diff options
| author | Linus Torvalds <torvalds@linux-foundation.org> | 2017-11-28 19:22:10 -0500 |
|---|---|---|
| committer | Linus Torvalds <torvalds@linux-foundation.org> | 2017-11-28 19:22:10 -0500 |
| commit | 43570f0383d6d5879ae585e6c3cf027ba321546f (patch) | |
| tree | daf5612c631585dbcaa426ccd38ac28308373537 | |
| parent | 43f462f1c2e111d2882b48baeeff774ae42e7c56 (diff) | |
| parent | c14ca8386539a298c1c19b003fe55e37d0f0e89c (diff) | |
Merge branch 'linus' of git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6
Pull crypto fixes from Herbert Xu:
- avoid potential bogus alignment for some AEAD operations
- fix crash in algif_aead
- avoid sleeping in softirq context with async af_alg
* 'linus' of git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6:
crypto: skcipher - Fix skcipher_walk_aead_common
crypto: af_alg - remove locking in async callback
crypto: algif_aead - skip SGL entries with NULL page
| -rw-r--r-- | crypto/af_alg.c | 21 | ||||
| -rw-r--r-- | crypto/algif_aead.c | 56 | ||||
| -rw-r--r-- | crypto/algif_skcipher.c | 23 | ||||
| -rw-r--r-- | crypto/skcipher.c | 3 | ||||
| -rw-r--r-- | include/crypto/if_alg.h | 1 |
5 files changed, 66 insertions, 38 deletions
diff --git a/crypto/af_alg.c b/crypto/af_alg.c index 85cea9de324a..358749c38894 100644 --- a/crypto/af_alg.c +++ b/crypto/af_alg.c | |||
| @@ -1021,6 +1021,18 @@ unlock: | |||
| 1021 | EXPORT_SYMBOL_GPL(af_alg_sendpage); | 1021 | EXPORT_SYMBOL_GPL(af_alg_sendpage); |
| 1022 | 1022 | ||
| 1023 | /** | 1023 | /** |
| 1024 | * af_alg_free_resources - release resources required for crypto request | ||
| 1025 | */ | ||
| 1026 | void af_alg_free_resources(struct af_alg_async_req *areq) | ||
| 1027 | { | ||
| 1028 | struct sock *sk = areq->sk; | ||
| 1029 | |||
| 1030 | af_alg_free_areq_sgls(areq); | ||
| 1031 | sock_kfree_s(sk, areq, areq->areqlen); | ||
| 1032 | } | ||
| 1033 | EXPORT_SYMBOL_GPL(af_alg_free_resources); | ||
| 1034 | |||
| 1035 | /** | ||
| 1024 | * af_alg_async_cb - AIO callback handler | 1036 | * af_alg_async_cb - AIO callback handler |
| 1025 | * | 1037 | * |
| 1026 | * This handler cleans up the struct af_alg_async_req upon completion of the | 1038 | * This handler cleans up the struct af_alg_async_req upon completion of the |
| @@ -1036,18 +1048,13 @@ void af_alg_async_cb(struct crypto_async_request *_req, int err) | |||
| 1036 | struct kiocb *iocb = areq->iocb; | 1048 | struct kiocb *iocb = areq->iocb; |
| 1037 | unsigned int resultlen; | 1049 | unsigned int resultlen; |
| 1038 | 1050 | ||
| 1039 | lock_sock(sk); | ||
| 1040 | |||
| 1041 | /* Buffer size written by crypto operation. */ | 1051 | /* Buffer size written by crypto operation. */ |
| 1042 | resultlen = areq->outlen; | 1052 | resultlen = areq->outlen; |
| 1043 | 1053 | ||
| 1044 | af_alg_free_areq_sgls(areq); | 1054 | af_alg_free_resources(areq); |
