* [syzbot] memory leak in crypto_create_tfm_node
@ 2022-10-11 20:46 syzbot
2022-10-11 21:38 ` [PATCH] fscrypt: fix keyring memory leak on mount failure Eric Biggers
2022-10-12 9:23 ` [syzbot] memory leak in crypto_create_tfm_node Herbert Xu
0 siblings, 2 replies; 8+ messages in thread
From: syzbot @ 2022-10-11 20:46 UTC (permalink / raw)
To: davem, herbert, linux-crypto, linux-kernel, syzkaller-bugs
Hello,
syzbot found the following issue on:
HEAD commit: 4c86114194e6 Merge tag 'iomap-6.1-merge-1' of git://git.ke..
git tree: upstream
console output: https://syzkaller.appspot.com/x/log.txt?x=104827bc880000
kernel config: https://syzkaller.appspot.com/x/.config?x=10f41fbb818af57a
dashboard link: https://syzkaller.appspot.com/bug?extid=104c2a89561289cec13e
compiler: gcc (Debian 10.2.1-6) 10.2.1 20210110, GNU ld (GNU Binutils for Debian) 2.35.2
syz repro: https://syzkaller.appspot.com/x/repro.syz?x=17a1d5fa880000
C reproducer: https://syzkaller.appspot.com/x/repro.c?x=12f77e34880000
Downloadable assets:
disk image: https://storage.googleapis.com/syzbot-assets/47a35ffaaa39/disk-4c861141.raw.xz
vmlinux: https://storage.googleapis.com/syzbot-assets/cc11d48eaf17/vmlinux-4c861141.xz
mounted in repro: https://storage.googleapis.com/syzbot-assets/c14465c5ddba/mount_0.gz
IMPORTANT: if you fix the issue, please add the following tag to the commit:
Reported-by: syzbot+104c2a89561289cec13e@syzkaller.appspotmail.com
BUG: memory leak
unreferenced object 0xffff8881024bd800 (size 512):
comm "syz-executor361", pid 3670, jiffies 4294954234 (age 21.340s)
hex dump (first 32 bytes):
d8 00 00 00 00 00 00 00 00 00 00 00 ff ff ff ff ................
e0 be 2a 82 ff ff ff ff 68 fc 1c 08 81 88 ff ff ..*.....h.......
backtrace:
[<ffffffff822a2f30>] kmalloc_node include/linux/slab.h:623 [inline]
[<ffffffff822a2f30>] kzalloc_node include/linux/slab.h:744 [inline]
[<ffffffff822a2f30>] crypto_create_tfm_node+0x30/0x130 crypto/api.c:504
[<ffffffff822a3816>] crypto_alloc_tfm_node+0x96/0x180 crypto/api.c:588
[<ffffffff8168ccdc>] fscrypt_init_hkdf+0x3c/0x180 fs/crypto/hkdf.c:75
[<ffffffff8168eb90>] add_master_key+0x160/0x370 fs/crypto/keyring.c:535
[<ffffffff8168f233>] fscrypt_add_test_dummy_key+0x93/0xc0 fs/crypto/keyring.c:801
[<ffffffff8180b59a>] ext4_check_test_dummy_encryption fs/ext4/super.c:2680 [inline]
[<ffffffff8180b59a>] ext4_check_opt_consistency+0x79a/0xb80 fs/ext4/super.c:2735
[<ffffffff818119f6>] __ext4_fill_super fs/ext4/super.c:5095 [inline]
[<ffffffff818119f6>] ext4_fill_super+0xb66/0x5080 fs/ext4/super.c:5648
[<ffffffff815e7851>] get_tree_bdev+0x1f1/0x320 fs/super.c:1323
[<ffffffff815e5a88>] vfs_get_tree+0x28/0x100 fs/super.c:1530
[<ffffffff81629be7>] do_new_mount fs/namespace.c:3040 [inline]
[<ffffffff81629be7>] path_mount+0xc37/0x10d0 fs/namespace.c:3370
[<ffffffff8162a7ce>] do_mount fs/namespace.c:3383 [inline]
[<ffffffff8162a7ce>] __do_sys_mount fs/namespace.c:3591 [inline]
[<ffffffff8162a7ce>] __se_sys_mount fs/namespace.c:3568 [inline]
[<ffffffff8162a7ce>] __x64_sys_mount+0x18e/0x1d0 fs/namespace.c:3568
[<ffffffff8460f1e5>] do_syscall_x64 arch/x86/entry/common.c:50 [inline]
[<ffffffff8460f1e5>] do_syscall_64+0x35/0xb0 arch/x86/entry/common.c:80
[<ffffffff84800087>] entry_SYSCALL_64_after_hwframe+0x63/0xcd
BUG: memory leak
unreferenced object 0xffff88810eb2e740 (size 32):
comm "syz-executor361", pid 3670, jiffies 4294954234 (age 21.340s)
hex dump (first 32 bytes):
d0 00 00 00 00 00 00 00 00 00 00 00 ff ff ff ff ................
00 00 00 00 00 00 00 00 20 cb c7 85 ff ff ff ff ........ .......
backtrace:
[<ffffffff822a2f30>] kmalloc_node include/linux/slab.h:623 [inline]
[<ffffffff822a2f30>] kzalloc_node include/linux/slab.h:744 [inline]
[<ffffffff822a2f30>] crypto_create_tfm_node+0x30/0x130 crypto/api.c:504
[<ffffffff822a50f5>] crypto_create_tfm crypto/internal.h:92 [inline]
[<ffffffff822a50f5>] crypto_spawn_tfm2+0x45/0x90 crypto/algapi.c:803
[<ffffffff822b4c1b>] crypto_spawn_shash include/crypto/internal/hash.h:231 [inline]
[<ffffffff822b4c1b>] hmac_init_tfm+0x3b/0xa0 crypto/hmac.c:152
[<ffffffff822ac8c7>] crypto_shash_init_tfm+0x77/0xf0 crypto/shash.c:440
[<ffffffff822a2f52>] crypto_create_tfm_node+0x52/0x130 crypto/api.c:512
[<ffffffff822a3816>] crypto_alloc_tfm_node+0x96/0x180 crypto/api.c:588
[<ffffffff8168ccdc>] fscrypt_init_hkdf+0x3c/0x180 fs/crypto/hkdf.c:75
[<ffffffff8168eb90>] add_master_key+0x160/0x370 fs/crypto/keyring.c:535
[<ffffffff8168f233>] fscrypt_add_test_dummy_key+0x93/0xc0 fs/crypto/keyring.c:801
[<ffffffff8180b59a>] ext4_check_test_dummy_encryption fs/ext4/super.c:2680 [inline]
[<ffffffff8180b59a>] ext4_check_opt_consistency+0x79a/0xb80 fs/ext4/super.c:2735
[<ffffffff818119f6>] __ext4_fill_super fs/ext4/super.c:5095 [inline]
[<ffffffff818119f6>] ext4_fill_super+0xb66/0x5080 fs/ext4/super.c:5648
[<ffffffff815e7851>] get_tree_bdev+0x1f1/0x320 fs/super.c:1323
[<ffffffff815e5a88>] vfs_get_tree+0x28/0x100 fs/super.c:1530
[<ffffffff81629be7>] do_new_mount fs/namespace.c:3040 [inline]
[<ffffffff81629be7>] path_mount+0xc37/0x10d0 fs/namespace.c:3370
[<ffffffff8162a7ce>] do_mount fs/namespace.c:3383 [inline]
[<ffffffff8162a7ce>] __do_sys_mount fs/namespace.c:3591 [inline]
[<ffffffff8162a7ce>] __se_sys_mount fs/namespace.c:3568 [inline]
[<ffffffff8162a7ce>] __x64_sys_mount+0x18e/0x1d0 fs/namespace.c:3568
[<ffffffff8460f1e5>] do_syscall_x64 arch/x86/entry/common.c:50 [inline]
[<ffffffff8460f1e5>] do_syscall_64+0x35/0xb0 arch/x86/entry/common.c:80
BUG: memory leak
unreferenced object 0xffff88810a9a1800 (size 2048):
comm "syz-executor361", pid 3670, jiffies 4294954234 (age 21.340s)
hex dump (first 32 bytes):
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
backtrace:
[<ffffffff8168ecf6>] kmalloc include/linux/slab.h:600 [inline]
[<ffffffff8168ecf6>] kzalloc include/linux/slab.h:733 [inline]
[<ffffffff8168ecf6>] allocate_filesystem_keyring fs/crypto/keyring.c:194 [inline]
[<ffffffff8168ecf6>] do_add_master_key fs/crypto/keyring.c:502 [inline]
[<ffffffff8168ecf6>] add_master_key+0x2c6/0x370 fs/crypto/keyring.c:554
[<ffffffff8168f233>] fscrypt_add_test_dummy_key+0x93/0xc0 fs/crypto/keyring.c:801
[<ffffffff8180b59a>] ext4_check_test_dummy_encryption fs/ext4/super.c:2680 [inline]
[<ffffffff8180b59a>] ext4_check_opt_consistency+0x79a/0xb80 fs/ext4/super.c:2735
[<ffffffff818119f6>] __ext4_fill_super fs/ext4/super.c:5095 [inline]
[<ffffffff818119f6>] ext4_fill_super+0xb66/0x5080 fs/ext4/super.c:5648
[<ffffffff815e7851>] get_tree_bdev+0x1f1/0x320 fs/super.c:1323
[<ffffffff815e5a88>] vfs_get_tree+0x28/0x100 fs/super.c:1530
[<ffffffff81629be7>] do_new_mount fs/namespace.c:3040 [inline]
[<ffffffff81629be7>] path_mount+0xc37/0x10d0 fs/namespace.c:3370
[<ffffffff8162a7ce>] do_mount fs/namespace.c:3383 [inline]
[<ffffffff8162a7ce>] __do_sys_mount fs/namespace.c:3591 [inline]
[<ffffffff8162a7ce>] __se_sys_mount fs/namespace.c:3568 [inline]
[<ffffffff8162a7ce>] __x64_sys_mount+0x18e/0x1d0 fs/namespace.c:3568
[<ffffffff8460f1e5>] do_syscall_x64 arch/x86/entry/common.c:50 [inline]
[<ffffffff8460f1e5>] do_syscall_64+0x35/0xb0 arch/x86/entry/common.c:80
[<ffffffff84800087>] entry_SYSCALL_64_after_hwframe+0x63/0xcd
BUG: memory leak
unreferenced object 0xffff88810a820800 (size 1024):
comm "syz-executor361", pid 3670, jiffies 4294954234 (age 21.340s)
hex dump (first 32 bytes):
00 b0 a4 0e 81 88 ff ff 00 00 00 00 00 00 00 00 ................
58 19 9a 0a 81 88 ff ff 00 00 00 00 00 00 00 00 X...............
backtrace:
[<ffffffff8168e25a>] kmalloc include/linux/slab.h:600 [inline]
[<ffffffff8168e25a>] kzalloc include/linux/slab.h:733 [inline]
[<ffffffff8168e25a>] add_new_master_key+0x4a/0x250 fs/crypto/keyring.c:418
[<ffffffff8168ec10>] do_add_master_key fs/crypto/keyring.c:504 [inline]
[<ffffffff8168ec10>] add_master_key+0x1e0/0x370 fs/crypto/keyring.c:554
[<ffffffff8168f233>] fscrypt_add_test_dummy_key+0x93/0xc0 fs/crypto/keyring.c:801
[<ffffffff8180b59a>] ext4_check_test_dummy_encryption fs/ext4/super.c:2680 [inline]
[<ffffffff8180b59a>] ext4_check_opt_consistency+0x79a/0xb80 fs/ext4/super.c:2735
[<ffffffff818119f6>] __ext4_fill_super fs/ext4/super.c:5095 [inline]
[<ffffffff818119f6>] ext4_fill_super+0xb66/0x5080 fs/ext4/super.c:5648
[<ffffffff815e7851>] get_tree_bdev+0x1f1/0x320 fs/super.c:1323
[<ffffffff815e5a88>] vfs_get_tree+0x28/0x100 fs/super.c:1530
[<ffffffff81629be7>] do_new_mount fs/namespace.c:3040 [inline]
[<ffffffff81629be7>] path_mount+0xc37/0x10d0 fs/namespace.c:3370
[<ffffffff8162a7ce>] do_mount fs/namespace.c:3383 [inline]
[<ffffffff8162a7ce>] __do_sys_mount fs/namespace.c:3591 [inline]
[<ffffffff8162a7ce>] __se_sys_mount fs/namespace.c:3568 [inline]
[<ffffffff8162a7ce>] __x64_sys_mount+0x18e/0x1d0 fs/namespace.c:3568
[<ffffffff8460f1e5>] do_syscall_x64 arch/x86/entry/common.c:50 [inline]
[<ffffffff8460f1e5>] do_syscall_64+0x35/0xb0 arch/x86/entry/common.c:80
[<ffffffff84800087>] entry_SYSCALL_64_after_hwframe+0x63/0xcd
BUG: memory leak
unreferenced object 0xffff8881024bd800 (size 512):
comm "syz-executor361", pid 3670, jiffies 4294954234 (age 24.890s)
hex dump (first 32 bytes):
d8 00 00 00 00 00 00 00 00 00 00 00 ff ff ff ff ................
e0 be 2a 82 ff ff ff ff 68 fc 1c 08 81 88 ff ff ..*.....h.......
backtrace:
[<ffffffff822a2f30>] kmalloc_node include/linux/slab.h:623 [inline]
[<ffffffff822a2f30>] kzalloc_node include/linux/slab.h:744 [inline]
[<ffffffff822a2f30>] crypto_create_tfm_node+0x30/0x130 crypto/api.c:504
[<ffffffff822a3816>] crypto_alloc_tfm_node+0x96/0x180 crypto/api.c:588
[<ffffffff8168ccdc>] fscrypt_init_hkdf+0x3c/0x180 fs/crypto/hkdf.c:75
[<ffffffff8168eb90>] add_master_key+0x160/0x370 fs/crypto/keyring.c:535
[<ffffffff8168f233>] fscrypt_add_test_dummy_key+0x93/0xc0 fs/crypto/keyring.c:801
[<ffffffff8180b59a>] ext4_check_test_dummy_encryption fs/ext4/super.c:2680 [inline]
[<ffffffff8180b59a>] ext4_check_opt_consistency+0x79a/0xb80 fs/ext4/super.c:2735
[<ffffffff818119f6>] __ext4_fill_super fs/ext4/super.c:5095 [inline]
[<ffffffff818119f6>] ext4_fill_super+0xb66/0x5080 fs/ext4/super.c:5648
[<ffffffff815e7851>] get_tree_bdev+0x1f1/0x320 fs/super.c:1323
[<ffffffff815e5a88>] vfs_get_tree+0x28/0x100 fs/super.c:1530
[<ffffffff81629be7>] do_new_mount fs/namespace.c:3040 [inline]
[<ffffffff81629be7>] path_mount+0xc37/0x10d0 fs/namespace.c:3370
[<ffffffff8162a7ce>] do_mount fs/namespace.c:3383 [inline]
[<ffffffff8162a7ce>] __do_sys_mount fs/namespace.c:3591 [inline]
[<ffffffff8162a7ce>] __se_sys_mount fs/namespace.c:3568 [inline]
[<ffffffff8162a7ce>] __x64_sys_mount+0x18e/0x1d0 fs/namespace.c:3568
[<ffffffff8460f1e5>] do_syscall_x64 arch/x86/entry/common.c:50 [inline]
[<ffffffff8460f1e5>] do_syscall_64+0x35/0xb0 arch/x86/entry/common.c:80
[<ffffffff84800087>] entry_SYSCALL_64_after_hwframe+0x63/0xcd
BUG: memory leak
unreferenced object 0xffff88810eb2e740 (size 32):
comm "syz-executor361", pid 3670, jiffies 4294954234 (age 24.890s)
hex dump (first 32 bytes):
d0 00 00 00 00 00 00 00 00 00 00 00 ff ff ff ff ................
00 00 00 00 00 00 00 00 20 cb c7 85 ff ff ff ff ........ .......
backtrace:
[<ffffffff822a2f30>] kmalloc_node include/linux/slab.h:623 [inline]
[<ffffffff822a2f30>] kzalloc_node include/linux/slab.h:744 [inline]
[<ffffffff822a2f30>] crypto_create_tfm_node+0x30/0x130 crypto/api.c:504
[<ffffffff822a50f5>] crypto_create_tfm crypto/internal.h:92 [inline]
[<ffffffff822a50f5>] crypto_spawn_tfm2+0x45/0x90 crypto/algapi.c:803
[<ffffffff822b4c1b>] crypto_spawn_shash include/crypto/internal/hash.h:231 [inline]
[<ffffffff822b4c1b>] hmac_init_tfm+0x3b/0xa0 crypto/hmac.c:152
[<ffffffff822ac8c7>] crypto_shash_init_tfm+0x77/0xf0 crypto/shash.c:440
[<ffffffff822a2f52>] crypto_create_tfm_node+0x52/0x130 crypto/api.c:512
[<ffffffff822a3816>] crypto_alloc_tfm_node+0x96/0x180 crypto/api.c:588
[<ffffffff8168ccdc>] fscrypt_init_hkdf+0x3c/0x180 fs/crypto/hkdf.c:75
[<ffffffff8168eb90>] add_master_key+0x160/0x370 fs/crypto/keyring.c:535
[<ffffffff8168f233>] fscrypt_add_test_dummy_key+0x93/0xc0 fs/crypto/keyring.c:801
[<ffffffff8180b59a>] ext4_check_test_dummy_encryption fs/ext4/super.c:2680 [inline]
[<ffffffff8180b59a>] ext4_check_opt_consistency+0x79a/0xb80 fs/ext4/super.c:2735
[<ffffffff818119f6>] __ext4_fill_super fs/ext4/super.c:5095 [inline]
[<ffffffff818119f6>] ext4_fill_super+0xb66/0x5080 fs/ext4/super.c:5648
[<ffffffff815e7851>] get_tree_bdev+0x1f1/0x320 fs/super.c:1323
[<ffffffff815e5a88>] vfs_get_tree+0x28/0x100 fs/super.c:1530
[<ffffffff81629be7>] do_new_mount fs/namespace.c:3040 [inline]
[<ffffffff81629be7>] path_mount+0xc37/0x10d0 fs/namespace.c:3370
[<ffffffff8162a7ce>] do_mount fs/namespace.c:3383 [inline]
[<ffffffff8162a7ce>] __do_sys_mount fs/namespace.c:3591 [inline]
[<ffffffff8162a7ce>] __se_sys_mount fs/namespace.c:3568 [inline]
[<ffffffff8162a7ce>] __x64_sys_mount+0x18e/0x1d0 fs/namespace.c:3568
[<ffffffff8460f1e5>] do_syscall_x64 arch/x86/entry/common.c:50 [inline]
[<ffffffff8460f1e5>] do_syscall_64+0x35/0xb0 arch/x86/entry/common.c:80
BUG: memory leak
unreferenced object 0xffff88810a9a1800 (size 2048):
comm "syz-executor361", pid 3670, jiffies 4294954234 (age 24.890s)
hex dump (first 32 bytes):
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
backtrace:
[<ffffffff8168ecf6>] kmalloc include/linux/slab.h:600 [inline]
[<ffffffff8168ecf6>] kzalloc include/linux/slab.h:733 [inline]
[<ffffffff8168ecf6>] allocate_filesystem_keyring fs/crypto/keyring.c:194 [inline]
[<ffffffff8168ecf6>] do_add_master_key fs/crypto/keyring.c:502 [inline]
[<ffffffff8168ecf6>] add_master_key+0x2c6/0x370 fs/crypto/keyring.c:554
[<ffffffff8168f233>] fscrypt_add_test_dummy_key+0x93/0xc0 fs/crypto/keyring.c:801
[<ffffffff8180b59a>] ext4_check_test_dummy_encryption fs/ext4/super.c:2680 [inline]
[<ffffffff8180b59a>] ext4_check_opt_consistency+0x79a/0xb80 fs/ext4/super.c:2735
[<ffffffff818119f6>] __ext4_fill_super fs/ext4/super.c:5095 [inline]
[<ffffffff818119f6>] ext4_fill_super+0xb66/0x5080 fs/ext4/super.c:5648
[<ffffffff815e7851>] get_tree_bdev+0x1f1/0x320 fs/super.c:1323
[<ffffffff815e5a88>] vfs_get_tree+0x28/0x100 fs/super.c:1530
[<ffffffff81629be7>] do_new_mount fs/namespace.c:3040 [inline]
[<ffffffff81629be7>] path_mount+0xc37/0x10d0 fs/namespace.c:3370
[<ffffffff8162a7ce>] do_mount fs/namespace.c:3383 [inline]
[<ffffffff8162a7ce>] __do_sys_mount fs/namespace.c:3591 [inline]
[<ffffffff8162a7ce>] __se_sys_mount fs/namespace.c:3568 [inline]
[<ffffffff8162a7ce>] __x64_sys_mount+0x18e/0x1d0 fs/namespace.c:3568
[<ffffffff8460f1e5>] do_syscall_x64 arch/x86/entry/common.c:50 [inline]
[<ffffffff8460f1e5>] do_syscall_64+0x35/0xb0 arch/x86/entry/common.c:80
[<ffffffff84800087>] entry_SYSCALL_64_after_hwframe+0x63/0xcd
BUG: memory leak
unreferenced object 0xffff88810a820800 (size 1024):
comm "syz-executor361", pid 3670, jiffies 4294954234 (age 24.890s)
hex dump (first 32 bytes):
00 b0 a4 0e 81 88 ff ff 00 00 00 00 00 00 00 00 ................
