linux-crypto.vger.kernel.org archive mirror
 help / color / mirror / Atom feed
* [PATCH 1/1] crypto:algif_aead - Fix kernel panic on list_del
@ 2017-02-01 15:40 Harsh Jain
  2017-02-01 15:47 ` Stephan Müller
  0 siblings, 1 reply; 2+ messages in thread
From: Harsh Jain @ 2017-02-01 15:40 UTC (permalink / raw)
  To: smueller, herbert, atul.gupta, harshjain.prof, linux-crypto; +Cc: Harsh Jain

Kernel panics when userspace program try to access AEAD interface.
Remove node from Linked List before freeing its memory.

Signed-off-by: Harsh Jain <harsh@chelsio.com>
---
 crypto/algif_aead.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/crypto/algif_aead.c b/crypto/algif_aead.c
index f849311..533265f 100644
--- a/crypto/algif_aead.c
+++ b/crypto/algif_aead.c
@@ -661,9 +661,9 @@ static int aead_recvmsg_sync(struct socket *sock, struct msghdr *msg, int flags)
 unlock:
 	list_for_each_entry_safe(rsgl, tmp, &ctx->list, list) {
 		af_alg_free_sg(&rsgl->sgl);
+		list_del(&rsgl->list);
 		if (rsgl != &ctx->first_rsgl)
 			sock_kfree_s(sk, rsgl, sizeof(*rsgl));
-		list_del(&rsgl->list);
 	}
 	INIT_LIST_HEAD(&ctx->list);
 	aead_wmem_wakeup(sk);
-- 
1.8.2.3

^ permalink raw reply	[flat|nested] 2+ messages in thread

* Re: [PATCH 1/1] crypto:algif_aead - Fix kernel panic on list_del
  2017-02-01 15:40 [PATCH 1/1] crypto:algif_aead - Fix kernel panic on list_del Harsh Jain
@ 2017-02-01 15:47 ` Stephan Müller
  0 siblings, 0 replies; 2+ messages in thread
From: Stephan Müller @ 2017-02-01 15:47 UTC (permalink / raw)
  To: Harsh Jain; +Cc: herbert, atul.gupta, harshjain.prof, linux-crypto

Am Mittwoch, 1. Februar 2017, 21:10:28 CET schrieb Harsh Jain:

Hi Harsh,

> Kernel panics when userspace program try to access AEAD interface.
> Remove node from Linked List before freeing its memory.

Very good catch. Thank you.

Reviewed-by: Stephan Müller <smueller@chronox.de>

(PS: Herbert, in case you want to apply my patches regarding fixing the memory 
management for algif_aead and algif_skcipher, please note that this error is 
in the new function aead_free_rsgl/skcipher_free_sgl. Thus, if you think that 
my approach is good after all, I will need to re-send the patch.)

Ciao
Stephan

^ permalink raw reply	[flat|nested] 2+ messages in thread

end of thread, other threads:[~2017-02-01 15:48 UTC | newest]

Thread overview: 2+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2017-02-01 15:40 [PATCH 1/1] crypto:algif_aead - Fix kernel panic on list_del Harsh Jain
2017-02-01 15:47 ` Stephan Müller

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).