(2) Herbert Xu
2016-02-27 21:40 ` Sasha Levin
2016-02-28 8:18 ` Milan Broz
2016-02-26 16:43 ` [PATCH] Re: Broken userspace crypto in linux-4.1.18 Sasha Levin
2016-04-17 22:17 ` Thomas D.
2016-04-17 22:39 ` Sasha Levin
2016-04-18 2:02 ` Herbert Xu
2016-04-18 9:48 ` Thomas D.
2016-04-18 12:54 ` Sasha Levin
2016-04-18 20:41 ` Milan Broz
2016-04-18 20:56 ` Thomas D.
2016-04-18 21:03 ` Sasha Levin
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=56CD6AB6.7000801@suse.cz \
--to=jslaby@suse.cz \
--cc=dvyukov@google.com \
--cc=gmazyland@gmail.com \
--cc=gregkh@linuxfoundation.org \
--cc=herbert@gondor.apana.org.au \
--cc=linux-crypto@vger.kernel.org \
--cc=okozina@redhat.com \
--cc=sasha.levin@oracle.com \
--cc=smueller@chronox.de \
--cc=stable@vger.kernel.org \
--cc=w@1wt.eu \
--cc=whissi@whissi.de \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).