58 19 9a 0a 81 88 ff ff 00 00 00 00 00 00 00 00 X...............
backtrace:
[<ffffffff8168e25a>] kmalloc include/linux/slab.h:600 [inline]
[<ffffffff8168e25a>] kzalloc include/linux/slab.h:733 [inline]
[<ffffffff8168e25a>] add_new_master_key+0x4a/0x250 fs/crypto/keyring.c:418
[<ffffffff8168ec10>] do_add_master_key fs/crypto/keyring.c:504 [inline]
[<ffffffff8168ec10>] add_master_key+0x1e0/0x370 fs/crypto/keyring.c:554
[<ffffffff8168f233>] fscrypt_add_test_dummy_key+0x93/0xc0 fs/crypto/keyring.c:801
[<ffffffff8180b59a>] ext4_check_test_dummy_encryption fs/ext4/super.c:2680 [inline]
[<ffffffff8180b59a>] ext4_check_opt_consistency+0x79a/0xb80 fs/ext4/super.c:2735
[<ffffffff818119f6>] __ext4_fill_super fs/ext4/super.c:5095 [inline]
[<ffffffff818119f6>] ext4_fill_super+0xb66/0x5080 fs/ext4/super.c:5648
[<ffffffff815e7851>] get_tree_bdev+0x1f1/0x320 fs/super.c:1323
[<ffffffff815e5a88>] vfs_get_tree+0x28/0x100 fs/super.c:1530
[<ffffffff81629be7>] do_new_mount fs/namespace.c:3040 [inline]
[<ffffffff81629be7>] path_mount+0xc37/0x10d0 fs/namespace.c:3370
[<ffffffff8162a7ce>] do_mount fs/namespace.c:3383 [inline]
[<ffffffff8162a7ce>] __do_sys_mount fs/namespace.c:3591 [inline]
[<ffffffff8162a7ce>] __se_sys_mount fs/namespace.c:3568 [inline]
[<ffffffff8162a7ce>] __x64_sys_mount+0x18e/0x1d0 fs/namespace.c:3568
[<ffffffff8460f1e5>] do_syscall_x64 arch/x86/entry/common.c:50 [inline]
[<ffffffff8460f1e5>] do_syscall_64+0x35/0xb0 arch/x86/entry/common.c:80
[<ffffffff84800087>] entry_SYSCALL_64_after_hwframe+0x63/0xcd
BUG: memory leak
unreferenced object 0xffff8881024bd800 (size 512):
comm "syz-executor361", pid 3670, jiffies 4294954234 (age 27.260s)
hex dump (first 32 bytes):
d8 00 00 00 00 00 00 00 00 00 00 00 ff ff ff ff ................
e0 be 2a 82 ff ff ff ff 68 fc 1c 08 81 88 ff ff ..*.....h.......
backtrace:
[<ffffffff822a2f30>] kmalloc_node include/linux/slab.h:623 [inline]
[<ffffffff822a2f30>] kzalloc_node include/linux/slab.h:744 [inline]
[<ffffffff822a2f30>] crypto_create_tfm_node+0x30/0x130 crypto/api.c:504
[<ffffffff822a3816>] crypto_alloc_tfm_node+0x96/0x180 crypto/api.c:588
[<ffffffff8168ccdc>] fscrypt_init_hkdf+0x3c/0x180 fs/crypto/hkdf.c:75
[<ffffffff8168eb90>] add_master_key+0x160/0x370 fs/crypto/keyring.c:535
[<ffffffff8168f233>] fscrypt_add_test_dummy_key+0x93/0xc0 fs/crypto/keyring.c:801
[<ffffffff8180b59a>] ext4_check_test_dummy_encryption fs/ext4/super.c:2680 [inline]
[<ffffffff8180b59a>] ext4_check_opt_consistency+0x79a/0xb80 fs/ext4/super.c:2735
[<ffffffff818119f6>] __ext4_fill_super fs/ext4/super.c:5095 [inline]
[<ffffffff818119f6>] ext4_fill_super+0xb66/0x5080 fs/ext4/super.c:5648
[<ffffffff815e7851>] get_tree_bdev+0x1f1/0x320 fs/super.c:1323
[<ffffffff815e5a88>] vfs_get_tree+0x28/0x100 fs/super.c:1530
[<ffffffff81629be7>] do_new_mount fs/namespace.c:3040 [inline]
[<ffffffff81629be7>] path_mount+0xc37/0x10d0 fs/namespace.c:3370
[<ffffffff8162a7ce>] do_mount fs/namespace.c:3383 [inline]
[<ffffffff8162a7ce>] __do_sys_mount fs/namespace.c:3591 [inline]
[<ffffffff8162a7ce>] __se_sys_mount fs/namespace.c:3568 [inline]
[<ffffffff8162a7ce>] __x64_sys_mount+0x18e/0x1d0 fs/namespace.c:3568
[<ffffffff8460f1e5>] do_syscall_x64 arch/x86/entry/common.c:50 [inline]
[<ffffffff8460f1e5>] do_syscall_64+0x35/0xb0 arch/x86/entry/common.c:80
[<ffffffff84800087>] entry_SYSCALL_64_after_hwframe+0x63/0xcd
BUG: memory leak
unreferenced object 0xffff88810eb2e740 (size 32):
comm "syz-executor361", pid 3670, jiffies 4294954234 (age 27.260s)
hex dump (first 32 bytes):
d0 00 00 00 00 00 00 00 00 00 00 00 ff ff ff ff ................
00 00 00 00 00 00 00 00 20 cb c7 85 ff ff ff ff ........ .......
backtrace:
[<ffffffff822a2f30>] kmalloc_node include/linux/slab.h:623 [inline]
[<ffffffff822a2f30>] kzalloc_node include/linux/slab.h:744 [inline]
[<ffffffff822a2f30>] crypto_create_tfm_node+0x30/0x130 crypto/api.c:504
[<ffffffff822a50f5>] crypto_create_tfm crypto/internal.h:92 [inline]
[<ffffffff822a50f5>] crypto_spawn_tfm2+0x45/0x90 crypto/algapi.c:803
[<ffffffff822b4c1b>] crypto_spawn_shash include/crypto/internal/hash.h:231 [inline]
[<ffffffff822b4c1b>] hmac_init_tfm+0x3b/0xa0 crypto/hmac.c:152
[<ffffffff822ac8c7>] crypto_shash_init_tfm+0x77/0xf0 crypto/shash.c:440
[<ffffffff822a2f52>] crypto_create_tfm_node+0x52/0x130 crypto/api.c:512
[<ffffffff822a3816>] crypto_alloc_tfm_node+0x96/0x180 crypto/api.c:588
[<ffffffff8168ccdc>] fscrypt_init_hkdf+0x3c/0x180 fs/crypto/hkdf.c:75
[<ffffffff8168eb90>] add_master_key+0x160/0x370 fs/crypto/keyring.c:535
[<ffffffff8168f233>] fscrypt_add_test_dummy_key+0x93/0xc0 fs/crypto/keyring.c:801
[<ffffffff8180b59a>] ext4_check_test_dummy_encryption fs/ext4/super.c:2680 [inline]
[<ffffffff8180b59a>] ext4_check_opt_consistency+0x79a/0xb80 fs/ext4/super.c:2735
[<ffffffff818119f6>] __ext4_fill_super fs/ext4/super.c:5095 [inline]
[<ffffffff818119f6>] ext4_fill_super+0xb66/0x5080 fs/ext4/super.c:5648
[<ffffffff815e7851>] get_tree_bdev+0x1f1/0x320 fs/super.c:1323
[<ffffffff815e5a88>] vfs_get_tree+0x28/0x100 fs/super.c:1530
[<ffffffff81629be7>] do_new_mount fs/namespace.c:3040 [inline]
[<ffffffff81629be7>] path_mount+0xc37/0x10d0 fs/namespace.c:3370
[<ffffffff8162a7ce>] do_mount fs/namespace.c:3383 [inline]
[<ffffffff8162a7ce>] __do_sys_mount fs/namespace.c:3591 [inline]
[<ffffffff8162a7ce>] __se_sys_mount fs/namespace.c:3568 [inline]
[<ffffffff8162a7ce>] __x64_sys_mount+0x18e/0x1d0 fs/namespace.c:3568
[<ffffffff8460f1e5>] do_syscall_x64 arch/x86/entry/common.c:50 [inline]
[<ffffffff8460f1e5>] do_syscall_64+0x35/0xb0 arch/x86/entry/common.c:80
BUG: memory leak
unreferenced object 0xffff88810a9a1800 (size 2048):
comm "syz-executor361", pid 3670, jiffies 4294954234 (age 27.260s)
hex dump (first 32 bytes):
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
backtrace:
[<ffffffff8168ecf6>] kmalloc include/linux/slab.h:600 [inline]
[<ffffffff8168ecf6>] kzalloc include/linux/slab.h:733 [inline]
[<ffffffff8168ecf6>] allocate_filesystem_keyring fs/crypto/keyring.c:194 [inline]
[<ffffffff8168ecf6>] do_add_master_key fs/crypto/keyring.c:502 [inline]
[<ffffffff8168ecf6>] add_master_key+0x2c6/0x370 fs/crypto/keyring.c:554
[<ffffffff8168f233>] fscrypt_add_test_dummy_key+0x93/0xc0 fs/crypto/keyring.c:801
[<ffffffff8180b59a>] ext4_check_test_dummy_encryption fs/ext4/super.c:2680 [inline]
[<ffffffff8180b59a>] ext4_check_opt_consistency+0x79a/0xb80 fs/ext4/super.c:2735
[<ffffffff818119f6>] __ext4_fill_super fs/ext4/super.c:5095 [inline]
[<ffffffff818119f6>] ext4_fill_super+0xb66/0x5080 fs/ext4/super.c:5648
[<ffffffff815e7851>] get_tree_bdev+0x1f1/0x320 fs/super.c:1323
[<ffffffff815e5a88>] vfs_get_tree+0x28/0x100 fs/super.c:1530
[<ffffffff81629be7>] do_new_mount fs/namespace.c:3040 [inline]
[<ffffffff81629be7>] path_mount+0xc37/0x10d0 fs/namespace.c:3370
[<ffffffff8162a7ce>] do_mount fs/namespace.c:3383 [inline]
[<ffffffff8162a7ce>] __do_sys_mount fs/namespace.c:3591 [inline]
[<ffffffff8162a7ce>] __se_sys_mount fs/namespace.c:3568 [inline]
[<ffffffff8162a7ce>] __x64_sys_mount+0x18e/0x1d0 fs/namespace.c:3568
[<ffffffff8460f1e5>] do_syscall_x64 arch/x86/entry/common.c:50 [inline]
[<ffffffff8460f1e5>] do_syscall_64+0x35/0xb0 arch/x86/entry/common.c:80
[<ffffffff84800087>] entry_SYSCALL_64_after_hwframe+0x63/0xcd
BUG: memory leak
unreferenced object 0xffff88810a820800 (size 1024):
comm "syz-executor361", pid 3670, jiffies 4294954234 (age 27.260s)
hex dump (first 32 bytes):
00 b0 a4 0e 81 88 ff ff 00 00 00 00 00 00 00 00 ................
58 19 9a 0a 81 88 ff ff 00 00 00 00 00 00 00 00 X...............
backtrace:
[<ffffffff8168e25a>] kmalloc include/linux/slab.h:600 [inline]
[<ffffffff8168e25a>] kzalloc include/linux/slab.h:733 [inline]
[<ffffffff8168e25a>] add_new_master_key+0x4a/0x250 fs/crypto/keyring.c:418
[<ffffffff8168ec10>] do_add_master_key fs/crypto/keyring.c:504 [inline]
[<ffffffff8168ec10>] add_master_key+0x1e0/0x370 fs/crypto/keyring.c:554
[<ffffffff8168f233>] fscrypt_add_test_dummy_key+0x93/0xc0 fs/crypto/keyring.c:801
[<ffffffff8180b59a>] ext4_check_test_dummy_encryption fs/ext4/super.c:2680 [inline]
[<ffffffff8180b59a>] ext4_check_opt_consistency+0x79a/0xb80 fs/ext4/super.c:2735
[<ffffffff818119f6>] __ext4_fill_super fs/ext4/super.c:5095 [inline]
[<ffffffff818119f6>] ext4_fill_super+0xb66/0x5080 fs/ext4/super.c:5648
[<ffffffff815e7851>] get_tree_bdev+0x1f1/0x320 fs/super.c:1323
[<ffffffff815e5a88>] vfs_get_tree+0x28/0x100 fs/super.c:1530
[<ffffffff81629be7>] do_new_mount fs/namespace.c:3040 [inline]
[<ffffffff81629be7>] path_mount+0xc37/0x10d0 fs/namespace.c:3370
[<ffffffff8162a7ce>] do_mount fs/namespace.c:3383 [inline]
[<ffffffff8162a7ce>] __do_sys_mount fs/namespace.c:3591 [inline]
[<ffffffff8162a7ce>] __se_sys_mount fs/namespace.c:3568 [inline]
[<ffffffff8162a7ce>] __x64_sys_mount+0x18e/0x1d0 fs/namespace.c:3568
[<ffffffff8460f1e5>] do_syscall_x64 arch/x86/entry/common.c:50 [inline]
[<ffffffff8460f1e5>] do_syscall_64+0x35/0xb0 arch/x86/entry/common.c:80
[<ffffffff84800087>] entry_SYSCALL_64_after_hwframe+0x63/0xcd
BUG: memory leak
unreferenced object 0xffff8881024bd800 (size 512):
comm "syz-executor361", pid 3670, jiffies 4294954234 (age 28.460s)
hex dump (first 32 bytes):
d8 00 00 00 00 00 00 00 00 00 00 00 ff ff ff ff ................
e0 be 2a 82 ff ff ff ff 68 fc 1c 08 81 88 ff ff ..*.....h.......
backtrace:
[<ffffffff822a2f30>] kmalloc_node include/linux/slab.h:623 [inline]
[<ffffffff822a2f30>] kzalloc_node include/linux/slab.h:744 [inline]
[<ffffffff822a2f30>] crypto_create_tfm_node+0x30/0x130 crypto/api.c:504
[<ffffffff822a3816>] crypto_alloc_tfm_node+0x96/0x180 crypto/api.c:588
[<ffffffff8168ccdc>] fscrypt_init_hkdf+0x3c/0x180 fs/crypto/hkdf.c:75
[<ffffffff8168eb90>] add_master_key+0x160/0x370 fs/crypto/keyring.c:535
[<ffffffff8168f233>] fscrypt_add_test_dummy_key+0x93/0xc0 fs/crypto/keyring.c:801
[<ffffffff8180b59a>] ext4_check_test_dummy_encryption fs/ext4/super.c:2680 [inline]
[<ffffffff8180b59a>] ext4_check_opt_consistency+0x79a/0xb80 fs/ext4/super.c:2735
[<ffffffff818119f6>] __ext4_fill_super fs/ext4/super.c:5095 [inline]
[<ffffffff818119f6>] ext4_fill_super+0xb66/0x5080 fs/ext4/super.c:5648
[<ffffffff815e7851>] get_tree_bdev+0x1f1/0x320 fs/super.c:1323
[<ffffffff815e5a88>] vfs_get_tree+0x28/0x100 fs/super.c:1530
[<ffffffff81629be7>] do_new_mount fs/namespace.c:3040 [inline]
[<ffffffff81629be7>] path_mount+0xc37/0x10d0 fs/namespace.c:3370
[<ffffffff8162a7ce>] do_mount fs/namespace.c:3383 [inline]
[<ffffffff8162a7ce>] __do_sys_mount fs/namespace.c:3591 [inline]
[<ffffffff8162a7ce>] __se_sys_mount fs/namespace.c:3568 [inline]
[<ffffffff8162a7ce>] __x64_sys_mount+0x18e/0x1d0 fs/namespace.c:3568
[<ffffffff8460f1e5>] do_syscall_x64 arch/x86/entry/common.c:50 [inline]
[<ffffffff8460f1e5>] do_syscall_64+0x35/0xb0 arch/x86/entry/common.c:80
[<ffffffff84800087>] entry_SYSCALL_64_after_hwframe+0x63/0xcd
BUG: memory leak
unreferenced object 0xffff88810eb2e740 (size 32):
comm "syz-executor361", pid 3670, jiffies 4294954234 (age 28.460s)
hex dump (first 32 bytes):
d0 00 00 00 00 00 00 00 00 00 00 00 ff ff ff ff ................
00 00 00 00 00 00 00 00 20 cb c7 85 ff ff ff ff ........ .......
backtrace:
[<ffffffff822a2f30>] kmalloc_node include/linux/slab.h:623 [inline]
[<ffffffff822a2f30>] kzalloc_node include/linux/slab.h:744 [inline]
[<ffffffff822a2f30>] crypto_create_tfm_node+0x30/0x130 crypto/api.c:504
[<ffffffff822a50f5>] crypto_create_tfm crypto/internal.h:92 [inline]
[<ffffffff822a50f5>] crypto_spawn_tfm2+0x45/0x90 crypto/algapi.c:803
[<ffffffff822b4c1b>] crypto_spawn_shash include/crypto/internal/hash.h:231 [inline]
[<ffffffff822b4c1b>] hmac_init_tfm+0x3b/0xa0 crypto/hmac.c:152
[<ffffffff822ac8c7>] crypto_shash_init_tfm+0x77/0xf0 crypto/shash.c:440
[<ffffffff822a2f52>] crypto_create_tfm_node+0x52/0x130 crypto/api.c:512
[<ffffffff822a3816>] crypto_alloc_tfm_node+0x96/0x180 crypto/api.c:588
[<ffffffff8168ccdc>] fscrypt_init_hkdf+0x3c/0x180 fs/crypto/hkdf.c:75
[<ffffffff8168eb90>] add_master_key+0x160/0x370 fs/crypto/keyring.c:535
[<ffffffff8168f233>] fscrypt_add_test_dummy_key+0x93/0xc0 fs/crypto/keyring.c:801
[<ffffffff8180b59a>] ext4_check_test_dummy_encryption fs/ext4/super.c:2680 [inline]
[<ffffffff8180b59a>] ext4_check_opt_consistency+0x79a/0xb80 fs/ext4/super.c:2735
[<ffffffff818119f6>] __ext4_fill_super fs/ext4/super.c:5095 [inline]
[<ffffffff818119f6>] ext4_fill_super+0xb66/0x5080 fs/ext4/super.c:5648
[<ffffffff815e7851>] get_tree_bdev+0x1f1/0x320 fs/super.c:1323
[<ffffffff815e5a88>] vfs_get_tree+0x28/0x100 fs/super.c:1530
[<ffffffff81629be7>] do_new_mount fs/namespace.c:3040 [inline]
[<ffffffff81629be7>] path_mount+0xc37/0x10d0 fs/namespace.c:3370
[<ffffffff8162a7ce>] do_mount fs/namespace.c:3383 [inline]
[<ffffffff8162a7ce>] __do_sys_mount fs/namespace.c:3591 [inline]
[<ffffffff8162a7ce>] __se_sys_mount fs/namespace.c:3568 [inline]
[<ffffffff8162a7ce>] __x64_sys_mount+0x18e/0x1d0 fs/namespace.c:3568
[<ffffffff8460f1e5>] do_syscall_x64 arch/x86/entry/common.c:50 [inline]
[<ffffffff8460f1e5>] do_syscall_64+0x35/0xb0 arch/x86/entry/common.c:80
BUG: memory leak
unreferenced object 0xffff88810a9a1800 (size 2048):
comm "syz-executor361", pid 3670, jiffies 4294954234 (age 28.460s)
hex dump (first 32 bytes):
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
backtrace:
[<ffffffff8168ecf6>] kmalloc include/linux/slab.h:600 [inline]
[<ffffffff8168ecf6>] kzalloc include/linux/slab.h:733 [inline]
[<ffffffff8168ecf6>] allocate_filesystem_keyring fs/crypto/keyring.c:194 [inline]
[<ffffffff8168ecf6>] do_add_master_key fs/crypto/keyring.c:502 [inline]
[<ffffffff8168ecf6>] add_master_key+0x2c6/0x370 fs/crypto/keyring.c:554
[<ffffffff8168f233>] fscrypt_add_test_dummy_key+0x93/0xc0 fs/crypto/keyring.c:801
[<ffffffff8180b59a>] ext4_check_test_dummy_encryption fs/ext4/super.c:2680 [inline]
[<ffffffff8180b59a>] ext4_check_opt_consistency+0x79a/0xb80 fs/ext4/super.c:2735
[<ffffffff818119f6>] __ext4_fill_super fs/ext4/super.c:5095 [inline]
[<ffffffff818119f6>] ext4_fill_super+0xb66/0x5080 fs/ext4/super.c:5648
[<ffffffff815e7851>] get_tree_bdev+0x1f1/0x320 fs/super.c:1323
[<ffffffff815e5a88>] vfs_get_tree+0x28/0x100 fs/super.c:1530
[<ffffffff81629be7>] do_new_mount fs/namespace.c:3040 [inline]
[<ffffffff81629be7>] path_mount+0xc37/0x10d0 fs/namespace.c:3370
[<ffffffff8162a7ce>] do_mount fs/namespace.c:3383 [inline]
[<ffffffff8162a7ce>] __do_sys_mount fs/namespace.c:3591 [inline]
[<ffffffff8162a7ce>] __se_sys_mount fs/namespace.c:3568 [inline]
[<ffffffff8162a7ce>] __x64_sys_mount+0x18e/0x1d0 fs/namespace.c:3568
[<ffffffff8460f1e5>] do_syscall_x64 arch/x86/entry/common.c:50 [inline]
[<ffffffff8460f1e5>] do_syscall_64+0x35/0xb0 arch/x86/entry/common.c:80
[<ffffffff84800087>] entry_SYSCALL_64_after_hwframe+0x63/0xcd
BUG: memory leak
unreferenced object 0xffff88810a820800 (size 1024):
comm "syz-executor361", pid 3670, jiffies 4294954234 (age 28.460s)
hex dump (first 32 bytes):
00 b0 a4 0e 81 88 ff ff 00 00 00 00 00 00 00 00 ................