| 1045 | sock_kfree_s(sk, areq, areq->areqlen); | 1055 | sock_put(sk); |
| 1046 | __sock_put(sk); | ||
| 1047 | 1056 | ||
| 1048 | iocb->ki_complete(iocb, err ? err : resultlen, 0); | 1057 | iocb->ki_complete(iocb, err ? err : resultlen, 0); |
| 1049 | |||
| 1050 | release_sock(sk); | ||
| 1051 | } | 1058 | } |
| 1052 | EXPORT_SYMBOL_GPL(af_alg_async_cb); | 1059 | EXPORT_SYMBOL_GPL(af_alg_async_cb); |
| 1053 | 1060 | ||
diff --git a/crypto/algif_aead.c b/crypto/algif_aead.c index aacae0837aff..805f485ddf1b 100644 --- a/crypto/algif_aead.c +++ b/crypto/algif_aead.c | |||
| @@ -101,10 +101,10 @@ static int _aead_recvmsg(struct socket *sock, struct msghdr *msg, | |||
| 101 | struct aead_tfm *aeadc = pask->private; | 101 | struct aead_tfm *aeadc = pask->private; |
| 102 | struct crypto_aead *tfm = aeadc->aead; | 102 | struct crypto_aead *tfm = aeadc->aead; |
| 103 | struct crypto_skcipher *null_tfm = aeadc->null_tfm; | 103 | struct crypto_skcipher *null_tfm = aeadc->null_tfm; |
| 104 | unsigned int as = crypto_aead_authsize(tfm); | 104 | unsigned int i, as = crypto_aead_authsize(tfm); |
| 105 | struct af_alg_async_req *areq; | 105 | struct af_alg_async_req *areq; |
| 106 | struct af_alg_tsgl *tsgl; | 106 | struct af_alg_tsgl *tsgl, *tmp; |
| 107 | struct scatterlist *src; | 107 | struct scatterlist *rsgl_src, *tsgl_src = NULL; |
| 108 | int err = 0; | 108 | int err = 0; |
| 109 | size_t used = 0; /* [in] TX bufs to be en/decrypted */ | 109 | size_t used = 0; /* [in] TX bufs to be en/decrypted */ |
| 110 | size_t outlen = 0; /* [out] RX bufs produced by kernel */ | 110 | size_t outlen = 0; /* [out] RX bufs produced by kernel */ |
| @@ -178,7 +178,22 @@ static int _aead_recvmsg(struct socket *sock, struct msghdr *msg, | |||
| 178 | } | 178 | } |
| 179 | 179 | ||
| 180 | processed = used + ctx->aead_assoclen; | 180 | processed = used + ctx->aead_assoclen; |
| 181 | tsgl = list_first_entry(&ctx->tsgl_list, struct af_alg_tsgl, list); | 181 | list_for_each_entry_safe(tsgl, tmp, &ctx->tsgl_list, list) { |
| 182 | for (i = 0; i < tsgl->cur; i++) { | ||
| 183 | struct scatterlist *process_sg = tsgl->sg + i; | ||
| 184 | |||
| 185 | if (!(process_sg->length) || !sg_page(process_sg)) | ||
| 186 | continue; | ||
| 187 | tsgl_src = process_sg; | ||
| 188 | break; | ||
| 189 | } | ||
| 190 | if (tsgl_src) | ||
| 191 | break; | ||
| 192 | } | ||
| 193 | if (processed && !tsgl_src) { | ||
| 194 | err = -EFAULT; | ||
| 195 | goto free; | ||
| 196 | } | ||
| 182 | 197 | ||
| 183 | /* | 198 | /* |
| 184 | * Copy of AAD from source to destination | 199 | * Copy of AAD from source to destination |
| @@ -194,7 +209,7 @@ static int _aead_recvmsg(struct socket *sock, struct msghdr *msg, | |||
| 194 | */ | 209 | */ |
| 195 | 210 | ||
| 196 | /* Use the RX SGL as source (and destination) for crypto op. */ | 211 | /* Use the RX SGL as source (and destination) for crypto op. */ |
