Re: Broken userspace crypto in linux-4.1.18
From: Thomas D. <hidden>
Date: 2016-02-17 23:50:03
Also in:
stable
Hi Willy Tarreau wrote:
quoted
Is there a dependency I missed in 4.1? I don't really see anything that could have gone wrong there.Or maybe Thomas can run a bisect ?
I cannot follow. I did a bisect between 4.1.7 and 4.1.8 as I have written in my first mail. The bad commit was:
commit 0571ba52a19e18a1c20469454231eef681cb1310
Author: Herbert Xu
Date: Wed Dec 30 11:47:53 2015 +0800
crypto: af_alg - Disallow bind/setkey/... after accept(2)
[ Upstream commit c840ac6af3f8713a71b4d2363419145760bd6044 ]
Each af_alg parent socket obtained by socket(2) corresponds to a
tfm object once bind(2) has succeeded. An accept(2) call on that
parent socket creates a context which then uses the tfm object.
Therefore as long as any child sockets created by accept(2) exist
the parent socket must not be modified or freed.
This patch guarantees this by using locks and a reference count
on the parent socket. Any attempt to modify the parent socket will
fail with EBUSY.bisect log:
Bisecting: 114 revisions left to test after this (roughly 7 steps) [3a1e81ad84e4d880b00ecf7ad8d03b9b772ddfa7] crypto: algif_hash - Fix race condition in hash_check_key Bisecting: 56 revisions left to test after this (roughly 6 steps) [d6341753c418d3699948290d8c0b9d9dc78bd209] udf: Prevent buffer overrun with multi-byte characters Bisecting: 28 revisions left to test after this (roughly 5 steps) [13aedd784b84cb7d8a3bb835941d80e99f5c796e] dmaengine: dw: fix cyclic transfer setup Bisecting: 14 revisions left to test after this (roughly 4 steps) [664ecf4f243bac17065cd9878790d40a592e2f3d] zram/zcomp: use GFP_NOIO to allocate streams Bisecting: 7 revisions left to test after this (roughly 3 steps) [0571ba52a19e18a1c20469454231eef681cb1310] crypto: af_alg - Disallow bind/setkey/... after accept(2) Bisecting: 3 revisions left to test after this (roughly 2 steps) [2c641f5b0c8e87d43235ce39890bcc4d0c7cd2fb] memcg: only free spare array when readers are done Bisecting: 1 revision left to test after this (roughly 1 step) [0e19e24c3fe0abde8e2c5f4543616a251ccea6bf] kernel/panic.c: turn off locks debug before releasing console lock Bisecting: 0 revisions left to test after this (roughly 0 steps) [bc24ac15b0746172a8f603171352aa54abcf7c78] printk: do cond_resched() between lines while outputting to consoles 0571ba52a19e18a1c20469454231eef681cb1310 is the first bad commit
-Thomas