58 19 9a 0a 81 88 ff ff 00 00 00 00 00 00 00 00 X...............
backtrace:
[<ffffffff8168e25a>] kmalloc include/linux/slab.h:600 [inline]
[<ffffffff8168e25a>] kzalloc include/linux/slab.h:733 [inline]
[<ffffffff8168e25a>] add_new_master_key+0x4a/0x250 fs/crypto/keyring.c:418
[<ffffffff8168ec10>] do_add_master_key fs/crypto/keyring.c:504 [inline]
[<ffffffff8168ec10>] add_master_key+0x1e0/0x370 fs/crypto/keyring.c:554
[<ffffffff8168f233>] fscrypt_add_test_dummy_key+0x93/0xc0 fs/crypto/keyring.c:801
[<ffffffff8180b59a>] ext4_check_test_dummy_encryption fs/ext4/super.c:2680 [inline]
[<ffffffff8180b59a>] ext4_check_opt_consistency+0x79a/0xb80 fs/ext4/super.c:2735
[<ffffffff818119f6>] __ext4_fill_super fs/ext4/super.c:5095 [inline]
[<ffffffff818119f6>] ext4_fill_super+0xb66/0x5080 fs/ext4/super.c:5648
[<ffffffff815e7851>] get_tree_bdev+0x1f1/0x320 fs/super.c:1323
[<ffffffff815e5a88>] vfs_get_tree+0x28/0x100 fs/super.c:1530
[<ffffffff81629be7>] do_new_mount fs/namespace.c:3040 [inline]
[<ffffffff81629be7>] path_mount+0xc37/0x10d0 fs/namespace.c:3370
[<ffffffff8162a7ce>] do_mount fs/namespace.c:3383 [inline]
[<ffffffff8162a7ce>] __do_sys_mount fs/namespace.c:3591 [inline]
[<ffffffff8162a7ce>] __se_sys_mount fs/namespace.c:3568 [inline]
[<ffffffff8162a7ce>] __x64_sys_mount+0x18e/0x1d0 fs/namespace.c:3568
[<ffffffff8460f1e5>] do_syscall_x64 arch/x86/entry/common.c:50 [inline]
[<ffffffff8460f1e5>] do_syscall_64+0x35/0xb0 arch/x86/entry/common.c:80
[<ffffffff84800087>] entry_SYSCALL_64_after_hwframe+0x63/0xcd
BUG: memory leak
unreferenced object 0xffff8881024bd800 (size 512):
comm "syz-executor361", pid 3670, jiffies 4294954234 (age 29.660s)
hex dump (first 32 bytes):
d8 00 00 00 00 00 00 00 00 00 00 00 ff ff ff ff ................
e0 be 2a 82 ff ff ff ff 68 fc 1c 08 81 88 ff ff ..*.....h.......
backtrace:
[<ffffffff822a2f30>] kmalloc_node include/linux/slab.h:623 [inline]
[<ffffffff822a2f30>] kzalloc_node include/linux/slab.h:744 [inline]
[<ffffffff822a2f30>] crypto_create_tfm_node+0x30/0x130 crypto/api.c:504
[<ffffffff822a3816>] crypto_alloc_tfm_node+0x96/0x180 crypto/api.c:588
[<ffffffff8168ccdc>] fscrypt_init_hkdf+0x3c/0x180 fs/crypto/hkdf.c:75
[<ffffffff8168eb90>] add_master_key+0x160/0x370 fs/crypto/keyring.c:535
[<ffffffff8168f233>] fscrypt_add_test_dummy_key+0x93/0xc0 fs/crypto/keyring.c:801
[<ffffffff8180b59a>] ext4_check_test_dummy_encryption fs/ext4/super.c:2680 [inline]
[<ffffffff8180b59a>] ext4_check_opt_consistency+0x79a/0xb80 fs/ext4/super.c:2735
[<ffffffff818119f6>] __ext4_fill_super fs/ext4/super.c:5095 [inline]
[<ffffffff818119f6>] ext4_fill_super+0xb66/0x5080 fs/ext4/super.c:5648
[<ffffffff815e7851>] get_tree_bdev+0x1f1/0x320 fs/super.c:1323
[<ffffffff815e5a88>] vfs_get_tree+0x28/0x100 fs/super.c:1530
[<ffffffff81629be7>] do_new_mount fs/namespace.c:3040 [inline]
[<ffffffff81629be7>] path_mount+0xc37/0x10d0 fs/namespace.c:3370
[<ffffffff8162a7ce>] do_mount fs/namespace.c:3383 [inline]
[<ffffffff8162a7ce>] __do_sys_mount fs/namespace.c:3591 [inline]
[<ffffffff8162a7ce>] __se_sys_mount fs/namespace.c:3568 [inline]
[<ffffffff8162a7ce>] __x64_sys_mount+0x18e/0x1d0 fs/namespace.c:3568
[<ffffffff8460f1e5>] do_syscall_x64 arch/x86/entry/common.c:50 [inline]
[<ffffffff8460f1e5>] do_syscall_64+0x35/0xb0 arch/x86/entry/common.c:80
[<ffffffff84800087>] entry_SYSCALL_64_after_hwframe+0x63/0xcd
BUG: memory leak
unreferenced object 0xffff88810eb2e740 (size 32):
comm "syz-executor361", pid 3670, jiffies 4294954234 (age 29.660s)
hex dump (first 32 bytes):
d0 00 00 00 00 00 00 00 00 00 00 00 ff ff ff ff ................
00 00 00 00 00 00 00 00 20 cb c7 85 ff ff ff ff ........ .......
backtrace:
[<ffffffff822a2f30>] kmalloc_node include/linux/slab.h:623 [inline]
[<ffffffff822a2f30>] kzalloc_node include/linux/slab.h:744 [inline]
[<ffffffff822a2f30>] crypto_create_tfm_node+0x30/0x130 crypto/api.c:504
[<ffffffff822a50f5>] crypto_create_tfm crypto/internal.h:92 [inline]
[<ffffffff822a50f5>] crypto_spawn_tfm2+0x45/0x90 crypto/algapi.c:803
[<ffffffff822b4c1b>] crypto_spawn_shash include/crypto/internal/hash.h:231 [inline]
[<ffffffff822b4c1b>] hmac_init_tfm+0x3b/0xa0 crypto/hmac.c:152
[<ffffffff822ac8c7>] crypto_shash_init_tfm+0x77/0xf0 crypto/shash.c:440
[<ffffffff822a2f52>] crypto_create_tfm_node+0x52/0x130 crypto/api.c:512
[<ffffffff822a3816>] crypto_alloc_tfm_node+0x96/0x180 crypto/api.c:588
[<ffffffff8168ccdc>] fscrypt_init_hkdf+0x3c/0x180 fs/crypto/hkdf.c:75
[<ffffffff8168eb90>] add_master_key+0x160/0x370 fs/crypto/keyring.c:535
[<ffffffff8168f233>] fscrypt_add_test_dummy_key+0x93/0xc0 fs/crypto/keyring.c:801
[<ffffffff8180b59a>] ext4_check_test_dummy_encryption fs/ext4/super.c:2680 [inline]
[<ffffffff8180b59a>] ext4_check_opt_consistency+0x79a/0xb80 fs/ext4/super.c:2735
[<ffffffff818119f6>] __ext4_fill_super fs/ext4/super.c:5095 [inline]
[<ffffffff818119f6>] ext4_fill_super+0xb66/0x5080 fs/ext4/super.c:5648
[<ffffffff815e7851>] get_tree_bdev+0x1f1/0x320 fs/super.c:1323
[<ffffffff815e5a88>] vfs_get_tree+0x28/0x100 fs/super.c:1530
[<ffffffff81629be7>] do_new_mount fs/namespace.c:3040 [inline]
[<ffffffff81629be7>] path_mount+0xc37/0x10d0 fs/namespace.c:3370
[<ffffffff8162a7ce>] do_mount fs/namespace.c:3383 [inline]
[<ffffffff8162a7ce>] __do_sys_mount fs/namespace.c:3591 [inline]
[<ffffffff8162a7ce>] __se_sys_mount fs/namespace.c:3568 [inline]
[<ffffffff8162a7ce>] __x64_sys_mount+0x18e/0x1d0 fs/namespace.c:3568
[<ffffffff8460f1e5>] do_syscall_x64 arch/x86/entry/common.c:50 [inline]
[<ffffffff8460f1e5>] do_syscall_64+0x35/0xb0 arch/x86/entry/common.c:80
BUG: memory leak
unreferenced object 0xffff88810a9a1800 (size 2048):
comm "syz-executor361", pid 3670, jiffies 4294954234 (age 29.660s)
hex dump (first 32 bytes):
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
backtrace:
[<ffffffff8168ecf6>] kmalloc include/linux/slab.h:600 [inline]
[<ffffffff8168ecf6>] kzalloc include/linux/slab.h:733 [inline]
[<ffffffff8168ecf6>] allocate_filesystem_keyring fs/crypto/keyring.c:194 [inline]
[<ffffffff8168ecf6>] do_add_master_key fs/crypto/keyring.c:502 [inline]
[<ffffffff8168ecf6>] add_master_key+0x2c6/0x370 fs/crypto/keyring.c:554
[<ffffffff8168f233>] fscrypt_add_test_dummy_key+0x93/0xc0 fs/crypto/keyring.c:801
[<ffffffff8180b59a>] ext4_check_test_dummy_encryption fs/ext4/super.c:2680 [inline]
[<ffffffff8180b59a>] ext4_check_opt_consistency+0x79a/0xb80 fs/ext4/super.c:2735
[<ffffffff818119f6>] __ext4_fill_super fs/ext4/super.c:5095 [inline]
[<ffffffff818119f6>] ext4_fill_super+0xb66/0x5080 fs/ext4/super.c:5648
[<ffffffff815e7851>] get_tree_bdev+0x1f1/0x320 fs/super.c:1323
[<ffffffff815e5a88>] vfs_get_tree+0x28/0x100 fs/super.c:1530
[<ffffffff81629be7>] do_new_mount fs/namespace.c:3040 [inline]
[<ffffffff81629be7>] path_mount+0xc37/0x10d0 fs/namespace.c:3370
[<ffffffff8162a7ce>] do_mount fs/namespace.c:3383 [inline]
[<ffffffff8162a7ce>] __do_sys_mount fs/namespace.c:3591 [inline]
[<ffffffff8162a7ce>] __se_sys_mount fs/namespace.c:3568 [inline]
[<ffffffff8162a7ce>] __x64_sys_mount+0x18e/0x1d0 fs/namespace.c:3568
[<ffffffff8460f1e5>] do_syscall_x64 arch/x86/entry/common.c:50 [inline]
[<ffffffff8460f1e5>] do_syscall_64+0x35/0xb0 arch/x86/entry/common.c:80
[<ffffffff84800087>] entry_SYSCALL_64_after_hwframe+0x63/0xcd
BUG: memory leak
unreferenced object 0xffff88810a820800 (size 1024):
comm "syz-executor361", pid 3670, jiffies 4294954234 (age 29.660s)
hex dump (first 32 bytes):
00 b0 a4 0e 81 88 ff ff 00 00 00 00 00 00 00 00 ................
58 19 9a 0a 81 88 ff ff 00 00 00 00 00 00 00 00 X...............
backtrace:
[<ffffffff8168e25a>] kmalloc include/linux/slab.h:600 [inline]
[<ffffffff8168e25a>] kzalloc include/linux/slab.h:733 [inline]
[<ffffffff8168e25a>] add_new_master_key+0x4a/0x250 fs/crypto/keyring.c:418
[<ffffffff8168ec10>] do_add_master_key fs/crypto/keyring.c:504 [inline]
[<ffffffff8168ec10>] add_master_key+0x1e0/0x370 fs/crypto/keyring.c:554
[<ffffffff8168f233>] fscrypt_add_test_dummy_key+0x93/0xc0 fs/crypto/keyring.c:801
[<ffffffff8180b59a>] ext4_check_test_dummy_encryption fs/ext4/super.c:2680 [inline]
[<ffffffff8180b59a>] ext4_check_opt_consistency+0x79a/0xb80 fs/ext4/super.c:2735
[<ffffffff818119f6>] __ext4_fill_super fs/ext4/super.c:5095 [inline]
[<ffffffff818119f6>] ext4_fill_super+0xb66/0x5080 fs/ext4/super.c:5648
[<ffffffff815e7851>] get_tree_bdev+0x1f1/0x320 fs/super.c:1323
[<ffffffff815e5a88>] vfs_get_tree+0x28/0x100 fs/super.c:1530
[<ffffffff81629be7>] do_new_mount fs/namespace.c:3040 [inline]
[<ffffffff81629be7>] path_mount+0xc37/0x10d0 fs/namespace.c:3370
[<ffffffff8162a7ce>] do_mount fs/namespace.c:3383 [inline]
[<ffffffff8162a7ce>] __do_sys_mount fs/namespace.c:3591 [inline]
[<ffffffff8162a7ce>] __se_sys_mount fs/namespace.c:3568 [inline]
[<ffffffff8162a7ce>] __x64_sys_mount+0x18e/0x1d0 fs/namespace.c:3568
[<ffffffff8460f1e5>] do_syscall_x64 arch/x86/entry/common.c:50 [inline]
[<ffffffff8460f1e5>] do_syscall_64+0x35/0xb0 arch/x86/entry/common.c:80
[<ffffffff84800087>] entry_SYSCALL_64_after_hwframe+0x63/0xcd
executing program
executing program
executing program
---
This report is generated by a bot. It may contain errors.
See https://goo.gl/tpsmEJ for more information about syzbot.
syzbot engineers can be reached at syzkaller@googlegroups.com.
syzbot will keep track of this issue. See:
https://goo.gl/tpsmEJ#status for how to communicate with syzbot.
syzbot can test patches for this issue, for details see:
https://goo.gl/tpsmEJ#testing-patches
^ permalink raw reply [flat|nested] 8+ messages in thread
* [PATCH] fscrypt: fix keyring memory leak on mount failure
2022-10-11 20:46 [syzbot] memory leak in crypto_create_tfm_node syzbot
@ 2022-10-11 21:38 ` Eric Biggers
2022-10-18 0:52 ` Eric Biggers
2022-10-19 11:36 ` Christian Brauner
2022-10-12 9:23 ` [syzbot] memory leak in crypto_create_tfm_node Herbert Xu
1 sibling, 2 replies; 8+ messages in thread
From: Eric Biggers @ 2022-10-11 21:38 UTC (permalink / raw)
To: linux-fscrypt
Cc: linux-fsdevel, linux-crypto, linux-kernel, syzkaller-bugs,
syzbot+104c2a89561289cec13e
From: Eric Biggers <ebiggers@google.com>
Commit d7e7b9af104c ("fscrypt: stop using keyrings subsystem for
fscrypt_master_key") moved the keyring destruction from __put_super() to
generic_shutdown_super() so that the filesystem's block device(s) are
still available. Unfortunately, this causes a memory leak in the case
where a mount is attempted with the test_dummy_encryption mount option,
but the mount fails after the option has already been processed.
To fix this, attempt the keyring destruction in both places.
Reported-by: syzbot+104c2a89561289cec13e@syzkaller.appspotmail.com
Fixes: d7e7b9af104c ("fscrypt: stop using keyrings subsystem for fscrypt_master_key")
Signed-off-by: Eric Biggers <ebiggers@google.com>
---
fs/crypto/keyring.c | 17 +++++++++++------
fs/super.c | 3 ++-
include/linux/fscrypt.h | 4 ++--
3 files changed, 15 insertions(+), 9 deletions(-)
diff --git a/fs/crypto/keyring.c b/fs/crypto/keyring.c
index 1cca09aa43f8b..2a24b1f0ae688 100644
--- a/fs/crypto/keyring.c
+++ b/fs/crypto/keyring.c
@@ -205,14 +205,19 @@ static int allocate_filesystem_keyring(struct super_block *sb)
}
/*
- * This is called at unmount time to release all encryption keys that have been
- * added to the filesystem, along with the keyring that contains them.
+ * Release all encryption keys that have been added to the filesystem, along
+ * with the keyring that contains them.
*
- * Note that besides clearing and freeing memory, this might need to evict keys
- * from the keyslots of an inline crypto engine. Therefore, this must be called
- * while the filesystem's underlying block device(s) are still available.
+ * This is called at unmount time. The filesystem's underlying block device(s)
+ * are still available at this time; this is important because after user file
+ * accesses have been allowed, this function may need to evict keys from the
+ * keyslots of an inline crypto engine, which requires the block device(s).
+ *
+ * This is also called when the super_block is being freed. This is needed to
+ * avoid a memory leak if mounting fails after the "test_dummy_encryption"
+ * option was processed, as in that case the unmount-time call isn't made.
*/
-void fscrypt_sb_delete(struct super_block *sb)
+void fscrypt_destroy_keyring(struct super_block *sb)
{
struct fscrypt_keyring *keyring = sb->s_master_keys;
size_t i;
diff --git a/fs/super.c b/fs/super.c
index 6a82660e1adba..8d39e4f11cfa3 100644
--- a/fs/super.c
+++ b/fs/super.c
@@ -291,6 +291,7 @@ static void __put_super(struct super_block *s)
WARN_ON(s->s_inode_lru.node);
WARN_ON(!list_empty(&s->s_mounts));
security_sb_free(s);
+ fscrypt_destroy_keyring(s);
put_user_ns(s->s_user_ns);
kfree(s->s_subtype);
call_rcu(&s->rcu, destroy_super_rcu);
@@ -479,7 +480,7 @@ void generic_shutdown_super(struct super_block *sb)
evict_inodes(sb);
/* only nonzero refcount inodes can have marks */
fsnotify_sb_delete(sb);
- fscrypt_sb_delete(sb);
+ fscrypt_destroy_keyring(sb);
security_sb_delete(sb);
if (sb->s_dio_done_wq) {
diff --git a/include/linux/fscrypt.h b/include/linux/fscrypt.h
index cad78b569c7ef..4f5f8a6512132 100644
--- a/include/linux/fscrypt.h
+++ b/include/linux/fscrypt.h
@@ -307,7 +307,7 @@ fscrypt_free_dummy_policy(struct fscrypt_dummy_policy *dummy_policy)
}
/* keyring.c */
-void fscrypt_sb_delete(struct super_block *sb);
+void fscrypt_destroy_keyring(struct super_block *sb);
int fscrypt_ioctl_add_key(struct file *filp, void __user *arg);
int fscrypt_add_test_dummy_key(struct super_block *sb,
const struct fscrypt_dummy_policy *dummy_policy);
@@ -521,7 +521,7 @@ fscrypt_free_dummy_policy(struct fscrypt_dummy_policy *dummy_policy)
}
/* keyring.c */
-static inline void fscrypt_sb_delete(struct super_block *sb)
+static inline void fscrypt_destroy_keyring(struct super_block *sb)
{
}
base-commit: 041bc24d867a2a577a06534d6d25e500b24a01ef
--
2.37.3
^ permalink raw reply related [flat|nested] 8+ messages in thread
* Re: [syzbot] memory leak in crypto_create_tfm_node
2022-10-11 20:46 [syzbot] memory leak in crypto_create_tfm_node syzbot
2022-10-11 21:38 ` [PATCH] fscrypt: fix keyring memory leak on mount failure Eric Biggers
@ 2022-10-12 9:23 ` Herbert Xu
2022-10-12 10:26 ` Dmitry Vyukov
1 sibling, 1 reply; 8+ messages in thread
From: Herbert Xu @ 2022-10-12 9:23 UTC (permalink / raw)
To: syzbot, Theodore Y. Ts'o, Jaegeuk Kim, Eric Biggers, linux-fscrypt
Cc: davem, linux-crypto, linux-kernel, syzkaller-bugs
Hi:
I presume this is a leak in fscrypt (or perhaps something at an
even higher level).
Thanks,
On Tue, Oct 11, 2022 at 01:46:41PM -0700, syzbot wrote:
> Hello,
>
> syzbot found the following issue on:
>
> HEAD commit: 4c86114194e6 Merge tag 'iomap-6.1-merge-1' of git://git.ke..
> git tree: upstream
> console output: https://syzkaller.appspot.com/x/log.txt?x=104827bc880000
> kernel config: https://syzkaller.appspot.com/x/.config?x=10f41fbb818af57a
> dashboard link: https://syzkaller.appspot.com/bug?extid=104c2a89561289cec13e
> compiler: gcc (Debian 10.2.1-6) 10.2.1 20210110, GNU ld (GNU Binutils for Debian) 2.35.2
> syz repro: https://syzkaller.appspot.com/x/repro.syz?x=17a1d5fa880000
> C reproducer: https://syzkaller.appspot.com/x/repro.c?x=12f77e34880000
>
> Downloadable assets:
> disk image: https://storage.googleapis.com/syzbot-assets/47a35ffaaa39/disk-4c861141.raw.xz
> vmlinux: https://storage.googleapis.com/syzbot-assets/cc11d48eaf17/vmlinux-4c861141.xz
> mounted in repro: https://storage.googleapis.com/syzbot-assets/c14465c5ddba/mount_0.gz
>
> IMPORTANT: if you fix the issue, please add the following tag to the commit:
> Reported-by: syzbot+104c2a89561289cec13e@syzkaller.appspotmail.com
>
> BUG: memory leak
> unreferenced object 0xffff8881024bd800 (size 512):
> comm "syz-executor361", pid 3670, jiffies 4294954234 (age 21.340s)
> hex dump (first 32 bytes):
> d8 00 00 00 00 00 00 00 00 00 00 00 ff ff ff ff ................
> e0 be 2a 82 ff ff ff ff 68 fc 1c 08 81 88 ff ff ..*.....h.......
> backtrace:
> [<ffffffff822a2f30>] kmalloc_node include/linux/slab.h:623 [inline]
> [<ffffffff822a2f30>] kzalloc_node include/linux/slab.h:744 [inline]
> [<ffffffff822a2f30>] crypto_create_tfm_node+0x30/0x130 crypto/api.c:504
> [<ffffffff822a3816>] crypto_alloc_tfm_node+0x96/0x180 crypto/api.c:588
> [<ffffffff8168ccdc>] fscrypt_init_hkdf+0x3c/0x180 fs/crypto/hkdf.c:75
> [<ffffffff8168eb90>] add_master_key+0x160/0x370 fs/crypto/keyring.c:535
> [<ffffffff8168f233>] fscrypt_add_test_dummy_key+0x93/0xc0 fs/crypto/keyring.c:801
> [<ffffffff8180b59a>] ext4_check_test_dummy_encryption fs/ext4/super.c:2680 [inline]
> [<ffffffff8180b59a>] ext4_check_opt_consistency+0x79a/0xb80 fs/ext4/super.c:2735
> [<ffffffff818119f6>] __ext4_fill_super fs/ext4/super.c:5095 [inline]
> [<ffffffff818119f6>] ext4_fill_super+0xb66/0x5080 fs/ext4/super.c:5648
> [<ffffffff815e7851>] get_tree_bdev+0x1f1/0x320 fs/super.c:1323
> [<ffffffff815e5a88>] vfs_get_tree+0x28/0x100 fs/super.c:1530
> [<ffffffff81629be7>] do_new_mount fs/namespace.c:3040 [inline]
> [<ffffffff81629be7>] path_mount+0xc37/0x10d0 fs/namespace.c:3370
> [<ffffffff8162a7ce>] do_mount fs/namespace.c:3383 [inline]
> [<ffffffff8162a7ce>] __do_sys_mount fs/namespace.c:3591 [inline]
> [<ffffffff8162a7ce>] __se_sys_mount fs/namespace.c:3568 [inline]
> [<ffffffff8162a7ce>] __x64_sys_mount+0x18e/0x1d0 fs/namespace.c:3568
> [<ffffffff8460f1e5>] do_syscall_x64 arch/x86/entry/common.c:50 [inline]
> [<ffffffff8460f1e5>] do_syscall_64+0x35/0xb0 arch/x86/entry/common.c:80
> [<ffffffff84800087>] entry_SYSCALL_64_after_hwframe+0x63/0xcd
>
> BUG: memory leak
> unreferenced object 0xffff88810eb2e740 (size 32):
> comm "syz-executor361", pid 3670, jiffies 4294954234 (age 21.340s)
> hex dump (first 32 bytes):
> d0 00 00 00 00 00 00 00 00 00 00 00 ff ff ff ff ................