| 197 | src = areq->first_rsgl.sgl.sg; | 212 | rsgl_src = areq->first_rsgl.sgl.sg; |
| 198 | 213 | ||
| 199 | if (ctx->enc) { | 214 | if (ctx->enc) { |
| 200 | /* | 215 | /* |
| @@ -207,7 +222,7 @@ static int _aead_recvmsg(struct socket *sock, struct msghdr *msg, | |||
| 207 | * v v | 222 | * v v |
| 208 | * RX SGL: AAD || PT || Tag | 223 | * RX SGL: AAD || PT || Tag |
| 209 | */ | 224 | */ |
| 210 | err = crypto_aead_copy_sgl(null_tfm, tsgl->sg, | 225 | err = crypto_aead_copy_sgl(null_tfm, tsgl_src, |
| 211 | areq->first_rsgl.sgl.sg, processed); | 226 | areq->first_rsgl.sgl.sg, processed); |
| 212 | if (err) | 227 | if (err) |
| 213 | goto free; | 228 | goto free; |
| @@ -225,7 +240,7 @@ static int _aead_recvmsg(struct socket *sock, struct msghdr *msg, | |||
| 225 | */ | 240 | */ |
| 226 | 241 | ||
| 227 | /* Copy AAD || CT to RX SGL buffer for in-place operation. */ | 242 | /* Copy AAD || CT to RX SGL buffer for in-place operation. */ |
| 228 | err = crypto_aead_copy_sgl(null_tfm, tsgl->sg, | 243 | err = crypto_aead_copy_sgl(null_tfm, tsgl_src, |
| 229 | areq->first_rsgl.sgl.sg, outlen); | 244 | areq->first_rsgl.sgl.sg, outlen); |
| 230 | if (err) | 245 | if (err) |
| 231 | goto free; | 246 | goto free; |
| @@ -257,23 +272,34 @@ static int _aead_recvmsg(struct socket *sock, struct msghdr *msg, | |||
| 257 | areq->tsgl); | 272 | areq->tsgl); |
| 258 | } else | 273 | } else |
| 259 | /* no RX SGL present (e.g. authentication only) */ | 274 | /* no RX SGL present (e.g. authentication only) */ |
| 260 | src = areq->tsgl; | 275 | rsgl_src = areq->tsgl; |
| 261 | } | 276 | } |
| 262 | 277 | ||
| 263 | /* Initialize the crypto operation */ | 278 | /* Initialize the crypto operation */ |
| 264 | aead_request_set_crypt(&areq->cra_u.aead_req, src, | 279 | aead_request_set_crypt(&areq->cra_u.aead_req, rsgl_src, |
| 265 | areq->first_rsgl.sgl.sg, used, ctx->iv); | 280 | areq->first_rsgl.sgl.sg, used, ctx->iv); |
| 266 | aead_request_set_ad(&areq->cra_u.aead_req, ctx->aead_assoclen); | 281 | aead_request_set_ad(&areq->cra_u.aead_req, ctx->aead_assoclen); |
| 267 | aead_request_set_tfm(&areq->cra_u.aead_req, tfm); | 282 | aead_request_set_tfm(&areq->cra_u.aead_req, tfm); |
| 268 | 283 | ||
| 269 | if (msg->msg_iocb && !is_sync_kiocb(msg->msg_iocb)) { | 284 | if (msg->msg_iocb && !is_sync_kiocb(msg->msg_iocb)) { |
| 270 | /* AIO operation */ | 285 | /* AIO operation */ |
| 286 | sock_hold(sk); | ||
| 271 | areq->iocb = msg->msg_iocb; | 287 | areq->iocb = msg->msg_iocb; |
| 272 | aead_request_set_callback(&areq->cra_u.aead_req, | 288 | aead_request_set_callback(&areq->cra_u.aead_req, |
| 273 | CRYPTO_TFM_REQ_MAY_BACKLOG, | 289 | CRYPTO_TFM_REQ_MAY_BACKLOG, |
| 274 | af_alg_async_cb, areq); | 290 | af_alg_async_cb, areq); |
