Re: [PATCH] Re: Broken userspace crypto in linux-4.1.18
From: Jiri Slaby <hidden>
Date: 2016-02-24 08:32:57
Also in:
stable
On 02/21/2016, 05:40 PM, Milan Broz wrote:
quoted hunk ↗ jump to hunk
On 02/20/2016 03:33 PM, Thomas D. wrote:quoted
Hi, FYI: v3.10.97, v3.14.61 and 3.18.27 are also affected. v4.3.6 works. Looks like the patch set is only compatible with >=linux-4.3. v3.12.54 works because it doesn't contain the patch in question.Hi, indeed, because whoever backported this patchset skipped two patches from series (because of skcipher interface file was introduced later). I tried to backport it (on 4.1.18 tree, see patch below) and it fixes the problem for me. Anyway, it is just quick test what is the problem, patch need proper review or backport from someone who knows the code better. I will release stable cryptsetup soon that will work with new kernel even without this patch but I would strongly recommend that stable kernels get these compatibility backports as well to avoid breaking existing userspace. Thanks, Milan - This patch backports missing parts of crypto API compatibility changes: dd504589577d8e8e70f51f997ad487a4cb6c026f crypto: algif_skcipher - Require setkey before accept(2) a0fa2d037129a9849918a92d91b79ed6c7bd2818 crypto: algif_skcipher - Add nokey compatibility path--- crypto/algif_skcipher.c.orig 2016-02-21 16:44:27.172312990 +0100 +++ crypto/algif_skcipher.c 2016-02-21 17:03:58.555785347 +0100
...
quoted hunk ↗ jump to hunk
@@ -790,24 +912,50 @@ af_alg_release_parent(sk);
This,
}
-static int skcipher_accept_parent(void *private, struct sock *sk)
+static void skcipher_sock_destruct(struct sock *sk)
+{
+ skcipher_sock_destruct_common(sk);
+ af_alg_release_parent(sk);this,
+}
+
+static void skcipher_release_parent_nokey(struct sock *sk)
+{
+ struct alg_sock *ask = alg_sk(sk);
+
+ if (!ask->refcnt) {
+ sock_put(ask->parent);
+ return;
+ }
+
+ af_alg_release_parent(sk);and this occurs to me like a double release? thanks, -- js suse labs