> 00 00 00 00 00 00 00 00 20 cb c7 85 ff ff ff ff ........ .......
> backtrace:
> [<ffffffff822a2f30>] kmalloc_node include/linux/slab.h:623 [inline]
> [<ffffffff822a2f30>] kzalloc_node include/linux/slab.h:744 [inline]
> [<ffffffff822a2f30>] crypto_create_tfm_node+0x30/0x130 crypto/api.c:504
> [<ffffffff822a50f5>] crypto_create_tfm crypto/internal.h:92 [inline]
> [<ffffffff822a50f5>] crypto_spawn_tfm2+0x45/0x90 crypto/algapi.c:803
> [<ffffffff822b4c1b>] crypto_spawn_shash include/crypto/internal/hash.h:231 [inline]
> [<ffffffff822b4c1b>] hmac_init_tfm+0x3b/0xa0 crypto/hmac.c:152
> [<ffffffff822ac8c7>] crypto_shash_init_tfm+0x77/0xf0 crypto/shash.c:440
> [<ffffffff822a2f52>] crypto_create_tfm_node+0x52/0x130 crypto/api.c:512
> [<ffffffff822a3816>] crypto_alloc_tfm_node+0x96/0x180 crypto/api.c:588
> [<ffffffff8168ccdc>] fscrypt_init_hkdf+0x3c/0x180 fs/crypto/hkdf.c:75
> [<ffffffff8168eb90>] add_master_key+0x160/0x370 fs/crypto/keyring.c:535
> [<ffffffff8168f233>] fscrypt_add_test_dummy_key+0x93/0xc0 fs/crypto/keyring.c:801
> [<ffffffff8180b59a>] ext4_check_test_dummy_encryption fs/ext4/super.c:2680 [inline]
> [<ffffffff8180b59a>] ext4_check_opt_consistency+0x79a/0xb80 fs/ext4/super.c:2735
> [<ffffffff818119f6>] __ext4_fill_super fs/ext4/super.c:5095 [inline]
> [<ffffffff818119f6>] ext4_fill_super+0xb66/0x5080 fs/ext4/super.c:5648
> [<ffffffff815e7851>] get_tree_bdev+0x1f1/0x320 fs/super.c:1323
> [<ffffffff815e5a88>] vfs_get_tree+0x28/0x100 fs/super.c:1530
> [<ffffffff81629be7>] do_new_mount fs/namespace.c:3040 [inline]
> [<ffffffff81629be7>] path_mount+0xc37/0x10d0 fs/namespace.c:3370
> [<ffffffff8162a7ce>] do_mount fs/namespace.c:3383 [inline]
> [<ffffffff8162a7ce>] __do_sys_mount fs/namespace.c:3591 [inline]
> [<ffffffff8162a7ce>] __se_sys_mount fs/namespace.c:3568 [inline]
> [<ffffffff8162a7ce>] __x64_sys_mount+0x18e/0x1d0 fs/namespace.c:3568
> [<ffffffff8460f1e5>] do_syscall_x64 arch/x86/entry/common.c:50 [inline]
> [<ffffffff8460f1e5>] do_syscall_64+0x35/0xb0 arch/x86/entry/common.c:80
>
> BUG: memory leak
> unreferenced object 0xffff88810a9a1800 (size 2048):
> comm "syz-executor361", pid 3670, jiffies 4294954234 (age 21.340s)
> hex dump (first 32 bytes):
> 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
> 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
> backtrace:
> [<ffffffff8168ecf6>] kmalloc include/linux/slab.h:600 [inline]
> [<ffffffff8168ecf6>] kzalloc include/linux/slab.h:733 [inline]
> [<ffffffff8168ecf6>] allocate_filesystem_keyring fs/crypto/keyring.c:194 [inline]
> [<ffffffff8168ecf6>] do_add_master_key fs/crypto/keyring.c:502 [inline]
> [<ffffffff8168ecf6>] add_master_key+0x2c6/0x370 fs/crypto/keyring.c:554
> [<ffffffff8168f233>] fscrypt_add_test_dummy_key+0x93/0xc0 fs/crypto/keyring.c:801
> [<ffffffff8180b59a>] ext4_check_test_dummy_encryption fs/ext4/super.c:2680 [inline]
> [<ffffffff8180b59a>] ext4_check_opt_consistency+0x79a/0xb80 fs/ext4/super.c:2735
> [<ffffffff818119f6>] __ext4_fill_super fs/ext4/super.c:5095 [inline]
> [<ffffffff818119f6>] ext4_fill_super+0xb66/0x5080 fs/ext4/super.c:5648
> [<ffffffff815e7851>] get_tree_bdev+0x1f1/0x320 fs/super.c:1323
> [<ffffffff815e5a88>] vfs_get_tree+0x28/0x100 fs/super.c:1530
> [<ffffffff81629be7>] do_new_mount fs/namespace.c:3040 [inline]
> [<ffffffff81629be7>] path_mount+0xc37/0x10d0 fs/namespace.c:3370
> [<ffffffff8162a7ce>] do_mount fs/namespace.c:3383 [inline]
> [<ffffffff8162a7ce>] __do_sys_mount fs/namespace.c:3591 [inline]
> [<ffffffff8162a7ce>] __se_sys_mount fs/namespace.c:3568 [inline]
> [<ffffffff8162a7ce>] __x64_sys_mount+0x18e/0x1d0 fs/namespace.c:3568
> [<ffffffff8460f1e5>] do_syscall_x64 arch/x86/entry/common.c:50 [inline]
> [<ffffffff8460f1e5>] do_syscall_64+0x35/0xb0 arch/x86/entry/common.c:80
> [<ffffffff84800087>] entry_SYSCALL_64_after_hwframe+0x63/0xcd
>
> BUG: memory leak
> unreferenced object 0xffff88810a820800 (size 1024):
> comm "syz-executor361", pid 3670, jiffies 4294954234 (age 21.340s)
> hex dump (first 32 bytes):
> 00 b0 a4 0e 81 88 ff ff 00 00 00 00 00 00 00 00 ................
> 58 19 9a 0a 81 88 ff ff 00 00 00 00 00 00 00 00 X...............
> backtrace:
> [<ffffffff8168e25a>] kmalloc include/linux/slab.h:600 [inline]
> [<ffffffff8168e25a>] kzalloc include/linux/slab.h:733 [inline]
> [<ffffffff8168e25a>] add_new_master_key+0x4a/0x250 fs/crypto/keyring.c:418
> [<ffffffff8168ec10>] do_add_master_key fs/crypto/keyring.c:504 [inline]
> [<ffffffff8168ec10>] add_master_key+0x1e0/0x370 fs/crypto/keyring.c:554
> [<ffffffff8168f233>] fscrypt_add_test_dummy_key+0x93/0xc0 fs/crypto/keyring.c:801
> [<ffffffff8180b59a>] ext4_check_test_dummy_encryption fs/ext4/super.c:2680 [inline]
> [<ffffffff8180b59a>] ext4_check_opt_consistency+0x79a/0xb80 fs/ext4/super.c:2735
> [<ffffffff818119f6>] __ext4_fill_super fs/ext4/super.c:5095 [inline]
> [<ffffffff818119f6>] ext4_fill_super+0xb66/0x5080 fs/ext4/super.c:5648
> [<ffffffff815e7851>] get_tree_bdev+0x1f1/0x320 fs/super.c:1323
> [<ffffffff815e5a88>] vfs_get_tree+0x28/0x100 fs/super.c:1530
> [<ffffffff81629be7>] do_new_mount fs/namespace.c:3040 [inline]
> [<ffffffff81629be7>] path_mount+0xc37/0x10d0 fs/namespace.c:3370
> [<ffffffff8162a7ce>] do_mount fs/namespace.c:3383 [inline]
> [<ffffffff8162a7ce>] __do_sys_mount fs/namespace.c:3591 [inline]
> [<ffffffff8162a7ce>] __se_sys_mount fs/namespace.c:3568 [inline]
> [<ffffffff8162a7ce>] __x64_sys_mount+0x18e/0x1d0 fs/namespace.c:3568
> [<ffffffff8460f1e5>] do_syscall_x64 arch/x86/entry/common.c:50 [inline]
> [<ffffffff8460f1e5>] do_syscall_64+0x35/0xb0 arch/x86/entry/common.c:80
> [<ffffffff84800087>] entry_SYSCALL_64_after_hwframe+0x63/0xcd
>
> BUG: memory leak
> unreferenced object 0xffff8881024bd800 (size 512):
> comm "syz-executor361", pid 3670, jiffies 4294954234 (age 24.890s)
> hex dump (first 32 bytes):
> d8 00 00 00 00 00 00 00 00 00 00 00 ff ff ff ff ................
> e0 be 2a 82 ff ff ff ff 68 fc 1c 08 81 88 ff ff ..*.....h.......
> backtrace:
> [<ffffffff822a2f30>] kmalloc_node include/linux/slab.h:623 [inline]
> [<ffffffff822a2f30>] kzalloc_node include/linux/slab.h:744 [inline]
> [<ffffffff822a2f30>] crypto_create_tfm_node+0x30/0x130 crypto/api.c:504
> [<ffffffff822a3816>] crypto_alloc_tfm_node+0x96/0x180 crypto/api.c:588
> [<ffffffff8168ccdc>] fscrypt_init_hkdf+0x3c/0x180 fs/crypto/hkdf.c:75
> [<ffffffff8168eb90>] add_master_key+0x160/0x370 fs/crypto/keyring.c:535
> [<ffffffff8168f233>] fscrypt_add_test_dummy_key+0x93/0xc0 fs/crypto/keyring.c:801
> [<ffffffff8180b59a>] ext4_check_test_dummy_encryption fs/ext4/super.c:2680 [inline]
> [<ffffffff8180b59a>] ext4_check_opt_consistency+0x79a/0xb80 fs/ext4/super.c:2735
> [<ffffffff818119f6>] __ext4_fill_super fs/ext4/super.c:5095 [inline]
> [<ffffffff818119f6>] ext4_fill_super+0xb66/0x5080 fs/ext4/super.c:5648
> [<ffffffff815e7851>] get_tree_bdev+0x1f1/0x320 fs/super.c:1323
> [<ffffffff815e5a88>] vfs_get_tree+0x28/0x100 fs/super.c:1530
> [<ffffffff81629be7>] do_new_mount fs/namespace.c:3040 [inline]
> [<ffffffff81629be7>] path_mount+0xc37/0x10d0 fs/namespace.c:3370
> [<ffffffff8162a7ce>] do_mount fs/namespace.c:3383 [inline]
> [<ffffffff8162a7ce>] __do_sys_mount fs/namespace.c:3591 [inline]
> [<ffffffff8162a7ce>] __se_sys_mount fs/namespace.c:3568 [inline]
> [<ffffffff8162a7ce>] __x64_sys_mount+0x18e/0x1d0 fs/namespace.c:3568
> [<ffffffff8460f1e5>] do_syscall_x64 arch/x86/entry/common.c:50 [inline]
> [<ffffffff8460f1e5>] do_syscall_64+0x35/0xb0 arch/x86/entry/common.c:80
> [<ffffffff84800087>] entry_SYSCALL_64_after_hwframe+0x63/0xcd
>
> BUG: memory leak
> unreferenced object 0xffff88810eb2e740 (size 32):
> comm "syz-executor361", pid 3670, jiffies 4294954234 (age 24.890s)
> hex dump (first 32 bytes):
> d0 00 00 00 00 00 00 00 00 00 00 00 ff ff ff ff ................
> 00 00 00 00 00 00 00 00 20 cb c7 85 ff ff ff ff ........ .......
> backtrace:
> [<ffffffff822a2f30>] kmalloc_node include/linux/slab.h:623 [inline]
> [<ffffffff822a2f30>] kzalloc_node include/linux/slab.h:744 [inline]
> [<ffffffff822a2f30>] crypto_create_tfm_node+0x30/0x130 crypto/api.c:504
> [<ffffffff822a50f5>] crypto_create_tfm crypto/internal.h:92 [inline]
> [<ffffffff822a50f5>] crypto_spawn_tfm2+0x45/0x90 crypto/algapi.c:803
> [<ffffffff822b4c1b>] crypto_spawn_shash include/crypto/internal/hash.h:231 [inline]
> [<ffffffff822b4c1b>] hmac_init_tfm+0x3b/0xa0 crypto/hmac.c:152
> [<ffffffff822ac8c7>] crypto_shash_init_tfm+0x77/0xf0 crypto/shash.c:440
> [<ffffffff822a2f52>] crypto_create_tfm_node+0x52/0x130 crypto/api.c:512
> [<ffffffff822a3816>] crypto_alloc_tfm_node+0x96/0x180 crypto/api.c:588
> [<ffffffff8168ccdc>] fscrypt_init_hkdf+0x3c/0x180 fs/crypto/hkdf.c:75
> [<ffffffff8168eb90>] add_master_key+0x160/0x370 fs/crypto/keyring.c:535
> [<ffffffff8168f233>] fscrypt_add_test_dummy_key+0x93/0xc0 fs/crypto/keyring.c:801
> [<ffffffff8180b59a>] ext4_check_test_dummy_encryption fs/ext4/super.c:2680 [inline]
> [<ffffffff8180b59a>] ext4_check_opt_consistency+0x79a/0xb80 fs/ext4/super.c:2735
> [<ffffffff818119f6>] __ext4_fill_super fs/ext4/super.c:5095 [inline]
> [<ffffffff818119f6>] ext4_fill_super+0xb66/0x5080 fs/ext4/super.c:5648
> [<ffffffff815e7851>] get_tree_bdev+0x1f1/0x320 fs/super.c:1323
> [<ffffffff815e5a88>] vfs_get_tree+0x28/0x100 fs/super.c:1530
> [<ffffffff81629be7>] do_new_mount fs/namespace.c:3040 [inline]
> [<ffffffff81629be7>] path_mount+0xc37/0x10d0 fs/namespace.c:3370
> [<ffffffff8162a7ce>] do_mount fs/namespace.c:3383 [inline]
> [<ffffffff8162a7ce>] __do_sys_mount fs/namespace.c:3591 [inline]
> [<ffffffff8162a7ce>] __se_sys_mount fs/namespace.c:3568 [inline]
> [<ffffffff8162a7ce>] __x64_sys_mount+0x18e/0x1d0 fs/namespace.c:3568
> [<ffffffff8460f1e5>] do_syscall_x64 arch/x86/entry/common.c:50 [inline]
> [<ffffffff8460f1e5>] do_syscall_64+0x35/0xb0 arch/x86/entry/common.c:80
>
> BUG: memory leak
> unreferenced object 0xffff88810a9a1800 (size 2048):
> comm "syz-executor361", pid 3670, jiffies 4294954234 (age 24.890s)
> hex dump (first 32 bytes):
> 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
> 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
> backtrace:
> [<ffffffff8168ecf6>] kmalloc include/linux/slab.h:600 [inline]
> [<ffffffff8168ecf6>] kzalloc include/linux/slab.h:733 [inline]
> [<ffffffff8168ecf6>] allocate_filesystem_keyring fs/crypto/keyring.c:194 [inline]
> [<ffffffff8168ecf6>] do_add_master_key fs/crypto/keyring.c:502 [inline]
> [<ffffffff8168ecf6>] add_master_key+0x2c6/0x370 fs/crypto/keyring.c:554
> [<ffffffff8168f233>] fscrypt_add_test_dummy_key+0x93/0xc0 fs/crypto/keyring.c:801
> [<ffffffff8180b59a>] ext4_check_test_dummy_encryption fs/ext4/super.c:2680 [inline]
> [<ffffffff8180b59a>] ext4_check_opt_consistency+0x79a/0xb80 fs/ext4/super.c:2735
> [<ffffffff818119f6>] __ext4_fill_super fs/ext4/super.c:5095 [inline]
> [<ffffffff818119f6>] ext4_fill_super+0xb66/0x5080 fs/ext4/super.c:5648
> [<ffffffff815e7851>] get_tree_bdev+0x1f1/0x320 fs/super.c:1323
> [<ffffffff815e5a88>] vfs_get_tree+0x28/0x100 fs/super.c:1530
> [<ffffffff81629be7>] do_new_mount fs/namespace.c:3040 [inline]
> [<ffffffff81629be7>] path_mount+0xc37/0x10d0 fs/namespace.c:3370
> [<ffffffff8162a7ce>] do_mount fs/namespace.c:3383 [inline]
> [<ffffffff8162a7ce>] __do_sys_mount fs/namespace.c:3591 [inline]
> [<ffffffff8162a7ce>] __se_sys_mount fs/namespace.c:3568 [inline]
> [<ffffffff8162a7ce>] __x64_sys_mount+0x18e/0x1d0 fs/namespace.c:3568
> [<ffffffff8460f1e5>] do_syscall_x64 arch/x86/entry/common.c:50 [inline]
> [<ffffffff8460f1e5>] do_syscall_64+0x35/0xb0 arch/x86/entry/common.c:80
> [<ffffffff84800087>] entry_SYSCALL_64_after_hwframe+0x63/0xcd
>
> BUG: memory leak
> unreferenced object 0xffff88810a820800 (size 1024):
> comm "syz-executor361", pid 3670, jiffies 4294954234 (age 24.890s)
> hex dump (first 32 bytes):
> 00 b0 a4 0e 81 88 ff ff 00 00 00 00 00 00 00 00 ................
> 58 19 9a 0a 81 88 ff ff 00 00 00 00 00 00 00 00 X...............
> backtrace:
> [<ffffffff8168e25a>] kmalloc include/linux/slab.h:600 [inline]
> [<ffffffff8168e25a>] kzalloc include/linux/slab.h:733 [inline]
> [<ffffffff8168e25a>] add_new_master_key+0x4a/0x250 fs/crypto/keyring.c:418
> [<ffffffff8168ec10>] do_add_master_key fs/crypto/keyring.c:504 [inline]
> [<ffffffff8168ec10>] add_master_key+0x1e0/0x370 fs/crypto/keyring.c:554
> [<ffffffff8168f233>] fscrypt_add_test_dummy_key+0x93/0xc0 fs/crypto/keyring.c:801
> [<ffffffff8180b59a>] ext4_check_test_dummy_encryption fs/ext4/super.c:2680 [inline]
> [<ffffffff8180b59a>] ext4_check_opt_consistency+0x79a/0xb80 fs/ext4/super.c:2735
> [<ffffffff818119f6>] __ext4_fill_super fs/ext4/super.c:5095 [inline]
> [<ffffffff818119f6>] ext4_fill_super+0xb66/0x5080 fs/ext4/super.c:5648
> [<ffffffff815e7851>] get_tree_bdev+0x1f1/0x320 fs/super.c:1323
> [<ffffffff815e5a88>] vfs_get_tree+0x28/0x100 fs/super.c:1530
> [<ffffffff81629be7>] do_new_mount fs/namespace.c:3040 [inline]
> [<ffffffff81629be7>] path_mount+0xc37/0x10d0 fs/namespace.c:3370
> [<ffffffff8162a7ce>] do_mount fs/namespace.c:3383 [inline]
> [<ffffffff8162a7ce>] __do_sys_mount fs/namespace.c:3591 [inline]
> [<ffffffff8162a7ce>] __se_sys_mount fs/namespace.c:3568 [inline]
> [<ffffffff8162a7ce>] __x64_sys_mount+0x18e/0x1d0 fs/namespace.c:3568
> [<ffffffff8460f1e5>] do_syscall_x64 arch/x86/entry/common.c:50 [inline]
> [<ffffffff8460f1e5>] do_syscall_64+0x35/0xb0 arch/x86/entry/common.c:80
> [<ffffffff84800087>] entry_SYSCALL_64_after_hwframe+0x63/0xcd
>
> BUG: memory leak
> unreferenced object 0xffff8881024bd800 (size 512):
> comm "syz-executor361", pid 3670, jiffies 4294954234 (age 27.260s)
> hex dump (first 32 bytes):
> d8 00 00 00 00 00 00 00 00 00 00 00 ff ff ff ff ................
> e0 be 2a 82 ff ff ff ff 68 fc 1c 08 81 88 ff ff ..*.....h.......
> backtrace:
> [<ffffffff822a2f30>] kmalloc_node include/linux/slab.h:623 [inline]
> [<ffffffff822a2f30>] kzalloc_node include/linux/slab.h:744 [inline]
> [<ffffffff822a2f30>] crypto_create_tfm_node+0x30/0x130 crypto/api.c:504
> [<ffffffff822a3816>] crypto_alloc_tfm_node+0x96/0x180 crypto/api.c:588
> [<ffffffff8168ccdc>] fscrypt_init_hkdf+0x3c/0x180 fs/crypto/hkdf.c:75
> [<ffffffff8168eb90>] add_master_key+0x160/0x370 fs/crypto/keyring.c:535
> [<ffffffff8168f233>] fscrypt_add_test_dummy_key+0x93/0xc0 fs/crypto/keyring.c:801
> [<ffffffff8180b59a>] ext4_check_test_dummy_encryption fs/ext4/super.c:2680 [inline]
> [<ffffffff8180b59a>] ext4_check_opt_consistency+0x79a/0xb80 fs/ext4/super.c:2735
> [<ffffffff818119f6>] __ext4_fill_super fs/ext4/super.c:5095 [inline]
> [<ffffffff818119f6>] ext4_fill_super+0xb66/0x5080 fs/ext4/super.c:5648
> [<ffffffff815e7851>] get_tree_bdev+0x1f1/0x320 fs/super.c:1323
> [<ffffffff815e5a88>] vfs_get_tree+0x28/0x100 fs/super.c:1530
> [<ffffffff81629be7>] do_new_mount fs/namespace.c:3040 [inline]
> [<ffffffff81629be7>] path_mount+0xc37/0x10d0 fs/namespace.c:3370
> [<ffffffff8162a7ce>] do_mount fs/namespace.c:3383 [inline]
> [<ffffffff8162a7ce>] __do_sys_mount fs/namespace.c:3591 [inline]
> [<ffffffff8162a7ce>] __se_sys_mount fs/namespace.c:3568 [inline]
> [<ffffffff8162a7ce>] __x64_sys_mount+0x18e/0x1d0 fs/namespace.c:3568
> [<ffffffff8460f1e5>] do_syscall_x64 arch/x86/entry/common.c:50 [inline]
> [<ffffffff8460f1e5>] do_syscall_64+0x35/0xb0 arch/x86/entry/common.c:80
> [<ffffffff84800087>] entry_SYSCALL_64_after_hwframe+0x63/0xcd
>
> BUG: memory leak
> unreferenced object 0xffff88810eb2e740 (size 32):
> comm "syz-executor361", pid 3670, jiffies 4294954234 (age 27.260s)
> hex dump (first 32 bytes):
> d0 00 00 00 00 00 00 00 00 00 00 00 ff ff ff ff ................