| 275 | err = ctx->enc ? crypto_aead_encrypt(&areq->cra_u.aead_req) : | 291 | err = ctx->enc ? crypto_aead_encrypt(&areq->cra_u.aead_req) : |
| 276 | crypto_aead_decrypt(&areq->cra_u.aead_req); | 292 | crypto_aead_decrypt(&areq->cra_u.aead_req); |
| 293 | |||
| 294 | /* AIO operation in progress */ | ||
| 295 | if (err == -EINPROGRESS || err == -EBUSY) { | ||
| 296 | /* Remember output size that will be generated. */ | ||
| 297 | areq->outlen = outlen; | ||
| 298 | |||
| 299 | return -EIOCBQUEUED; | ||
| 300 | } | ||
| 301 | |||
| 302 | sock_put(sk); | ||
| 277 | } else { | 303 | } else { |
| 278 | /* Synchronous operation */ | 304 | /* Synchronous operation */ |
| 279 | aead_request_set_callback(&areq->cra_u.aead_req, | 305 | aead_request_set_callback(&areq->cra_u.aead_req, |
| @@ -285,19 +311,9 @@ static int _aead_recvmsg(struct socket *sock, struct msghdr *msg, | |||
| 285 | &ctx->wait); | 311 | &ctx->wait); |
| 286 | } | 312 | } |
| 287 | 313 | ||
| 288 | /* AIO operation in progress */ | ||
| 289 | if (err == -EINPROGRESS) { | ||
| 290 | sock_hold(sk); | ||
| 291 | |||
| 292 | /* Remember output size that will be generated. */ | ||
| 293 | areq->outlen = outlen; | ||
| 294 | |||
| 295 | return -EIOCBQUEUED; | ||
| 296 | } | ||
| 297 | 314 | ||
| 298 | free: | 315 | free: |
| 299 | af_alg_free_areq_sgls(areq); | 316 | af_alg_free_resources(areq); |
| 300 | sock_kfree_s(sk, areq, areq->areqlen); | ||
| 301 | 317 | ||
| 302 | return err ? err : outlen; | 318 | return err ? err : outlen; |
| 303 | } | 319 | } |
diff --git a/crypto/algif_skcipher.c b/crypto/algif_skcipher.c index 9954b078f0b9..30cff827dd8f 100644 --- a/crypto/algif_skcipher.c +++ b/crypto/algif_skcipher.c | |||
| @@ -117,6 +117,7 @@ static int _skcipher_recvmsg(struct socket *sock, struct msghdr *msg, | |||
| 117 | 117 | ||
| 118 | if (msg->msg_iocb && !is_sync_kiocb(msg->msg_iocb)) { | 118 | if (msg->msg_iocb && !is_sync_kiocb(msg->msg_iocb)) { |
| 119 | /* AIO operation */ | 119 | /* AIO operation */ |
| 120 | sock_hold(sk); | ||
| 120 | areq->iocb = msg->msg_iocb; | 121 | areq->iocb = msg->msg_iocb; |
| 121 | skcipher_request_set_callback(&areq->cra_u.skcipher_req, | 122 | skcipher_request_set_callback(&areq->cra_u.skcipher_req, |
| 122 | CRYPTO_TFM_REQ_MAY_SLEEP, | 123 | CRYPTO_TFM_REQ_MAY_SLEEP, |
| @@ -124,6 +125,16 @@ static int _skcipher_recvmsg(struct socket *sock, struct msghdr *msg, | |||
| 124 | err = ctx->enc ? | 125 | err = ctx->enc ? |
| 125 | crypto_skcipher_encrypt(&areq->cra_u.skcipher_req) : | 126 | crypto_skcipher_encrypt(&areq->cra_u.skcipher_req) : |
| 126 | crypto_skcipher_decrypt(&areq->cra_u.skcipher_req); | 127 | crypto_skcipher_decrypt(&areq->cra_u.skcipher_req); |
| 128 | |||
| 129 | /* AIO operation in progress */ | ||
| 130 | if (err == -EINPROGRESS || err == -EBUSY) { | ||
| 131 | /* Remember output size that will be generated. */ | ||
| 132 | areq->outlen = len; | ||
| 133 | |||
