forge/linux-uconsole
1
0
Fork 0
Code Issues 1 Pull requests Projects Releases Packages Wiki Activity Actions
linux-uconsole/drivers/crypto
History
Ondrej Mosnacek f1b13e97e4 crypto: vmx - Fix sleep-in-atomic bugs 
commit 0522236d4f upstream.

This patch fixes sleep-in-atomic bugs in AES-CBC and AES-XTS VMX
implementations. The problem is that the blkcipher_* functions should
not be called in atomic context.

The bugs can be reproduced via the AF_ALG interface by trying to
encrypt/decrypt sufficiently large buffers (at least 64 KiB) using the
VMX implementations of 'cbc(aes)' or 'xts(aes)'. Such operations then
trigger BUG in crypto_yield():

[  891.863680] BUG: sleeping function called from invalid context at include/crypto/algapi.h:424
[  891.864622] in_atomic(): 1, irqs_disabled(): 0, pid: 12347, name: kcapi-enc
[  891.864739] 1 lock held by kcapi-enc/12347:
[  891.864811]  #0: 00000000f5d42c46 (sk_lock-AF_ALG){+.+.}, at: skcipher_recvmsg+0x50/0x530
[  891.865076] CPU: 5 PID: 12347 Comm: kcapi-enc Not tainted 4.19.0-0.rc0.git3.1.fc30.ppc64le #1
[  891.865251] Call Trace:
[  891.865340] [c0000003387578c0] [c000000000d67ea4] dump_stack+0xe8/0x164 (unreliable)
[  891.865511] [c000000338757910] [c000000000172a58] ___might_sleep+0x2f8/0x310
[  891.865679] [c000000338757990] [c0000000006bff74] blkcipher_walk_done+0x374/0x4a0
[  891.865825] [c0000003387579e0] [d000000007e73e70] p8_aes_cbc_encrypt+0x1c8/0x260 [vmx_crypto]
[  891.865993] [c000000338757ad0] [c0000000006c0ee0] skcipher_encrypt_blkcipher+0x60/0x80
[  891.866128] [c000000338757b10] [c0000000006ec504] skcipher_recvmsg+0x424/0x530
[  891.866283] [c000000338757bd0] [c000000000b00654] sock_recvmsg+0x74/0xa0
[  891.866403] [c000000338757c10] [c000000000b00f64] ___sys_recvmsg+0xf4/0x2f0
[  891.866515] [c000000338757d90] [c000000000b02bb8] __sys_recvmsg+0x68/0xe0
[  891.866631] [c000000338757e30] [c00000000000bbe4] system_call+0x5c/0x70

Fixes: 8c755ace35 ("crypto: vmx - Adding CBC routines for VMX module")
Fixes: c07f5d3da6 ("crypto: vmx - Adding support for XTS")
Cc: stable@vger.kernel.org
Signed-off-by: Ondrej Mosnacek <omosnace@redhat.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
2018-09-19 22:49:00 +02:00
..
amcc crypto: crypto4xx - fix crypto4xx_build_pdr, crypto4xx_build_sdr leak 2018-07-22 14:25:52 +02:00
caam crypto: caam - fix endless loop when DECO acquire fails 2018-02-16 20:09:45 +01:00
ccp crypto: ccp - Fix AES XTS error for request sizes above 4096 2016-06-24 10:18:19 -07:00
marvell crypto: marvell/cesa - forward devm_ioremap_resource() error code 2016-04-12 09:08:46 -07:00
nx crypto: nx-842 - Mask XERS0 bit in return value 2016-09-15 08:27:49 +02:00
qat crypto: qat - fix aes-xts key sizes 2016-09-07 08:32:44 +02:00
qce crypto: qce - dma_map_sg can handle chained SG 2015-10-08 21:42:19 +08:00
sunxi-ss crypto: sunxi-ss - Add MODULE_ALIAS to sun4i-ss 2018-05-30 07:49:16 +02:00
ux500 crypto: ux500 - memmove the right size 2016-07-11 09:31:12 -07:00
vmx crypto: vmx - Fix sleep-in-atomic bugs 2018-09-19 22:49:00 +02:00
atmel-aes-regs.h
atmel-aes.c crypto: atmel - fix checks of error code returned by devm_ioremap_resource() 2016-04-12 09:08:46 -07:00
atmel-sha-regs.h
atmel-sha.c crypto: atmel - only treat EBUSY as transient if backlog 2017-07-21 07:44:58 +02:00
atmel-tdes-regs.h
atmel-tdes.c crypto: atmel - fix checks of error code returned by devm_ioremap_resource() 2016-04-12 09:08:46 -07:00
bfin_crc.c crypto: bfin_crc - replace sg_count by sg_nents 2015-09-21 23:05:53 +08:00
bfin_crc.h crypto: bfin_crc - access crc registers by readl and writel functions 2014-04-16 20:40:15 +08:00
geode-aes.c crypto: geode - Don't use tfm->__crt_alg->cra_name directly 2014-05-22 21:03:13 +08:00
geode-aes.h crypto: geode - Consistently use AES_KEYSIZE_128 2014-05-22 21:03:12 +08:00
hifn_795x.c hifn_795x: stop including <asm-generic/kmap_types.h> 2015-10-15 00:21:09 +02:00
img-hash.c crypto: img-hash - fix spelling mistake in dev_err error message 2015-08-04 17:41:31 +08:00
ixp4xx_crypto.c crypto: aead - Remove CRYPTO_ALG_AEAD_NEW flag 2015-08-17 16:53:53 +08:00
Kconfig crypto: mxs-dcp - mxs-dcp is an stmp device 2015-10-14 22:23:37 +08:00
Makefile crypto: sunxi-ss - Add Allwinner Security System crypto accelerator 2015-07-20 15:54:08 +08:00
mv_cesa.c crypto: marvell/cesa - another fix up for of_get_named_gen_pool() rename 2015-07-03 11:37:02 -07:00
mv_cesa.h crypto: mv_cesa - Add missing #define 2014-08-29 21:46:36 +08:00
mxs-dcp.c crypto: mxs-dcp - fix type of ret for wait_for_completion_timeout 2015-02-28 23:31:36 +13:00
n2_asm.S
n2_core.c crypto: n2 - cure use after free 2018-01-10 09:27:08 +01:00
n2_core.h
omap-aes.c crypto: omap-aes - Use BIT() macro 2015-07-08 15:18:46 +08:00
omap-des.c crypto: omap-des - Fix unmapping of dma channels 2015-07-06 16:20:37 +08:00
omap-sham.c crypto/omap-sham: remove an open coded access to ->page_link 2015-08-17 08:12:57 -06:00
padlock-aes.c crypto: padlock-aes - Fix Nano workaround data corruption 2018-08-06 16:24:42 +02:00
padlock-sha.c x86/cpufeature: Remove unused and seldomly used cpu_has_xx macros 2018-06-16 09:54:24 +02:00
picoxcell_crypto.c crypto: picoxcell - Fix module autoload for OF platform driver 2015-09-21 22:00:36 +08:00
picoxcell_crypto_regs.h
s5p-sss.c crypto: s5p-sss - Fix kernel Oops in AES-ECB mode 2018-02-25 11:03:55 +01:00
sahara.c crypto: sahara - set array of const as const 2015-10-15 21:05:18 +08:00
talitos.c crypto: talitos - fix sha224 2017-10-05 09:41:45 +02:00
talitos.h crypto: talitos - Prevent panic in probe error path 2015-08-10 23:19:05 +08:00