> 00 00 00 00 00 00 00 00 20 cb c7 85 ff ff ff ff ........ .......
> backtrace:
> [<ffffffff822a2f30>] kmalloc_node include/linux/slab.h:623 [inline]
> [<ffffffff822a2f30>] kzalloc_node include/linux/slab.h:744 [inline]
> [<ffffffff822a2f30>] crypto_create_tfm_node+0x30/0x130 crypto/api.c:504
> [<ffffffff822a50f5>] crypto_create_tfm crypto/internal.h:92 [inline]
> [<ffffffff822a50f5>] crypto_spawn_tfm2+0x45/0x90 crypto/algapi.c:803
> [<ffffffff822b4c1b>] crypto_spawn_shash include/crypto/internal/hash.h:231 [inline]
> [<ffffffff822b4c1b>] hmac_init_tfm+0x3b/0xa0 crypto/hmac.c:152
> [<ffffffff822ac8c7>] crypto_shash_init_tfm+0x77/0xf0 crypto/shash.c:440
> [<ffffffff822a2f52>] crypto_create_tfm_node+0x52/0x130 crypto/api.c:512
> [<ffffffff822a3816>] crypto_alloc_tfm_node+0x96/0x180 crypto/api.c:588
> [<ffffffff8168ccdc>] fscrypt_init_hkdf+0x3c/0x180 fs/crypto/hkdf.c:75
> [<ffffffff8168eb90>] add_master_key+0x160/0x370 fs/crypto/keyring.c:535
> [<ffffffff8168f233>] fscrypt_add_test_dummy_key+0x93/0xc0 fs/crypto/keyring.c:801
> [<ffffffff8180b59a>] ext4_check_test_dummy_encryption fs/ext4/super.c:2680 [inline]
> [<ffffffff8180b59a>] ext4_check_opt_consistency+0x79a/0xb80 fs/ext4/super.c:2735
> [<ffffffff818119f6>] __ext4_fill_super fs/ext4/super.c:5095 [inline]
> [<ffffffff818119f6>] ext4_fill_super+0xb66/0x5080 fs/ext4/super.c:5648
> [<ffffffff815e7851>] get_tree_bdev+0x1f1/0x320 fs/super.c:1323
> [<ffffffff815e5a88>] vfs_get_tree+0x28/0x100 fs/super.c:1530
> [<ffffffff81629be7>] do_new_mount fs/namespace.c:3040 [inline]
> [<ffffffff81629be7>] path_mount+0xc37/0x10d0 fs/namespace.c:3370
> [<ffffffff8162a7ce>] do_mount fs/namespace.c:3383 [inline]
> [<ffffffff8162a7ce>] __do_sys_mount fs/namespace.c:3591 [inline]
> [<ffffffff8162a7ce>] __se_sys_mount fs/namespace.c:3568 [inline]
> [<ffffffff8162a7ce>] __x64_sys_mount+0x18e/0x1d0 fs/namespace.c:3568
> [<ffffffff8460f1e5>] do_syscall_x64 arch/x86/entry/common.c:50 [inline]
> [<ffffffff8460f1e5>] do_syscall_64+0x35/0xb0 arch/x86/entry/common.c:80
>
> BUG: memory leak
> unreferenced object 0xffff88810a9a1800 (size 2048):
> comm "syz-executor361", pid 3670, jiffies 4294954234 (age 27.260s)
> hex dump (first 32 bytes):
> 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
> 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
> backtrace:
> [<ffffffff8168ecf6>] kmalloc include/linux/slab.h:600 [inline]
> [<ffffffff8168ecf6>] kzalloc include/linux/slab.h:733 [inline]
> [<ffffffff8168ecf6>] allocate_filesystem_keyring fs/crypto/keyring.c:194 [inline]
> [<ffffffff8168ecf6>] do_add_master_key fs/crypto/keyring.c:502 [inline]
> [<ffffffff8168ecf6>] add_master_key+0x2c6/0x370 fs/crypto/keyring.c:554
> [<ffffffff8168f233>] fscrypt_add_test_dummy_key+0x93/0xc0 fs/crypto/keyring.c:801
> [<ffffffff8180b59a>] ext4_check_test_dummy_encryption fs/ext4/super.c:2680 [inline]
> [<ffffffff8180b59a>] ext4_check_opt_consistency+0x79a/0xb80 fs/ext4/super.c:2735
> [<ffffffff818119f6>] __ext4_fill_super fs/ext4/super.c:5095 [inline]
> [<ffffffff818119f6>] ext4_fill_super+0xb66/0x5080 fs/ext4/super.c:5648
> [<ffffffff815e7851>] get_tree_bdev+0x1f1/0x320 fs/super.c:1323
> [<ffffffff815e5a88>] vfs_get_tree+0x28/0x100 fs/super.c:1530
> [<ffffffff81629be7>] do_new_mount fs/namespace.c:3040 [inline]
> [<ffffffff81629be7>] path_mount+0xc37/0x10d0 fs/namespace.c:3370
> [<ffffffff8162a7ce>] do_mount fs/namespace.c:3383 [inline]
> [<ffffffff8162a7ce>] __do_sys_mount fs/namespace.c:3591 [inline]
> [<ffffffff8162a7ce>] __se_sys_mount fs/namespace.c:3568 [inline]
> [<ffffffff8162a7ce>] __x64_sys_mount+0x18e/0x1d0 fs/namespace.c:3568
> [<ffffffff8460f1e5>] do_syscall_x64 arch/x86/entry/common.c:50 [inline]
> [<ffffffff8460f1e5>] do_syscall_64+0x35/0xb0 arch/x86/entry/common.c:80
> [<ffffffff84800087>] entry_SYSCALL_64_after_hwframe+0x63/0xcd
>
> BUG: memory leak
> unreferenced object 0xffff88810a820800 (size 1024):
> comm "syz-executor361", pid 3670, jiffies 4294954234 (age 27.260s)
> hex dump (first 32 bytes):
> 00 b0 a4 0e 81 88 ff ff 00 00 00 00 00 00 00 00 ................
> 58 19 9a 0a 81 88 ff ff 00 00 00 00 00 00 00 00 X...............
> backtrace:
> [<ffffffff8168e25a>] kmalloc include/linux/slab.h:600 [inline]
> [<ffffffff8168e25a>] kzalloc include/linux/slab.h:733 [inline]
> [<ffffffff8168e25a>] add_new_master_key+0x4a/0x250 fs/crypto/keyring.c:418
> [<ffffffff8168ec10>] do_add_master_key fs/crypto/keyring.c:504 [inline]
> [<ffffffff8168ec10>] add_master_key+0x1e0/0x370 fs/crypto/keyring.c:554
> [<ffffffff8168f233>] fscrypt_add_test_dummy_key+0x93/0xc0 fs/crypto/keyring.c:801
> [<ffffffff8180b59a>] ext4_check_test_dummy_encryption fs/ext4/super.c:2680 [inline]
> [<ffffffff8180b59a>] ext4_check_opt_consistency+0x79a/0xb80 fs/ext4/super.c:2735
> [<ffffffff818119f6>] __ext4_fill_super fs/ext4/super.c:5095 [inline]
> [<ffffffff818119f6>] ext4_fill_super+0xb66/0x5080 fs/ext4/super.c:5648
> [<ffffffff815e7851>] get_tree_bdev+0x1f1/0x320 fs/super.c:1323
> [<ffffffff815e5a88>] vfs_get_tree+0x28/0x100 fs/super.c:1530
> [<ffffffff81629be7>] do_new_mount fs/namespace.c:3040 [inline]
> [<ffffffff81629be7>] path_mount+0xc37/0x10d0 fs/namespace.c:3370
> [<ffffffff8162a7ce>] do_mount fs/namespace.c:3383 [inline]
> [<ffffffff8162a7ce>] __do_sys_mount fs/namespace.c:3591 [inline]
> [<ffffffff8162a7ce>] __se_sys_mount fs/namespace.c:3568 [inline]
> [<ffffffff8162a7ce>] __x64_sys_mount+0x18e/0x1d0 fs/namespace.c:3568
> [<ffffffff8460f1e5>] do_syscall_x64 arch/x86/entry/common.c:50 [inline]
> [<ffffffff8460f1e5>] do_syscall_64+0x35/0xb0 arch/x86/entry/common.c:80
> [<ffffffff84800087>] entry_SYSCALL_64_after_hwframe+0x63/0xcd
>
> BUG: memory leak
> unreferenced object 0xffff8881024bd800 (size 512):
> comm "syz-executor361", pid 3670, jiffies 4294954234 (age 28.460s)
> hex dump (first 32 bytes):
> d8 00 00 00 00 00 00 00 00 00 00 00 ff ff ff ff ................
> e0 be 2a 82 ff ff ff ff 68 fc 1c 08 81 88 ff ff ..*.....h.......
> backtrace:
> [<ffffffff822a2f30>] kmalloc_node include/linux/slab.h:623 [inline]
> [<ffffffff822a2f30>] kzalloc_node include/linux/slab.h:744 [inline]
> [<ffffffff822a2f30>] crypto_create_tfm_node+0x30/0x130 crypto/api.c:504
> [<ffffffff822a3816>] crypto_alloc_tfm_node+0x96/0x180 crypto/api.c:588
> [<ffffffff8168ccdc>] fscrypt_init_hkdf+0x3c/0x180 fs/crypto/hkdf.c:75
> [<ffffffff8168eb90>] add_master_key+0x160/0x370 fs/crypto/keyring.c:535
> [<ffffffff8168f233>] fscrypt_add_test_dummy_key+0x93/0xc0 fs/crypto/keyring.c:801
> [<ffffffff8180b59a>] ext4_check_test_dummy_encryption fs/ext4/super.c:2680 [inline]
> [<ffffffff8180b59a>] ext4_check_opt_consistency+0x79a/0xb80 fs/ext4/super.c:2735
> [<ffffffff818119f6>] __ext4_fill_super fs/ext4/super.c:5095 [inline]
> [<ffffffff818119f6>] ext4_fill_super+0xb66/0x5080 fs/ext4/super.c:5648
> [<ffffffff815e7851>] get_tree_bdev+0x1f1/0x320 fs/super.c:1323
> [<ffffffff815e5a88>] vfs_get_tree+0x28/0x100 fs/super.c:1530
> [<ffffffff81629be7>] do_new_mount fs/namespace.c:3040 [inline]
> [<ffffffff81629be7>] path_mount+0xc37/0x10d0 fs/namespace.c:3370
> [<ffffffff8162a7ce>] do_mount fs/namespace.c:3383 [inline]
> [<ffffffff8162a7ce>] __do_sys_mount fs/namespace.c:3591 [inline]
> [<ffffffff8162a7ce>] __se_sys_mount fs/namespace.c:3568 [inline]
> [<ffffffff8162a7ce>] __x64_sys_mount+0x18e/0x1d0 fs/namespace.c:3568
> [<ffffffff8460f1e5>] do_syscall_x64 arch/x86/entry/common.c:50 [inline]
> [<ffffffff8460f1e5>] do_syscall_64+0x35/0xb0 arch/x86/entry/common.c:80
> [<ffffffff84800087>] entry_SYSCALL_64_after_hwframe+0x63/0xcd
>
> BUG: memory leak
> unreferenced object 0xffff88810eb2e740 (size 32):
> comm "syz-executor361", pid 3670, jiffies 4294954234 (age 28.460s)
> hex dump (first 32 bytes):
> d0 00 00 00 00 00 00 00 00 00 00 00 ff ff ff ff ................
> 00 00 00 00 00 00 00 00 20 cb c7 85 ff ff ff ff ........ .......
> backtrace:
> [<ffffffff822a2f30>] kmalloc_node include/linux/slab.h:623 [inline]
> [<ffffffff822a2f30>] kzalloc_node include/linux/slab.h:744 [inline]
> [<ffffffff822a2f30>] crypto_create_tfm_node+0x30/0x130 crypto/api.c:504
> [<ffffffff822a50f5>] crypto_create_tfm crypto/internal.h:92 [inline]
> [<ffffffff822a50f5>] crypto_spawn_tfm2+0x45/0x90 crypto/algapi.c:803
> [<ffffffff822b4c1b>] crypto_spawn_shash include/crypto/internal/hash.h:231 [inline]
> [<ffffffff822b4c1b>] hmac_init_tfm+0x3b/0xa0 crypto/hmac.c:152
> [<ffffffff822ac8c7>] crypto_shash_init_tfm+0x77/0xf0 crypto/shash.c:440
> [<ffffffff822a2f52>] crypto_create_tfm_node+0x52/0x130 crypto/api.c:512
> [<ffffffff822a3816>] crypto_alloc_tfm_node+0x96/0x180 crypto/api.c:588
> [<ffffffff8168ccdc>] fscrypt_init_hkdf+0x3c/0x180 fs/crypto/hkdf.c:75
> [<ffffffff8168eb90>] add_master_key+0x160/0x370 fs/crypto/keyring.c:535
> [<ffffffff8168f233>] fscrypt_add_test_dummy_key+0x93/0xc0 fs/crypto/keyring.c:801
> [<ffffffff8180b59a>] ext4_check_test_dummy_encryption fs/ext4/super.c:2680 [inline]
> [<ffffffff8180b59a>] ext4_check_opt_consistency+0x79a/0xb80 fs/ext4/super.c:2735
> [<ffffffff818119f6>] __ext4_fill_super fs/ext4/super.c:5095 [inline]
> [<ffffffff818119f6>] ext4_fill_super+0xb66/0x5080 fs/ext4/super.c:5648
> [<ffffffff815e7851>] get_tree_bdev+0x1f1/0x320 fs/super.c:1323
> [<ffffffff815e5a88>] vfs_get_tree+0x28/0x100 fs/super.c:1530
> [<ffffffff81629be7>] do_new_mount fs/namespace.c:3040 [inline]
> [<ffffffff81629be7>] path_mount+0xc37/0x10d0 fs/namespace.c:3370
> [<ffffffff8162a7ce>] do_mount fs/namespace.c:3383 [inline]
> [<ffffffff8162a7ce>] __do_sys_mount fs/namespace.c:3591 [inline]
> [<ffffffff8162a7ce>] __se_sys_mount fs/namespace.c:3568 [inline]
> [<ffffffff8162a7ce>] __x64_sys_mount+0x18e/0x1d0 fs/namespace.c:3568
> [<ffffffff8460f1e5>] do_syscall_x64 arch/x86/entry/common.c:50 [inline]
> [<ffffffff8460f1e5>] do_syscall_64+0x35/0xb0 arch/x86/entry/common.c:80
>
> BUG: memory leak
> unreferenced object 0xffff88810a9a1800 (size 2048):
> comm "syz-executor361", pid 3670, jiffies 4294954234 (age 28.460s)
> hex dump (first 32 bytes):
> 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
> 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
> backtrace:
> [<ffffffff8168ecf6>] kmalloc include/linux/slab.h:600 [inline]
> [<ffffffff8168ecf6>] kzalloc include/linux/slab.h:733 [inline]
> [<ffffffff8168ecf6>] allocate_filesystem_keyring fs/crypto/keyring.c:194 [inline]
> [<ffffffff8168ecf6>] do_add_master_key fs/crypto/keyring.c:502 [inline]
> [<ffffffff8168ecf6>] add_master_key+0x2c6/0x370 fs/crypto/keyring.c:554
> [<ffffffff8168f233>] fscrypt_add_test_dummy_key+0x93/0xc0 fs/crypto/keyring.c:801
> [<ffffffff8180b59a>] ext4_check_test_dummy_encryption fs/ext4/super.c:2680 [inline]
> [<ffffffff8180b59a>] ext4_check_opt_consistency+0x79a/0xb80 fs/ext4/super.c:2735
> [<ffffffff818119f6>] __ext4_fill_super fs/ext4/super.c:5095 [inline]
> [<ffffffff818119f6>] ext4_fill_super+0xb66/0x5080 fs/ext4/super.c:5648
> [<ffffffff815e7851>] get_tree_bdev+0x1f1/0x320 fs/super.c:1323
> [<ffffffff815e5a88>] vfs_get_tree+0x28/0x100 fs/super.c:1530
> [<ffffffff81629be7>] do_new_mount fs/namespace.c:3040 [inline]
> [<ffffffff81629be7>] path_mount+0xc37/0x10d0 fs/namespace.c:3370
> [<ffffffff8162a7ce>] do_mount fs/namespace.c:3383 [inline]
> [<ffffffff8162a7ce>] __do_sys_mount fs/namespace.c:3591 [inline]
> [<ffffffff8162a7ce>] __se_sys_mount fs/namespace.c:3568 [inline]
> [<ffffffff8162a7ce>] __x64_sys_mount+0x18e/0x1d0 fs/namespace.c:3568
> [<ffffffff8460f1e5>] do_syscall_x64 arch/x86/entry/common.c:50 [inline]
> [<ffffffff8460f1e5>] do_syscall_64+0x35/0xb0 arch/x86/entry/common.c:80
> [<ffffffff84800087>] entry_SYSCALL_64_after_hwframe+0x63/0xcd
>
> BUG: memory leak
> unreferenced object 0xffff88810a820800 (size 1024):
> comm "syz-executor361", pid 3670, jiffies 4294954234 (age 28.460s)
> hex dump (first 32 bytes):
> 00 b0 a4 0e 81 88 ff ff 00 00 00 00 00 00 00 00 ................
> 58 19 9a 0a 81 88 ff ff 00 00 00 00 00 00 00 00 X...............
> backtrace:
> [<ffffffff8168e25a>] kmalloc include/linux/slab.h:600 [inline]
> [<ffffffff8168e25a>] kzalloc include/linux/slab.h:733 [inline]
> [<ffffffff8168e25a>] add_new_master_key+0x4a/0x250 fs/crypto/keyring.c:418
> [<ffffffff8168ec10>] do_add_master_key fs/crypto/keyring.c:504 [inline]
> [<ffffffff8168ec10>] add_master_key+0x1e0/0x370 fs/crypto/keyring.c:554
> [<ffffffff8168f233>] fscrypt_add_test_dummy_key+0x93/0xc0 fs/crypto/keyring.c:801
> [<ffffffff8180b59a>] ext4_check_test_dummy_encryption fs/ext4/super.c:2680 [inline]
> [<ffffffff8180b59a>] ext4_check_opt_consistency+0x79a/0xb80 fs/ext4/super.c:2735
> [<ffffffff818119f6>] __ext4_fill_super fs/ext4/super.c:5095 [inline]
> [<ffffffff818119f6>] ext4_fill_super+0xb66/0x5080 fs/ext4/super.c:5648
> [<ffffffff815e7851>] get_tree_bdev+0x1f1/0x320 fs/super.c:1323
> [<ffffffff815e5a88>] vfs_get_tree+0x28/0x100 fs/super.c:1530
> [<ffffffff81629be7>] do_new_mount fs/namespace.c:3040 [inline]
> [<ffffffff81629be7>] path_mount+0xc37/0x10d0 fs/namespace.c:3370
> [<ffffffff8162a7ce>] do_mount fs/namespace.c:3383 [inline]
> [<ffffffff8162a7ce>] __do_sys_mount fs/namespace.c:3591 [inline]
> [<ffffffff8162a7ce>] __se_sys_mount fs/namespace.c:3568 [inline]
> [<ffffffff8162a7ce>] __x64_sys_mount+0x18e/0x1d0 fs/namespace.c:3568
> [<ffffffff8460f1e5>] do_syscall_x64 arch/x86/entry/common.c:50 [inline]
> [<ffffffff8460f1e5>] do_syscall_64+0x35/0xb0 arch/x86/entry/common.c:80
> [<ffffffff84800087>] entry_SYSCALL_64_after_hwframe+0x63/0xcd
>
> BUG: memory leak
> unreferenced object 0xffff8881024bd800 (size 512):
> comm "syz-executor361", pid 3670, jiffies 4294954234 (age 29.660s)
> hex dump (first 32 bytes):
> d8 00 00 00 00 00 00 00 00 00 00 00 ff ff ff ff ................
> e0 be 2a 82 ff ff ff ff 68 fc 1c 08 81 88 ff ff ..*.....h.......
> backtrace:
> [<ffffffff822a2f30>] kmalloc_node include/linux/slab.h:623 [inline]
> [<ffffffff822a2f30>] kzalloc_node include/linux/slab.h:744 [inline]
> [<ffffffff822a2f30>] crypto_create_tfm_node+0x30/0x130 crypto/api.c:504
> [<ffffffff822a3816>] crypto_alloc_tfm_node+0x96/0x180 crypto/api.c:588
> [<ffffffff8168ccdc>] fscrypt_init_hkdf+0x3c/0x180 fs/crypto/hkdf.c:75
> [<ffffffff8168eb90>] add_master_key+0x160/0x370 fs/crypto/keyring.c:535
> [<ffffffff8168f233>] fscrypt_add_test_dummy_key+0x93/0xc0 fs/crypto/keyring.c:801
> [<ffffffff8180b59a>] ext4_check_test_dummy_encryption fs/ext4/super.c:2680 [inline]
> [<ffffffff8180b59a>] ext4_check_opt_consistency+0x79a/0xb80 fs/ext4/super.c:2735
> [<ffffffff818119f6>] __ext4_fill_super fs/ext4/super.c:5095 [inline]
> [<ffffffff818119f6>] ext4_fill_super+0xb66/0x5080 fs/ext4/super.c:5648
> [<ffffffff815e7851>] get_tree_bdev+0x1f1/0x320 fs/super.c:1323
> [<ffffffff815e5a88>] vfs_get_tree+0x28/0x100 fs/super.c:1530
> [<ffffffff81629be7>] do_new_mount fs/namespace.c:3040 [inline]
> [<ffffffff81629be7>] path_mount+0xc37/0x10d0 fs/namespace.c:3370
> [<ffffffff8162a7ce>] do_mount fs/namespace.c:3383 [inline]
> [<ffffffff8162a7ce>] __do_sys_mount fs/namespace.c:3591 [inline]
> [<ffffffff8162a7ce>] __se_sys_mount fs/namespace.c:3568 [inline]
> [<ffffffff8162a7ce>] __x64_sys_mount+0x18e/0x1d0 fs/namespace.c:3568
> [<ffffffff8460f1e5>] do_syscall_x64 arch/x86/entry/common.c:50 [inline]
> [<ffffffff8460f1e5>] do_syscall_64+0x35/0xb0 arch/x86/entry/common.c:80
> [<ffffffff84800087>] entry_SYSCALL_64_after_hwframe+0x63/0xcd
>
> BUG: memory leak
> unreferenced object 0xffff88810eb2e740 (size 32):
> comm "syz-executor361", pid 3670, jiffies 4294954234 (age 29.660s)
> hex dump (first 32 bytes):
> d0 00 00 00 00 00 00 00 00 00 00 00 ff ff ff ff ................