| 134 | return -EIOCBQUEUED; | ||
| 135 | } | ||
| 136 | |||
| 137 | sock_put(sk); | ||
| 127 | } else { | 138 | } else { |
| 128 | /* Synchronous operation */ | 139 | /* Synchronous operation */ |
| 129 | skcipher_request_set_callback(&areq->cra_u.skcipher_req, | 140 | skcipher_request_set_callback(&areq->cra_u.skcipher_req, |
| @@ -136,19 +147,9 @@ static int _skcipher_recvmsg(struct socket *sock, struct msghdr *msg, | |||
| 136 | &ctx->wait); | 147 | &ctx->wait); |
| 137 | } | 148 | } |
| 138 | 149 | ||
| 139 | /* AIO operation in progress */ | ||
| 140 | if (err == -EINPROGRESS) { | ||
| 141 | sock_hold(sk); | ||
| 142 | |||
| 143 | /* Remember output size that will be generated. */ | ||
| 144 | areq->outlen = len; | ||
| 145 | |||
| 146 | return -EIOCBQUEUED; | ||
| 147 | } | ||
| 148 | 150 | ||
| 149 | free: | 151 | free: |
| 150 | af_alg_free_areq_sgls(areq); | 152 | af_alg_free_resources(areq); |
| 151 | sock_kfree_s(sk, areq, areq->areqlen); | ||
| 152 | 153 | ||
| 153 | return err ? err : len; | 154 | return err ? err : len; |
| 154 | } | 155 | } |
diff --git a/crypto/skcipher.c b/crypto/skcipher.c index d5692e35fab1..778e0ff42bfa 100644 --- a/crypto/skcipher.c +++ b/crypto/skcipher.c | |||
| @@ -522,6 +522,9 @@ static int skcipher_walk_aead_common(struct skcipher_walk *walk, | |||
| 522 | scatterwalk_copychunks(NULL, &walk->in, req->assoclen, 2); | 522 | scatterwalk_copychunks(NULL, &walk->in, req->assoclen, 2); |
| 523 | scatterwalk_copychunks(NULL, &walk->out, req->assoclen, 2); | 523 | scatterwalk_copychunks(NULL, &walk->out, req->assoclen, 2); |
| 524 | 524 | ||
| 525 | scatterwalk_done(&walk->in, 0, walk->total); | ||
| 526 | scatterwalk_done(&walk->out, 0, walk->total); | ||
| 527 | |||
| 525 | walk->iv = req->iv; | 528 | walk->iv = req->iv; |
| 526 | walk->oiv = req->iv; | 529 | walk->oiv = req->iv; |
| 527 | 530 | ||
diff --git a/include/crypto/if_alg.h b/include/crypto/if_alg.h index 6abf0a3604dc..38d9c5861ed8 100644 --- a/include/crypto/if_alg.h +++ b/include/crypto/if_alg.h | |||
| @@ -242,6 +242,7 @@ int af_alg_sendmsg(struct socket *sock, struct msghdr *msg, size_t size, | |||
| 242 | unsigned int ivsize); | 242 | unsigned int ivsize); |
| 243 | ssize_t af_alg_sendpage(struct socket *sock, struct page *page, | 243 | ssize_t af_alg_sendpage(struct socket *sock, struct page *page, |
| 244 | int offset, size_t size, int flags); | 244 | int offset, size_t size, int flags); |
| 245 | void af_alg_free_resources(struct af_alg_async_req *areq); | ||
| 245 | void af_alg_async_cb(struct crypto_async_request *_req, int err); | 246 | void af_alg_async_cb(struct crypto_async_request *_req, int err); |
| 246 | unsigned int af_alg_poll(struct file *file, struct socket *sock, | 247 | unsigned int af_alg_poll(struct file *file, struct socket *sock, |
| 247 | poll_table *wait); | 248 | poll_table *wait); |