> 00 00 00 00 00 00 00 00 20 cb c7 85 ff ff ff ff ........ .......
> backtrace:
> [<ffffffff822a2f30>] kmalloc_node include/linux/slab.h:623 [inline]
> [<ffffffff822a2f30>] kzalloc_node include/linux/slab.h:744 [inline]
> [<ffffffff822a2f30>] crypto_create_tfm_node+0x30/0x130 crypto/api.c:504
> [<ffffffff822a50f5>] crypto_create_tfm crypto/internal.h:92 [inline]
> [<ffffffff822a50f5>] crypto_spawn_tfm2+0x45/0x90 crypto/algapi.c:803
> [<ffffffff822b4c1b>] crypto_spawn_shash include/crypto/internal/hash.h:231 [inline]
> [<ffffffff822b4c1b>] hmac_init_tfm+0x3b/0xa0 crypto/hmac.c:152
> [<ffffffff822ac8c7>] crypto_shash_init_tfm+0x77/0xf0 crypto/shash.c:440
> [<ffffffff822a2f52>] crypto_create_tfm_node+0x52/0x130 crypto/api.c:512
> [<ffffffff822a3816>] crypto_alloc_tfm_node+0x96/0x180 crypto/api.c:588
> [<ffffffff8168ccdc>] fscrypt_init_hkdf+0x3c/0x180 fs/crypto/hkdf.c:75
> [<ffffffff8168eb90>] add_master_key+0x160/0x370 fs/crypto/keyring.c:535
> [<ffffffff8168f233>] fscrypt_add_test_dummy_key+0x93/0xc0 fs/crypto/keyring.c:801
> [<ffffffff8180b59a>] ext4_check_test_dummy_encryption fs/ext4/super.c:2680 [inline]
> [<ffffffff8180b59a>] ext4_check_opt_consistency+0x79a/0xb80 fs/ext4/super.c:2735
> [<ffffffff818119f6>] __ext4_fill_super fs/ext4/super.c:5095 [inline]
> [<ffffffff818119f6>] ext4_fill_super+0xb66/0x5080 fs/ext4/super.c:5648
> [<ffffffff815e7851>] get_tree_bdev+0x1f1/0x320 fs/super.c:1323
> [<ffffffff815e5a88>] vfs_get_tree+0x28/0x100 fs/super.c:1530
> [<ffffffff81629be7>] do_new_mount fs/namespace.c:3040 [inline]
> [<ffffffff81629be7>] path_mount+0xc37/0x10d0 fs/namespace.c:3370
> [<ffffffff8162a7ce>] do_mount fs/namespace.c:3383 [inline]
> [<ffffffff8162a7ce>] __do_sys_mount fs/namespace.c:3591 [inline]
> [<ffffffff8162a7ce>] __se_sys_mount fs/namespace.c:3568 [inline]
> [<ffffffff8162a7ce>] __x64_sys_mount+0x18e/0x1d0 fs/namespace.c:3568
> [<ffffffff8460f1e5>] do_syscall_x64 arch/x86/entry/common.c:50 [inline]
> [<ffffffff8460f1e5>] do_syscall_64+0x35/0xb0 arch/x86/entry/common.c:80
>
> BUG: memory leak
> unreferenced object 0xffff88810a9a1800 (size 2048):
> comm "syz-executor361", pid 3670, jiffies 4294954234 (age 29.660s)
> hex dump (first 32 bytes):
> 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
> 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
> backtrace:
> [<ffffffff8168ecf6>] kmalloc include/linux/slab.h:600 [inline]
> [<ffffffff8168ecf6>] kzalloc include/linux/slab.h:733 [inline]
> [<ffffffff8168ecf6>] allocate_filesystem_keyring fs/crypto/keyring.c:194 [inline]
> [<ffffffff8168ecf6>] do_add_master_key fs/crypto/keyring.c:502 [inline]
> [<ffffffff8168ecf6>] add_master_key+0x2c6/0x370 fs/crypto/keyring.c:554
> [<ffffffff8168f233>] fscrypt_add_test_dummy_key+0x93/0xc0 fs/crypto/keyring.c:801
> [<ffffffff8180b59a>] ext4_check_test_dummy_encryption fs/ext4/super.c:2680 [inline]
> [<ffffffff8180b59a>] ext4_check_opt_consistency+0x79a/0xb80 fs/ext4/super.c:2735
> [<ffffffff818119f6>] __ext4_fill_super fs/ext4/super.c:5095 [inline]
> [<ffffffff818119f6>] ext4_fill_super+0xb66/0x5080 fs/ext4/super.c:5648
> [<ffffffff815e7851>] get_tree_bdev+0x1f1/0x320 fs/super.c:1323
> [<ffffffff815e5a88>] vfs_get_tree+0x28/0x100 fs/super.c:1530
> [<ffffffff81629be7>] do_new_mount fs/namespace.c:3040 [inline]
> [<ffffffff81629be7>] path_mount+0xc37/0x10d0 fs/namespace.c:3370
> [<ffffffff8162a7ce>] do_mount fs/namespace.c:3383 [inline]
> [<ffffffff8162a7ce>] __do_sys_mount fs/namespace.c:3591 [inline]
> [<ffffffff8162a7ce>] __se_sys_mount fs/namespace.c:3568 [inline]
> [<ffffffff8162a7ce>] __x64_sys_mount+0x18e/0x1d0 fs/namespace.c:3568
> [<ffffffff8460f1e5>] do_syscall_x64 arch/x86/entry/common.c:50 [inline]
> [<ffffffff8460f1e5>] do_syscall_64+0x35/0xb0 arch/x86/entry/common.c:80
> [<ffffffff84800087>] entry_SYSCALL_64_after_hwframe+0x63/0xcd
>
> BUG: memory leak
> unreferenced object 0xffff88810a820800 (size 1024):
> comm "syz-executor361", pid 3670, jiffies 4294954234 (age 29.660s)
> hex dump (first 32 bytes):
> 00 b0 a4 0e 81 88 ff ff 00 00 00 00 00 00 00 00 ................
> 58 19 9a 0a 81 88 ff ff 00 00 00 00 00 00 00 00 X...............
> backtrace:
> [<ffffffff8168e25a>] kmalloc include/linux/slab.h:600 [inline]
> [<ffffffff8168e25a>] kzalloc include/linux/slab.h:733 [inline]
> [<ffffffff8168e25a>] add_new_master_key+0x4a/0x250 fs/crypto/keyring.c:418
> [<ffffffff8168ec10>] do_add_master_key fs/crypto/keyring.c:504 [inline]
> [<ffffffff8168ec10>] add_master_key+0x1e0/0x370 fs/crypto/keyring.c:554
> [<ffffffff8168f233>] fscrypt_add_test_dummy_key+0x93/0xc0 fs/crypto/keyring.c:801
> [<ffffffff8180b59a>] ext4_check_test_dummy_encryption fs/ext4/super.c:2680 [inline]
> [<ffffffff8180b59a>] ext4_check_opt_consistency+0x79a/0xb80 fs/ext4/super.c:2735
> [<ffffffff818119f6>] __ext4_fill_super fs/ext4/super.c:5095 [inline]
> [<ffffffff818119f6>] ext4_fill_super+0xb66/0x5080 fs/ext4/super.c:5648
> [<ffffffff815e7851>] get_tree_bdev+0x1f1/0x320 fs/super.c:1323
> [<ffffffff815e5a88>] vfs_get_tree+0x28/0x100 fs/super.c:1530
> [<ffffffff81629be7>] do_new_mount fs/namespace.c:3040 [inline]
> [<ffffffff81629be7>] path_mount+0xc37/0x10d0 fs/namespace.c:3370
> [<ffffffff8162a7ce>] do_mount fs/namespace.c:3383 [inline]
> [<ffffffff8162a7ce>] __do_sys_mount fs/namespace.c:3591 [inline]
> [<ffffffff8162a7ce>] __se_sys_mount fs/namespace.c:3568 [inline]
> [<ffffffff8162a7ce>] __x64_sys_mount+0x18e/0x1d0 fs/namespace.c:3568
> [<ffffffff8460f1e5>] do_syscall_x64 arch/x86/entry/common.c:50 [inline]
> [<ffffffff8460f1e5>] do_syscall_64+0x35/0xb0 arch/x86/entry/common.c:80
> [<ffffffff84800087>] entry_SYSCALL_64_after_hwframe+0x63/0xcd
>
> executing program
> executing program
> executing program
>
>
> ---
> This report is generated by a bot. It may contain errors.
> See https://goo.gl/tpsmEJ for more information about syzbot.
> syzbot engineers can be reached at syzkaller@googlegroups.com.
>
> syzbot will keep track of this issue. See:
> https://goo.gl/tpsmEJ#status for how to communicate with syzbot.
> syzbot can test patches for this issue, for details see:
> https://goo.gl/tpsmEJ#testing-patches
--
Email: Herbert Xu <herbert@gondor.apana.org.au>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt
^ permalink raw reply [flat|nested] 8+ messages in thread
* Re: [syzbot] memory leak in crypto_create_tfm_node
2022-10-12 9:23 ` [syzbot] memory leak in crypto_create_tfm_node Herbert Xu
@ 2022-10-12 10:26 ` Dmitry Vyukov
2022-10-13 1:56 ` Herbert Xu
0 siblings, 1 reply; 8+ messages in thread
From: Dmitry Vyukov @ 2022-10-12 10:26 UTC (permalink / raw)
To: Herbert Xu
Cc: syzbot, Theodore Y. Ts'o, Jaegeuk Kim, Eric Biggers,
linux-fscrypt, davem, linux-crypto, linux-kernel, syzkaller-bugs
On Wed, 12 Oct 2022 at 11:23, Herbert Xu <herbert@gondor.apana.org.au> wrote:
>
> Hi:
>
> I presume this is a leak in fscrypt (or perhaps something at an
> even higher level).
Eric sent this:
[PATCH] fscrypt: fix keyring memory leak on mount failure
https://lore.kernel.org/all/20221011213838.209879-1-ebiggers@kernel.org/
> Thanks,
>
> On Tue, Oct 11, 2022 at 01:46:41PM -0700, syzbot wrote:
> > Hello,
> >
> > syzbot found the following issue on:
> >
> > HEAD commit: 4c86114194e6 Merge tag 'iomap-6.1-merge-1' of git://git.ke..
> > git tree: upstream
> > console output: https://syzkaller.appspot.com/x/log.txt?x=104827bc880000
> > kernel config: https://syzkaller.appspot.com/x/.config?x=10f41fbb818af57a
> > dashboard link: https://syzkaller.appspot.com/bug?extid=104c2a89561289cec13e
> > compiler: gcc (Debian 10.2.1-6) 10.2.1 20210110, GNU ld (GNU Binutils for Debian) 2.35.2
> > syz repro: https://syzkaller.appspot.com/x/repro.syz?x=17a1d5fa880000
> > C reproducer: https://syzkaller.appspot.com/x/repro.c?x=12f77e34880000
> >
> > Downloadable assets:
> > disk image: https://storage.googleapis.com/syzbot-assets/47a35ffaaa39/disk-4c861141.raw.xz
> > vmlinux: https://storage.googleapis.com/syzbot-assets/cc11d48eaf17/vmlinux-4c861141.xz
> > mounted in repro: https://storage.googleapis.com/syzbot-assets/c14465c5ddba/mount_0.gz
> >
> > IMPORTANT: if you fix the issue, please add the following tag to the commit:
> > Reported-by: syzbot+104c2a89561289cec13e@syzkaller.appspotmail.com
> >
> > BUG: memory leak
> > unreferenced object 0xffff8881024bd800 (size 512):
> > comm "syz-executor361", pid 3670, jiffies 4294954234 (age 21.340s)
> > hex dump (first 32 bytes):
> > d8 00 00 00 00 00 00 00 00 00 00 00 ff ff ff ff ................
> > e0 be 2a 82 ff ff ff ff 68 fc 1c 08 81 88 ff ff ..*.....h.......
> > backtrace:
> > [<ffffffff822a2f30>] kmalloc_node include/linux/slab.h:623 [inline]
> > [<ffffffff822a2f30>] kzalloc_node include/linux/slab.h:744 [inline]
> > [<ffffffff822a2f30>] crypto_create_tfm_node+0x30/0x130 crypto/api.c:504
> > [<ffffffff822a3816>] crypto_alloc_tfm_node+0x96/0x180 crypto/api.c:588
> > [<ffffffff8168ccdc>] fscrypt_init_hkdf+0x3c/0x180 fs/crypto/hkdf.c:75
> > [<ffffffff8168eb90>] add_master_key+0x160/0x370 fs/crypto/keyring.c:535
> > [<ffffffff8168f233>] fscrypt_add_test_dummy_key+0x93/0xc0 fs/crypto/keyring.c:801
> > [<ffffffff8180b59a>] ext4_check_test_dummy_encryption fs/ext4/super.c:2680 [inline]
> > [<ffffffff8180b59a>] ext4_check_opt_consistency+0x79a/0xb80 fs/ext4/super.c:2735
> > [<ffffffff818119f6>] __ext4_fill_super fs/ext4/super.c:5095 [inline]
> > [<ffffffff818119f6>] ext4_fill_super+0xb66/0x5080 fs/ext4/super.c:5648
> > [<ffffffff815e7851>] get_tree_bdev+0x1f1/0x320 fs/super.c:1323
> > [<ffffffff815e5a88>] vfs_get_tree+0x28/0x100 fs/super.c:1530
> > [<ffffffff81629be7>] do_new_mount fs/namespace.c:3040 [inline]
> > [<ffffffff81629be7>] path_mount+0xc37/0x10d0 fs/namespace.c:3370
> > [<ffffffff8162a7ce>] do_mount fs/namespace.c:3383 [inline]
> > [<ffffffff8162a7ce>] __do_sys_mount fs/namespace.c:3591 [inline]
> > [<ffffffff8162a7ce>] __se_sys_mount fs/namespace.c:3568 [inline]
> > [<ffffffff8162a7ce>] __x64_sys_mount+0x18e/0x1d0 fs/namespace.c:3568
> > [<ffffffff8460f1e5>] do_syscall_x64 arch/x86/entry/common.c:50 [inline]
> > [<ffffffff8460f1e5>] do_syscall_64+0x35/0xb0 arch/x86/entry/common.c:80
> > [<ffffffff84800087>] entry_SYSCALL_64_after_hwframe+0x63/0xcd
> >
> > BUG: memory leak
> > unreferenced object 0xffff88810eb2e740 (size 32):
> > comm "syz-executor361", pid 3670, jiffies 4294954234 (age 21.340s)
> > hex dump (first 32 bytes):
> > d0 00 00 00 00 00 00 00 00 00 00 00 ff ff ff ff ................
> > 00 00 00 00 00 00 00 00 20 cb c7 85 ff ff ff ff ........ .......
> > backtrace:
> > [<ffffffff822a2f30>] kmalloc_node include/linux/slab.h:623 [inline]
> > [<ffffffff822a2f30>] kzalloc_node include/linux/slab.h:744 [inline]
> > [<ffffffff822a2f30>] crypto_create_tfm_node+0x30/0x130 crypto/api.c:504
> > [<ffffffff822a50f5>] crypto_create_tfm crypto/internal.h:92 [inline]
> > [<ffffffff822a50f5>] crypto_spawn_tfm2+0x45/0x90 crypto/algapi.c:803
> > [<ffffffff822b4c1b>] crypto_spawn_shash include/crypto/internal/hash.h:231 [inline]
> > [<ffffffff822b4c1b>] hmac_init_tfm+0x3b/0xa0 crypto/hmac.c:152
> > [<ffffffff822ac8c7>] crypto_shash_init_tfm+0x77/0xf0 crypto/shash.c:440
> > [<ffffffff822a2f52>] crypto_create_tfm_node+0x52/0x130 crypto/api.c:512
> > [<ffffffff822a3816>] crypto_alloc_tfm_node+0x96/0x180 crypto/api.c:588
> > [<ffffffff8168ccdc>] fscrypt_init_hkdf+0x3c/0x180 fs/crypto/hkdf.c:75
> > [<ffffffff8168eb90>] add_master_key+0x160/0x370 fs/crypto/keyring.c:535
> > [<ffffffff8168f233>] fscrypt_add_test_dummy_key+0x93/0xc0 fs/crypto/keyring.c:801
> > [<ffffffff8180b59a>] ext4_check_test_dummy_encryption fs/ext4/super.c:2680 [inline]
> > [<ffffffff8180b59a>] ext4_check_opt_consistency+0x79a/0xb80 fs/ext4/super.c:2735
> > [<ffffffff818119f6>] __ext4_fill_super fs/ext4/super.c:5095 [inline]
> > [<ffffffff818119f6>] ext4_fill_super+0xb66/0x5080 fs/ext4/super.c:5648
> > [<ffffffff815e7851>] get_tree_bdev+0x1f1/0x320 fs/super.c:1323
> > [<ffffffff815e5a88>] vfs_get_tree+0x28/0x100 fs/super.c:1530
> > [<ffffffff81629be7>] do_new_mount fs/namespace.c:3040 [inline]
> > [<ffffffff81629be7>] path_mount+0xc37/0x10d0 fs/namespace.c:3370
> > [<ffffffff8162a7ce>] do_mount fs/namespace.c:3383 [inline]
> > [<ffffffff8162a7ce>] __do_sys_mount fs/namespace.c:3591 [inline]
> > [<ffffffff8162a7ce>] __se_sys_mount fs/namespace.c:3568 [inline]
> > [<ffffffff8162a7ce>] __x64_sys_mount+0x18e/0x1d0 fs/namespace.c:3568
> > [<ffffffff8460f1e5>] do_syscall_x64 arch/x86/entry/common.c:50 [inline]
> > [<ffffffff8460f1e5>] do_syscall_64+0x35/0xb0 arch/x86/entry/common.c:80
> >
> > BUG: memory leak
> > unreferenced object 0xffff88810a9a1800 (size 2048):
> > comm "syz-executor361", pid 3670, jiffies 4294954234 (age 21.340s)
> > hex dump (first 32 bytes):
> > 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
> > 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
> > backtrace:
> > [<ffffffff8168ecf6>] kmalloc include/linux/slab.h:600 [inline]
> > [<ffffffff8168ecf6>] kzalloc include/linux/slab.h:733 [inline]
> > [<ffffffff8168ecf6>] allocate_filesystem_keyring fs/crypto/keyring.c:194 [inline]
> > [<ffffffff8168ecf6>] do_add_master_key fs/crypto/keyring.c:502 [inline]
> > [<ffffffff8168ecf6>] add_master_key+0x2c6/0x370 fs/crypto/keyring.c:554
> > [<ffffffff8168f233>] fscrypt_add_test_dummy_key+0x93/0xc0 fs/crypto/keyring.c:801
> > [<ffffffff8180b59a>] ext4_check_test_dummy_encryption fs/ext4/super.c:2680 [inline]
> > [<ffffffff8180b59a>] ext4_check_opt_consistency+0x79a/0xb80 fs/ext4/super.c:2735
> > [<ffffffff818119f6>] __ext4_fill_super fs/ext4/super.c:5095 [inline]
> > [<ffffffff818119f6>] ext4_fill_super+0xb66/0x5080 fs/ext4/super.c:5648
> > [<ffffffff815e7851>] get_tree_bdev+0x1f1/0x320 fs/super.c:1323
> > [<ffffffff815e5a88>] vfs_get_tree+0x28/0x100 fs/super.c:1530
> > [<ffffffff81629be7>] do_new_mount fs/namespace.c:3040 [inline]
> > [<ffffffff81629be7>] path_mount+0xc37/0x10d0 fs/namespace.c:3370
> > [<ffffffff8162a7ce>] do_mount fs/namespace.c:3383 [inline]
> > [<ffffffff8162a7ce>] __do_sys_mount fs/namespace.c:3591 [inline]
> > [<ffffffff8162a7ce>] __se_sys_mount fs/namespace.c:3568 [inline]
> > [<ffffffff8162a7ce>] __x64_sys_mount+0x18e/0x1d0 fs/namespace.c:3568
> > [<ffffffff8460f1e5>] do_syscall_x64 arch/x86/entry/common.c:50 [inline]
> > [<ffffffff8460f1e5>] do_syscall_64+0x35/0xb0 arch/x86/entry/common.c:80
> > [<ffffffff84800087>] entry_SYSCALL_64_after_hwframe+0x63/0xcd
> >
> > BUG: memory leak
> > unreferenced object 0xffff88810a820800 (size 1024):
> > comm "syz-executor361", pid 3670, jiffies 4294954234 (age 21.340s)
> > hex dump (first 32 bytes):
> > 00 b0 a4 0e 81 88 ff ff 00 00 00 00 00 00 00 00 ................
> > 58 19 9a 0a 81 88 ff ff 00 00 00 00 00 00 00 00 X...............
> > backtrace:
> > [<ffffffff8168e25a>] kmalloc include/linux/slab.h:600 [inline]
> > [<ffffffff8168e25a>] kzalloc include/linux/slab.h:733 [inline]
> > [<ffffffff8168e25a>] add_new_master_key+0x4a/0x250 fs/crypto/keyring.c:418
> > [<ffffffff8168ec10>] do_add_master_key fs/crypto/keyring.c:504 [inline]
> > [<ffffffff8168ec10>] add_master_key+0x1e0/0x370 fs/crypto/keyring.c:554
> > [<ffffffff8168f233>] fscrypt_add_test_dummy_key+0x93/0xc0 fs/crypto/keyring.c:801
> > [<ffffffff8180b59a>] ext4_check_test_dummy_encryption fs/ext4/super.c:2680 [inline]
> > [<ffffffff8180b59a>] ext4_check_opt_consistency+0x79a/0xb80 fs/ext4/super.c:2735
> > [<ffffffff818119f6>] __ext4_fill_super fs/ext4/super.c:5095 [inline]
> > [<ffffffff818119f6>] ext4_fill_super+0xb66/0x5080 fs/ext4/super.c:5648
> > [<ffffffff815e7851>] get_tree_bdev+0x1f1/0x320 fs/super.c:1323
> > [<ffffffff815e5a88>] vfs_get_tree+0x28/0x100 fs/super.c:1530
> > [<ffffffff81629be7>] do_new_mount fs/namespace.c:3040 [inline]
> > [<ffffffff81629be7>] path_mount+0xc37/0x10d0 fs/namespace.c:3370
> > [<ffffffff8162a7ce>] do_mount fs/namespace.c:3383 [inline]
> > [<ffffffff8162a7ce>] __do_sys_mount fs/namespace.c:3591 [inline]
> > [<ffffffff8162a7ce>] __se_sys_mount fs/namespace.c:3568 [inline]
> > [<ffffffff8162a7ce>] __x64_sys_mount+0x18e/0x1d0 fs/namespace.c:3568
> > [<ffffffff8460f1e5>] do_syscall_x64 arch/x86/entry/common.c:50 [inline]
> > [<ffffffff8460f1e5>] do_syscall_64+0x35/0xb0 arch/x86/entry/common.c:80
> > [<ffffffff84800087>] entry_SYSCALL_64_after_hwframe+0x63/0xcd
> >
> > BUG: memory leak
> > unreferenced object 0xffff8881024bd800 (size 512):
> > comm "syz-executor361", pid 3670, jiffies 4294954234 (age 24.890s)
> > hex dump (first 32 bytes):
> > d8 00 00 00 00 00 00 00 00 00 00 00 ff ff ff ff ................
> > e0 be 2a 82 ff ff ff ff 68 fc 1c 08 81 88 ff ff ..*.....h.......
> > backtrace:
> > [<ffffffff822a2f30>] kmalloc_node include/linux/slab.h:623 [inline]
> > [<ffffffff822a2f30>] kzalloc_node include/linux/slab.h:744 [inline]
> > [<ffffffff822a2f30>] crypto_create_tfm_node+0x30/0x130 crypto/api.c:504
> > [<ffffffff822a3816>] crypto_alloc_tfm_node+0x96/0x180 crypto/api.c:588
> > [<ffffffff8168ccdc>] fscrypt_init_hkdf+0x3c/0x180 fs/crypto/hkdf.c:75
> > [<ffffffff8168eb90>] add_master_key+0x160/0x370 fs/crypto/keyring.c:535
> > [<ffffffff8168f233>] fscrypt_add_test_dummy_key+0x93/0xc0 fs/crypto/keyring.c:801
> > [<ffffffff8180b59a>] ext4_check_test_dummy_encryption fs/ext4/super.c:2680 [inline]
> > [<ffffffff8180b59a>] ext4_check_opt_consistency+0x79a/0xb80 fs/ext4/super.c:2735
> > [<ffffffff818119f6>] __ext4_fill_super fs/ext4/super.c:5095 [inline]
> > [<ffffffff818119f6>] ext4_fill_super+0xb66/0x5080 fs/ext4/super.c:5648
> > [<ffffffff815e7851>] get_tree_bdev+0x1f1/0x320 fs/super.c:1323
> > [<ffffffff815e5a88>] vfs_get_tree+0x28/0x100 fs/super.c:1530
> > [<ffffffff81629be7>] do_new_mount fs/namespace.c:3040 [inline]
> > [<ffffffff81629be7>] path_mount+0xc37/0x10d0 fs/namespace.c:3370
> > [<ffffffff8162a7ce>] do_mount fs/namespace.c:3383 [inline]
> > [<ffffffff8162a7ce>] __do_sys_mount fs/namespace.c:3591 [inline]
> > [<ffffffff8162a7ce>] __se_sys_mount fs/namespace.c:3568 [inline]
> > [<ffffffff8162a7ce>] __x64_sys_mount+0x18e/0x1d0 fs/namespace.c:3568
> > [<ffffffff8460f1e5>] do_syscall_x64 arch/x86/entry/common.c:50 [inline]
> > [<ffffffff8460f1e5>] do_syscall_64+0x35/0xb0 arch/x86/entry/common.c:80
> > [<ffffffff84800087>] entry_SYSCALL_64_after_hwframe+0x63/0xcd
> >
> > BUG: memory leak
> > unreferenced object 0xffff88810eb2e740 (size 32):
> > comm "syz-executor361", pid 3670, jiffies 4294954234 (age 24.890s)
> > hex dump (first 32 bytes):
> > d0 00 00 00 00 00 00 00 00 00 00 00 ff ff ff ff ................
> > 00 00 00 00 00 00 00 00 20 cb c7 85 ff ff ff ff ........ .......
> > backtrace:
> > [<ffffffff822a2f30>] kmalloc_node include/linux/slab.h:623 [inline]
> > [<ffffffff822a2f30>] kzalloc_node include/linux/slab.h:744 [inline]
> > [<ffffffff822a2f30>] crypto_create_tfm_node+0x30/0x130 crypto/api.c:504
> > [<ffffffff822a50f5>] crypto_create_tfm crypto/internal.h:92 [inline]
> > [<ffffffff822a50f5>] crypto_spawn_tfm2+0x45/0x90 crypto/algapi.c:803
> > [<ffffffff822b4c1b>] crypto_spawn_shash include/crypto/internal/hash.h:231 [inline]
> > [<ffffffff822b4c1b>] hmac_init_tfm+0x3b/0xa0 crypto/hmac.c:152
> > [<ffffffff822ac8c7>] crypto_shash_init_tfm+0x77/0xf0 crypto/shash.c:440
> > [<ffffffff822a2f52>] crypto_create_tfm_node+0x52/0x130 crypto/api.c:512
> > [<ffffffff822a3816>] crypto_alloc_tfm_node+0x96/0x180 crypto/api.c:588
> > [<ffffffff8168ccdc>] fscrypt_init_hkdf+0x3c/0x180 fs/crypto/hkdf.c:75
> > [<ffffffff8168eb90>] add_master_key+0x160/0x370 fs/crypto/keyring.c:535
> > [<ffffffff8168f233>] fscrypt_add_test_dummy_key+0x93/0xc0 fs/crypto/keyring.c:801
> > [<ffffffff8180b59a>] ext4_check_test_dummy_encryption fs/ext4/super.c:2680 [inline]
> > [<ffffffff8180b59a>] ext4_check_opt_consistency+0x79a/0xb80 fs/ext4/super.c:2735
> > [<ffffffff818119f6>] __ext4_fill_super fs/ext4/super.c:5095 [inline]
> > [<ffffffff818119f6>] ext4_fill_super+0xb66/0x5080 fs/ext4/super.c:5648
> > [<ffffffff815e7851>] get_tree_bdev+0x1f1/0x320 fs/super.c:1323
> > [<ffffffff815e5a88>] vfs_get_tree+0x28/0x100 fs/super.c:1530
> > [<ffffffff81629be7>] do_new_mount fs/namespace.c:3040 [inline]
> > [<ffffffff81629be7>] path_mount+0xc37/0x10d0 fs/namespace.c:3370
> > [<ffffffff8162a7ce>] do_mount fs/namespace.c:3383 [inline]
> > [<ffffffff8162a7ce>] __do_sys_mount fs/namespace.c:3591 [inline]
> > [<ffffffff8162a7ce>] __se_sys_mount fs/namespace.c:3568 [inline]
> > [<ffffffff8162a7ce>] __x64_sys_mount+0x18e/0x1d0 fs/namespace.c:3568
> > [<ffffffff8460f1e5>] do_syscall_x64 arch/x86/entry/common.c:50 [inline]
> > [<ffffffff8460f1e5>] do_syscall_64+0x35/0xb0 arch/x86/entry/common.c:80
> >
> > BUG: memory leak
> > unreferenced object 0xffff88810a9a1800 (size 2048):
> > comm "syz-executor361", pid 3670, jiffies 4294954234 (age 24.890s)
> > hex dump (first 32 bytes):
> > 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
> > 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
> > backtrace:
> > [<ffffffff8168ecf6>] kmalloc include/linux/slab.h:600 [inline]
> > [<ffffffff8168ecf6>] kzalloc include/linux/slab.h:733 [inline]
> > [<ffffffff8168ecf6>] allocate_filesystem_keyring fs/crypto/keyring.c:194 [inline]
> > [<ffffffff8168ecf6>] do_add_master_key fs/crypto/keyring.c:502 [inline]
> > [<ffffffff8168ecf6>] add_master_key+0x2c6/0x370 fs/crypto/keyring.c:554
> > [<ffffffff8168f233>] fscrypt_add_test_dummy_key+0x93/0xc0 fs/crypto/keyring.c:801
> > [<ffffffff8180b59a>] ext4_check_test_dummy_encryption fs/ext4/super.c:2680 [inline]
> > [<ffffffff8180b59a>] ext4_check_opt_consistency+0x79a/0xb80 fs/ext4/super.c:2735
> > [<ffffffff818119f6>] __ext4_fill_super fs/ext4/super.c:5095 [inline]
> > [<ffffffff818119f6>] ext4_fill_super+0xb66/0x5080 fs/ext4/super.c:5648
> > [<ffffffff815e7851>] get_tree_bdev+0x1f1/0x320 fs/super.c:1323
> > [<ffffffff815e5a88>] vfs_get_tree+0x28/0x100 fs/super.c:1530
> > [<ffffffff81629be7>] do_new_mount fs/namespace.c:3040 [inline]
> > [<ffffffff81629be7>] path_mount+0xc37/0x10d0 fs/namespace.c:3370
> > [<ffffffff8162a7ce>] do_mount fs/namespace.c:3383 [inline]
> > [<ffffffff8162a7ce>] __do_sys_mount fs/namespace.c:3591 [inline]
> > [<ffffffff8162a7ce>] __se_sys_mount fs/namespace.c:3568 [inline]
> > [<ffffffff8162a7ce>] __x64_sys_mount+0x18e/0x1d0 fs/namespace.c:3568
> > [<ffffffff8460f1e5>] do_syscall_x64 arch/x86/entry/common.c:50 [inline]
> > [<ffffffff8460f1e5>] do_syscall_64+0x35/0xb0 arch/x86/entry/common.c:80
> > [<ffffffff84800087>] entry_SYSCALL_64_after_hwframe+0x63/0xcd
> >
> > BUG: memory leak
> > unreferenced object 0xffff88810a820800 (size 1024):
> > comm "syz-executor361", pid 3670, jiffies 4294954234 (age 24.890s)
> > hex dump (first 32 bytes):
> > 00 b0 a4 0e 81 88 ff ff 00 00 00 00 00 00 00 00 ................
> > 58 19 9a 0a 81 88 ff ff 00 00 00 00 00 00 00 00 X...............
> > backtrace:
> > [<ffffffff8168e25a>] kmalloc include/linux/slab.h:600 [inline]
> > [<ffffffff8168e25a>] kzalloc include/linux/slab.h:733 [inline]
> > [<ffffffff8168e25a>] add_new_master_key+0x4a/0x250 fs/crypto/keyring.c:418
> > [<ffffffff8168ec10>] do_add_master_key fs/crypto/keyring.c:504 [inline]
> > [<ffffffff8168ec10>] add_master_key+0x1e0/0x370 fs/crypto/keyring.c:554
> > [<ffffffff8168f233>] fscrypt_add_test_dummy_key+0x93/0xc0 fs/crypto/keyring.c:801
> > [<ffffffff8180b59a>] ext4_check_test_dummy_encryption fs/ext4/super.c:2680 [inline]
> > [<ffffffff8180b59a>] ext4_check_opt_consistency+0x79a/0xb80 fs/ext4/super.c:2735
> > [<ffffffff818119f6>] __ext4_fill_super fs/ext4/super.c:5095 [inline]
> > [<ffffffff818119f6>] ext4_fill_super+0xb66/0x5080 fs/ext4/super.c:5648
> > [<ffffffff815e7851>] get_tree_bdev+0x1f1/0x320 fs/super.c:1323
> > [<ffffffff815e5a88>] vfs_get_tree+0x28/0x100 fs/super.c:1530
> > [<ffffffff81629be7>] do_new_mount fs/namespace.c:3040 [inline]
> > [<ffffffff81629be7>] path_mount+0xc37/0x10d0 fs/namespace.c:3370
> > [<ffffffff8162a7ce>] do_mount fs/namespace.c:3383 [inline]
> > [<ffffffff8162a7ce>] __do_sys_mount fs/namespace.c:3591 [inline]
> > [<ffffffff8162a7ce>] __se_sys_mount fs/namespace.c:3568 [inline]
> > [<ffffffff8162a7ce>] __x64_sys_mount+0x18e/0x1d0 fs/namespace.c:3568
> > [<ffffffff8460f1e5>] do_syscall_x64 arch/x86/entry/common.c:50 [inline]
> > [<ffffffff8460f1e5>] do_syscall_64+0x35/0xb0 arch/x86/entry/common.c:80
> > [<ffffffff84800087>] entry_SYSCALL_64_after_hwframe+0x63/0xcd
> >
> > BUG: memory leak
> > unreferenced object 0xffff8881024bd800 (size 512):
> > comm "syz-executor361", pid 3670, jiffies 4294954234 (age 27.260s)
> > hex dump (first 32 bytes):
> > d8 00 00 00 00 00 00 00 00 00 00 00 ff ff ff ff ................
> > e0 be 2a 82 ff ff ff ff 68 fc 1c 08 81 88 ff ff ..*.....h.......
> > backtrace:
> > [<ffffffff822a2f30>] kmalloc_node include/linux/slab.h:623 [inline]
> > [<ffffffff822a2f30>] kzalloc_node include/linux/slab.h:744 [inline]
> > [<ffffffff822a2f30>] crypto_create_tfm_node+0x30/0x130 crypto/api.c:504
> > [<ffffffff822a3816>] crypto_alloc_tfm_node+0x96/0x180 crypto/api.c:588
> > [<ffffffff8168ccdc>] fscrypt_init_hkdf+0x3c/0x180 fs/crypto/hkdf.c:75
> > [<ffffffff8168eb90>] add_master_key+0x160/0x370 fs/crypto/keyring.c:535
> > [<ffffffff8168f233>] fscrypt_add_test_dummy_key+0x93/0xc0 fs/crypto/keyring.c:801
> > [<ffffffff8180b59a>] ext4_check_test_dummy_encryption fs/ext4/super.c:2680 [inline]
> > [<ffffffff8180b59a>] ext4_check_opt_consistency+0x79a/0xb80 fs/ext4/super.c:2735
> > [<ffffffff818119f6>] __ext4_fill_super fs/ext4/super.c:5095 [inline]
> > [<ffffffff818119f6>] ext4_fill_super+0xb66/0x5080 fs/ext4/super.c:5648
> > [<ffffffff815e7851>] get_tree_bdev+0x1f1/0x320 fs/super.c:1323
> > [<ffffffff815e5a88>] vfs_get_tree+0x28/0x100 fs/super.c:1530
> > [<ffffffff81629be7>] do_new_mount fs/namespace.c:3040 [inline]
> > [<ffffffff81629be7>] path_mount+0xc37/0x10d0 fs/namespace.c:3370
> > [<ffffffff8162a7ce>] do_mount fs/namespace.c:3383 [inline]
> > [<ffffffff8162a7ce>] __do_sys_mount fs/namespace.c:3591 [inline]
> > [<ffffffff8162a7ce>] __se_sys_mount fs/namespace.c:3568 [inline]
> > [<ffffffff8162a7ce>] __x64_sys_mount+0x18e/0x1d0 fs/namespace.c:3568
> > [<ffffffff8460f1e5>] do_syscall_x64 arch/x86/entry/common.c:50 [inline]
> > [<ffffffff8460f1e5>] do_syscall_64+0x35/0xb0 arch/x86/entry/common.c:80
> > [<ffffffff84800087>] entry_SYSCALL_64_after_hwframe+0x63/0xcd
> >
> > BUG: memory leak
> > unreferenced object 0xffff88810eb2e740 (size 32):
> > comm "syz-executor361", pid 3670, jiffies 4294954234 (age 27.260s)
> > hex dump (first 32 bytes):
> > d0 00 00 00 00 00 00 00 00 00 00 00 ff ff ff ff ................
> > 00 00 00 00 00 00 00 00 20 cb c7 85 ff ff ff ff ........ .......
> > backtrace:
> > [<ffffffff822a2f30>] kmalloc_node include/linux/slab.h:623 [inline]
> > [<ffffffff822a2f30>] kzalloc_node include/linux/slab.h:744 [inline]
> > [<ffffffff822a2f30>] crypto_create_tfm_node+0x30/0x130 crypto/api.c:504
> > [<ffffffff822a50f5>] crypto_create_tfm crypto/internal.h:92 [inline]
> > [<ffffffff822a50f5>] crypto_spawn_tfm2+0x45/0x90 crypto/algapi.c:803
> > [<ffffffff822b4c1b>] crypto_spawn_shash include/crypto/internal/hash.h:231 [inline]
> > [<ffffffff822b4c1b>] hmac_init_tfm+0x3b/0xa0 crypto/hmac.c:152
> > [<ffffffff822ac8c7>] crypto_shash_init_tfm+0x77/0xf0 crypto/shash.c:440
> > [<ffffffff822a2f52>] crypto_create_tfm_node+0x52/0x130 crypto/api.c:512
> > [<ffffffff822a3816>] crypto_alloc_tfm_node+0x96/0x180 crypto/api.c:588
> > [<ffffffff8168ccdc>] fscrypt_init_hkdf+0x3c/0x180 fs/crypto/hkdf.c:75
> > [<ffffffff8168eb90>] add_master_key+0x160/0x370 fs/crypto/keyring.c:535
> > [<ffffffff8168f233>] fscrypt_add_test_dummy_key+0x93/0xc0 fs/crypto/keyring.c:801
> > [<ffffffff8180b59a>] ext4_check_test_dummy_encryption fs/ext4/super.c:2680 [inline]
> > [<ffffffff8180b59a>] ext4_check_opt_consistency+0x79a/0xb80 fs/ext4/super.c:2735
> > [<ffffffff818119f6>] __ext4_fill_super fs/ext4/super.c:5095 [inline]
> > [<ffffffff818119f6>] ext4_fill_super+0xb66/0x5080 fs/ext4/super.c:5648
> > [<ffffffff815e7851>] get_tree_bdev+0x1f1/0x320 fs/super.c:1323
> > [<ffffffff815e5a88>] vfs_get_tree+0x28/0x100 fs/super.c:1530
> > [<ffffffff81629be7>] do_new_mount fs/namespace.c:3040 [inline]
> > [<ffffffff81629be7>] path_mount+0xc37/0x10d0 fs/namespace.c:3370
> > [<ffffffff8162a7ce>] do_mount fs/namespace.c:3383 [inline]
> > [<ffffffff8162a7ce>] __do_sys_mount fs/namespace.c:3591 [inline]
> > [<ffffffff8162a7ce>] __se_sys_mount fs/namespace.c:3568 [inline]
> > [<ffffffff8162a7ce>] __x64_sys_mount+0x18e/0x1d0 fs/namespace.c:3568
> > [<ffffffff8460f1e5>] do_syscall_x64 arch/x86/entry/common.c:50 [inline]
> > [<ffffffff8460f1e5>] do_syscall_64+0x35/0xb0 arch/x86/entry/common.c:80
> >
> > BUG: memory leak
> > unreferenced object 0xffff88810a9a1800 (size 2048):
> > comm "syz-executor361", pid 3670, jiffies 4294954234 (age 27.260s)
> > hex dump (first 32 bytes):
> > 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
> > 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
> > backtrace:
> > [<ffffffff8168ecf6>] kmalloc include/linux/slab.h:600 [inline]
> > [<ffffffff8168ecf6>] kzalloc include/linux/slab.h:733 [inline]
> > [<ffffffff8168ecf6>] allocate_filesystem_keyring fs/crypto/keyring.c:194 [inline]
> > [<ffffffff8168ecf6>] do_add_master_key fs/crypto/keyring.c:502 [inline]
> > [<ffffffff8168ecf6>] add_master_key+0x2c6/0x370 fs/crypto/keyring.c:554
> > [<ffffffff8168f233>] fscrypt_add_test_dummy_key+0x93/0xc0 fs/crypto/keyring.c:801
> > [<ffffffff8180b59a>] ext4_check_test_dummy_encryption fs/ext4/super.c:2680 [inline]
> > [<ffffffff8180b59a>] ext4_check_opt_consistency+0x79a/0xb80 fs/ext4/super.c:2735
> > [<ffffffff818119f6>] __ext4_fill_super fs/ext4/super.c:5095 [inline]
> > [<ffffffff818119f6>] ext4_fill_super+0xb66/0x5080 fs/ext4/super.c:5648
> > [<ffffffff815e7851>] get_tree_bdev+0x1f1/0x320 fs/super.c:1323
> > [<ffffffff815e5a88>] vfs_get_tree+0x28/0x100 fs/super.c:1530
> > [<ffffffff81629be7>] do_new_mount fs/namespace.c:3040 [inline]
> > [<ffffffff81629be7>] path_mount+0xc37/0x10d0 fs/namespace.c:3370
> > [<ffffffff8162a7ce>] do_mount fs/namespace.c:3383 [inline]
> > [<ffffffff8162a7ce>] __do_sys_mount fs/namespace.c:3591 [inline]
> > [<ffffffff8162a7ce>] __se_sys_mount fs/namespace.c:3568 [inline]
> > [<ffffffff8162a7ce>] __x64_sys_mount+0x18e/0x1d0 fs/namespace.c:3568
> > [<ffffffff8460f1e5>] do_syscall_x64 arch/x86/entry/common.c:50 [inline]
> > [<ffffffff8460f1e5>] do_syscall_64+0x35/0xb0 arch/x86/entry/common.c:80
> > [<ffffffff84800087>] entry_SYSCALL_64_after_hwframe+0x63/0xcd
> >
> > BUG: memory leak
> > unreferenced object 0xffff88810a820800 (size 1024):
> > comm "syz-executor361", pid 3670, jiffies 4294954234 (age 27.260s)
> > hex dump (first 32 bytes):
> > 00 b0 a4 0e 81 88 ff ff 00 00 00 00 00 00 00 00 ................
> > 58 19 9a 0a 81 88 ff ff 00 00 00 00 00 00 00 00 X...............
> > backtrace:
> > [<ffffffff8168e25a>] kmalloc include/linux/slab.h:600 [inline]
> > [<ffffffff8168e25a>] kzalloc include/linux/slab.h:733 [inline]
> > [<ffffffff8168e25a>] add_new_master_key+0x4a/0x250 fs/crypto/keyring.c:418
> > [<ffffffff8168ec10>] do_add_master_key fs/crypto/keyring.c:504 [inline]
> > [<ffffffff8168ec10>] add_master_key+0x1e0/0x370 fs/crypto/keyring.c:554
> > [<ffffffff8168f233>] fscrypt_add_test_dummy_key+0x93/0xc0 fs/crypto/keyring.c:801
> > [<ffffffff8180b59a>] ext4_check_test_dummy_encryption fs/ext4/super.c:2680 [inline]
> > [<ffffffff8180b59a>] ext4_check_opt_consistency+0x79a/0xb80 fs/ext4/super.c:2735
> > [<ffffffff818119f6>] __ext4_fill_super fs/ext4/super.c:5095 [inline]
> > [<ffffffff818119f6>] ext4_fill_super+0xb66/0x5080 fs/ext4/super.c:5648
> > [<ffffffff815e7851>] get_tree_bdev+0x1f1/0x320 fs/super.c:1323
> > [<ffffffff815e5a88>] vfs_get_tree+0x28/0x100 fs/super.c:1530
> > [<ffffffff81629be7>] do_new_mount fs/namespace.c:3040 [inline]
> > [<ffffffff81629be7>] path_mount+0xc37/0x10d0 fs/namespace.c:3370
> > [<ffffffff8162a7ce>] do_mount fs/namespace.c:3383 [inline]
> > [<ffffffff8162a7ce>] __do_sys_mount fs/namespace.c:3591 [inline]
> > [<ffffffff8162a7ce>] __se_sys_mount fs/namespace.c:3568 [inline]
> > [<ffffffff8162a7ce>] __x64_sys_mount+0x18e/0x1d0 fs/namespace.c:3568
> > [<ffffffff8460f1e5>] do_syscall_x64 arch/x86/entry/common.c:50 [inline]
> > [<ffffffff8460f1e5>] do_syscall_64+0x35/0xb0 arch/x86/entry/common.c:80
> > [<ffffffff84800087>] entry_SYSCALL_64_after_hwframe+0x63/0xcd
> >
> > BUG: memory leak
> > unreferenced object 0xffff8881024bd800 (size 512):
> > comm "syz-executor361", pid 3670, jiffies 4294954234 (age 28.460s)
> > hex dump (first 32 bytes):
> > d8 00 00 00 00 00 00 00 00 00 00 00 ff ff ff ff ................
> > e0 be 2a 82 ff ff ff ff 68 fc 1c 08 81 88 ff ff ..*.....h.......
> > backtrace:
> > [<ffffffff822a2f30>] kmalloc_node include/linux/slab.h:623 [inline]
> > [<ffffffff822a2f30>] kzalloc_node include/linux/slab.h:744 [inline]
> > [<ffffffff822a2f30>] crypto_create_tfm_node+0x30/0x130 crypto/api.c:504
> > [<ffffffff822a3816>] crypto_alloc_tfm_node+0x96/0x180 crypto/api.c:588
> > [<ffffffff8168ccdc>] fscrypt_init_hkdf+0x3c/0x180 fs/crypto/hkdf.c:75
> > [<ffffffff8168eb90>] add_master_key+0x160/0x370 fs/crypto/keyring.c:535
> > [<ffffffff8168f233>] fscrypt_add_test_dummy_key+0x93/0xc0 fs/crypto/keyring.c:801
> > [<ffffffff8180b59a>] ext4_check_test_dummy_encryption fs/ext4/super.c:2680 [inline]
> > [<ffffffff8180b59a>] ext4_check_opt_consistency+0x79a/0xb80 fs/ext4/super.c:2735
> > [<ffffffff818119f6>] __ext4_fill_super fs/ext4/super.c:5095 [inline]
> > [<ffffffff818119f6>] ext4_fill_super+0xb66/0x5080 fs/ext4/super.c:5648
> > [<ffffffff815e7851>] get_tree_bdev+0x1f1/0x320 fs/super.c:1323
> > [<ffffffff815e5a88>] vfs_get_tree+0x28/0x100 fs/super.c:1530
> > [<ffffffff81629be7>] do_new_mount fs/namespace.c:3040 [inline]
> > [<ffffffff81629be7>] path_mount+0xc37/0x10d0 fs/namespace.c:3370
> > [<ffffffff8162a7ce>] do_mount fs/namespace.c:3383 [inline]
> > [<ffffffff8162a7ce>] __do_sys_mount fs/namespace.c:3591 [inline]
> > [<ffffffff8162a7ce>] __se_sys_mount fs/namespace.c:3568 [inline]
> > [<ffffffff8162a7ce>] __x64_sys_mount+0x18e/0x1d0 fs/namespace.c:3568
> > [<ffffffff8460f1e5>] do_syscall_x64 arch/x86/entry/common.c:50 [inline]
> > [<ffffffff8460f1e5>] do_syscall_64+0x35/0xb0 arch/x86/entry/common.c:80
> > [<ffffffff84800087>] entry_SYSCALL_64_after_hwframe+0x63/0xcd
> >
> > BUG: memory leak
> > unreferenced object 0xffff88810eb2e740 (size 32):
> > comm "syz-executor361", pid 3670, jiffies 4294954234 (age 28.460s)
> > hex dump (first 32 bytes):
> > d0 00 00 00 00 00 00 00 00 00 00 00 ff ff ff ff ................
> > 00 00 00 00 00 00 00 00 20 cb c7 85 ff ff ff ff ........ .......
> > backtrace:
> > [<ffffffff822a2f30>] kmalloc_node include/linux/slab.h:623 [inline]
> > [<ffffffff822a2f30>] kzalloc_node include/linux/slab.h:744 [inline]
> > [<ffffffff822a2f30>] crypto_create_tfm_node+0x30/0x130 crypto/api.c:504
> > [<ffffffff822a50f5>] crypto_create_tfm crypto/internal.h:92 [inline]
> > [<ffffffff822a50f5>] crypto_spawn_tfm2+0x45/0x90 crypto/algapi.c:803
> > [<ffffffff822b4c1b>] crypto_spawn_shash include/crypto/internal/hash.h:231 [inline]
> > [<ffffffff822b4c1b>] hmac_init_tfm+0x3b/0xa0 crypto/hmac.c:152
> > [<ffffffff822ac8c7>] crypto_shash_init_tfm+0x77/0xf0 crypto/shash.c:440
> > [<ffffffff822a2f52>] crypto_create_tfm_node+0x52/0x130 crypto/api.c:512
> > [<ffffffff822a3816>] crypto_alloc_tfm_node+0x96/0x180 crypto/api.c:588
> > [<ffffffff8168ccdc>] fscrypt_init_hkdf+0x3c/0x180 fs/crypto/hkdf.c:75
> > [<ffffffff8168eb90>] add_master_key+0x160/0x370 fs/crypto/keyring.c:535
> > [<ffffffff8168f233>] fscrypt_add_test_dummy_key+0x93/0xc0 fs/crypto/keyring.c:801
> > [<ffffffff8180b59a>] ext4_check_test_dummy_encryption fs/ext4/super.c:2680 [inline]
> > [<ffffffff8180b59a>] ext4_check_opt_consistency+0x79a/0xb80 fs/ext4/super.c:2735
> > [<ffffffff818119f6>] __ext4_fill_super fs/ext4/super.c:5095 [inline]
> > [<ffffffff818119f6>] ext4_fill_super+0xb66/0x5080 fs/ext4/super.c:5648
> > [<ffffffff815e7851>] get_tree_bdev+0x1f1/0x320 fs/super.c:1323
> > [<ffffffff815e5a88>] vfs_get_tree+0x28/0x100 fs/super.c:1530
> > [<ffffffff81629be7>] do_new_mount fs/namespace.c:3040 [inline]
> > [<ffffffff81629be7>] path_mount+0xc37/0x10d0 fs/namespace.c:3370
> > [<ffffffff8162a7ce>] do_mount fs/namespace.c:3383 [inline]
> > [<ffffffff8162a7ce>] __do_sys_mount fs/namespace.c:3591 [inline]
> > [<ffffffff8162a7ce>] __se_sys_mount fs/namespace.c:3568 [inline]
> > [<ffffffff8162a7ce>] __x64_sys_mount+0x18e/0x1d0 fs/namespace.c:3568
> > [<ffffffff8460f1e5>] do_syscall_x64 arch/x86/entry/common.c:50 [inline]
> > [<ffffffff8460f1e5>] do_syscall_64+0x35/0xb0 arch/x86/entry/common.c:80
> >
> > BUG: memory leak
> > unreferenced object 0xffff88810a9a1800 (size 2048):
> > comm "syz-executor361", pid 3670, jiffies 4294954234 (age 28.460s)
> > hex dump (first 32 bytes):
> > 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
> > 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
> > backtrace:
> > [<ffffffff8168ecf6>] kmalloc include/linux/slab.h:600 [inline]
> > [<ffffffff8168ecf6>] kzalloc include/linux/slab.h:733 [inline]
> > [<ffffffff8168ecf6>] allocate_filesystem_keyring fs/crypto/keyring.c:194 [inline]
> > [<ffffffff8168ecf6>] do_add_master_key fs/crypto/keyring.c:502 [inline]
> > [<ffffffff8168ecf6>] add_master_key+0x2c6/0x370 fs/crypto/keyring.c:554
> > [<ffffffff8168f233>] fscrypt_add_test_dummy_key+0x93/0xc0 fs/crypto/keyring.c:801
> > [<ffffffff8180b59a>] ext4_check_test_dummy_encryption fs/ext4/super.c:2680 [inline]
> > [<ffffffff8180b59a>] ext4_check_opt_consistency+0x79a/0xb80 fs/ext4/super.c:2735
> > [<ffffffff818119f6>] __ext4_fill_super fs/ext4/super.c:5095 [inline]
> > [<ffffffff818119f6>] ext4_fill_super+0xb66/0x5080 fs/ext4/super.c:5648
> > [<ffffffff815e7851>] get_tree_bdev+0x1f1/0x320 fs/super.c:1323
> > [<ffffffff815e5a88>] vfs_get_tree+0x28/0x100 fs/super.c:1530
> > [<ffffffff81629be7>] do_new_mount fs/namespace.c:3040 [inline]
> > [<ffffffff81629be7>] path_mount+0xc37/0x10d0 fs/namespace.c:3370
> > [<ffffffff8162a7ce>] do_mount fs/namespace.c:3383 [inline]
> > [<ffffffff8162a7ce>] __do_sys_mount fs/namespace.c:3591 [inline]
> > [<ffffffff8162a7ce>] __se_sys_mount fs/namespace.c:3568 [inline]
> > [<ffffffff8162a7ce>] __x64_sys_mount+0x18e/0x1d0 fs/namespace.c:3568
> > [<ffffffff8460f1e5>] do_syscall_x64 arch/x86/entry/common.c:50 [inline]
> > [<ffffffff8460f1e5>] do_syscall_64+0x35/0xb0 arch/x86/entry/common.c:80
> > [<ffffffff84800087>] entry_SYSCALL_64_after_hwframe+0x63/0xcd
> >
> > BUG: memory leak
> > unreferenced object 0xffff88810a820800 (size 1024):
> > comm "syz-executor361", pid 3670, jiffies 4294954234 (age 28.460s)
> > hex dump (first 32 bytes):
> > 00 b0 a4 0e 81 88 ff ff 00 00 00 00 00 00 00 00 ................
> > 58 19 9a 0a 81 88 ff ff 00 00 00 00 00 00 00 00 X...............
> > backtrace:
> > [<ffffffff8168e25a>] kmalloc include/linux/slab.h:600 [inline]
> > [<ffffffff8168e25a>] kzalloc include/linux/slab.h:733 [inline]
> > [<ffffffff8168e25a>] add_new_master_key+0x4a/0x250 fs/crypto/keyring.c:418
> > [<ffffffff8168ec10>] do_add_master_key fs/crypto/keyring.c:504 [inline]
> > [<ffffffff8168ec10>] add_master_key+0x1e0/0x370 fs/crypto/keyring.c:554
> > [<ffffffff8168f233>] fscrypt_add_test_dummy_key+0x93/0xc0 fs/crypto/keyring.c:801
> > [<ffffffff8180b59a>] ext4_check_test_dummy_encryption fs/ext4/super.c:2680 [inline]
> > [<ffffffff8180b59a>] ext4_check_opt_consistency+0x79a/0xb80 fs/ext4/super.c:2735
> > [<ffffffff818119f6>] __ext4_fill_super fs/ext4/super.c:5095 [inline]
> > [<ffffffff818119f6>] ext4_fill_super+0xb66/0x5080 fs/ext4/super.c:5648
> > [<ffffffff815e7851>] get_tree_bdev+0x1f1/0x320 fs/super.c:1323
> > [<ffffffff815e5a88>] vfs_get_tree+0x28/0x100 fs/super.c:1530
> > [<ffffffff81629be7>] do_new_mount fs/namespace.c:3040 [inline]
> > [<ffffffff81629be7>] path_mount+0xc37/0x10d0 fs/namespace.c:3370
> > [<ffffffff8162a7ce>] do_mount fs/namespace.c:3383 [inline]
> > [<ffffffff8162a7ce>] __do_sys_mount fs/namespace.c:3591 [inline]
> > [<ffffffff8162a7ce>] __se_sys_mount fs/namespace.c:3568 [inline]
> > [<ffffffff8162a7ce>] __x64_sys_mount+0x18e/0x1d0 fs/namespace.c:3568
> > [<ffffffff8460f1e5>] do_syscall_x64 arch/x86/entry/common.c:50 [inline]
> > [<ffffffff8460f1e5>] do_syscall_64+0x35/0xb0 arch/x86/entry/common.c:80
> > [<ffffffff84800087>] entry_SYSCALL_64_after_hwframe+0x63/0xcd
> >
> > BUG: memory leak
> > unreferenced object 0xffff8881024bd800 (size 512):
> > comm "syz-executor361", pid 3670, jiffies 4294954234 (age 29.660s)
> > hex dump (first 32 bytes):
> > d8 00 00 00 00 00 00 00 00 00 00 00 ff ff ff ff ................
> > e0 be 2a 82 ff ff ff ff 68 fc 1c 08 81 88 ff ff ..*.....h.......
> > backtrace:
> > [<ffffffff822a2f30>] kmalloc_node include/linux/slab.h:623 [inline]
> > [<ffffffff822a2f30>] kzalloc_node include/linux/slab.h:744 [inline]
> > [<ffffffff822a2f30>] crypto_create_tfm_node+0x30/0x130 crypto/api.c:504
> > [<ffffffff822a3816>] crypto_alloc_tfm_node+0x96/0x180 crypto/api.c:588
> > [<ffffffff8168ccdc>] fscrypt_init_hkdf+0x3c/0x180 fs/crypto/hkdf.c:75
> > [<ffffffff8168eb90>] add_master_key+0x160/0x370 fs/crypto/keyring.c:535
> > [<ffffffff8168f233>] fscrypt_add_test_dummy_key+0x93/0xc0 fs/crypto/keyring.c:801
> > [<ffffffff8180b59a>] ext4_check_test_dummy_encryption fs/ext4/super.c:2680 [inline]
> > [<ffffffff8180b59a>] ext4_check_opt_consistency+0x79a/0xb80 fs/ext4/super.c:2735
> > [<ffffffff818119f6>] __ext4_fill_super fs/ext4/super.c:5095 [inline]
> > [<ffffffff818119f6>] ext4_fill_super+0xb66/0x5080 fs/ext4/super.c:5648
> > [<ffffffff815e7851>] get_tree_bdev+0x1f1/0x320 fs/super.c:1323
> > [<ffffffff815e5a88>] vfs_get_tree+0x28/0x100 fs/super.c:1530
> > [<ffffffff81629be7>] do_new_mount fs/namespace.c:3040 [inline]
> > [<ffffffff81629be7>] path_mount+0xc37/0x10d0 fs/namespace.c:3370
> > [<ffffffff8162a7ce>] do_mount fs/namespace.c:3383 [inline]
> > [<ffffffff8162a7ce>] __do_sys_mount fs/namespace.c:3591 [inline]
> > [<ffffffff8162a7ce>] __se_sys_mount fs/namespace.c:3568 [inline]
> > [<ffffffff8162a7ce>] __x64_sys_mount+0x18e/0x1d0 fs/namespace.c:3568
> > [<ffffffff8460f1e5>] do_syscall_x64 arch/x86/entry/common.c:50 [inline]
> > [<ffffffff8460f1e5>] do_syscall_64+0x35/0xb0 arch/x86/entry/common.c:80
> > [<ffffffff84800087>] entry_SYSCALL_64_after_hwframe+0x63/0xcd
> >
> > BUG: memory leak
> > unreferenced object 0xffff88810eb2e740 (size 32):
> > comm "syz-executor361", pid 3670, jiffies 4294954234 (age 29.660s)
> > hex dump (first 32 bytes):
> > d0 00 00 00 00 00 00 00 00 00 00 00 ff ff ff ff ................
> > 00 00 00 00 00 00 00 00 20 cb c7 85 ff ff ff ff ........ .......
> > backtrace:
> > [<ffffffff822a2f30>] kmalloc_node include/linux/slab.h:623 [inline]
> > [<ffffffff822a2f30>] kzalloc_node include/linux/slab.h:744 [inline]
> > [<ffffffff822a2f30>] crypto_create_tfm_node+0x30/0x130 crypto/api.c:504
> > [<ffffffff822a50f5>] crypto_create_tfm crypto/internal.h:92 [inline]
> > [<ffffffff822a50f5>] crypto_spawn_tfm2+0x45/0x90 crypto/algapi.c:803
> > [<ffffffff822b4c1b>] crypto_spawn_shash include/crypto/internal/hash.h:231 [inline]
> > [<ffffffff822b4c1b>] hmac_init_tfm+0x3b/0xa0 crypto/hmac.c:152
> > [<ffffffff822ac8c7>] crypto_shash_init_tfm+0x77/0xf0 crypto/shash.c:440
> > [<ffffffff822a2f52>] crypto_create_tfm_node+0x52/0x130 crypto/api.c:512
> > [<ffffffff822a3816>] crypto_alloc_tfm_node+0x96/0x180 crypto/api.c:588
> > [<ffffffff8168ccdc>] fscrypt_init_hkdf+0x3c/0x180 fs/crypto/hkdf.c:75
> > [<ffffffff8168eb90>] add_master_key+0x160/0x370 fs/crypto/keyring.c:535
> > [<ffffffff8168f233>] fscrypt_add_test_dummy_key+0x93/0xc0 fs/crypto/keyring.c:801
> > [<ffffffff8180b59a>] ext4_check_test_dummy_encryption fs/ext4/super.c:2680 [inline]
> > [<ffffffff8180b59a>] ext4_check_opt_consistency+0x79a/0xb80 fs/ext4/super.c:2735
> > [<ffffffff818119f6>] __ext4_fill_super fs/ext4/super.c:5095 [inline]
> > [<ffffffff818119f6>] ext4_fill_super+0xb66/0x5080 fs/ext4/super.c:5648
> > [<ffffffff815e7851>] get_tree_bdev+0x1f1/0x320 fs/super.c:1323
> > [<ffffffff815e5a88>] vfs_get_tree+0x28/0x100 fs/super.c:1530
> > [<ffffffff81629be7>] do_new_mount fs/namespace.c:3040 [inline]
> > [<ffffffff81629be7>] path_mount+0xc37/0x10d0 fs/namespace.c:3370
> > [<ffffffff8162a7ce>] do_mount fs/namespace.c:3383 [inline]
> > [<ffffffff8162a7ce>] __do_sys_mount fs/namespace.c:3591 [inline]
> > [<ffffffff8162a7ce>] __se_sys_mount fs/namespace.c:3568 [inline]
> > [<ffffffff8162a7ce>] __x64_sys_mount+0x18e/0x1d0 fs/namespace.c:3568
> > [<ffffffff8460f1e5>] do_syscall_x64 arch/x86/entry/common.c:50 [inline]
> > [<ffffffff8460f1e5>] do_syscall_64+0x35/0xb0 arch/x86/entry/common.c:80
> >
> > BUG: memory leak
> > unreferenced object 0xffff88810a9a1800 (size 2048):
> > comm "syz-executor361", pid 3670, jiffies 4294954234 (age 29.660s)
> > hex dump (first 32 bytes):
> > 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
> > 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
> > backtrace:
> > [<ffffffff8168ecf6>] kmalloc include/linux/slab.h:600 [inline]
> > [<ffffffff8168ecf6>] kzalloc include/linux/slab.h:733 [inline]
> > [<ffffffff8168ecf6>] allocate_filesystem_keyring fs/crypto/keyring.c:194 [inline]
> > [<ffffffff8168ecf6>] do_add_master_key fs/crypto/keyring.c:502 [inline]
> > [<ffffffff8168ecf6>] add_master_key+0x2c6/0x370 fs/crypto/keyring.c:554
> > [<ffffffff8168f233>] fscrypt_add_test_dummy_key+0x93/0xc0 fs/crypto/keyring.c:801
> > [<ffffffff8180b59a>] ext4_check_test_dummy_encryption fs/ext4/super.c:2680 [inline]
> > [<ffffffff8180b59a>] ext4_check_opt_consistency+0x79a/0xb80 fs/ext4/super.c:2735
> > [<ffffffff818119f6>] __ext4_fill_super fs/ext4/super.c:5095 [inline]
> > [<ffffffff818119f6>] ext4_fill_super+0xb66/0x5080 fs/ext4/super.c:5648
> > [<ffffffff815e7851>] get_tree_bdev+0x1f1/0x320 fs/super.c:1323
> > [<ffffffff815e5a88>] vfs_get_tree+0x28/0x100 fs/super.c:1530
> > [<ffffffff81629be7>] do_new_mount fs/namespace.c:3040 [inline]
> > [<ffffffff81629be7>] path_mount+0xc37/0x10d0 fs/namespace.c:3370
> > [<ffffffff8162a7ce>] do_mount fs/namespace.c:3383 [inline]
> > [<ffffffff8162a7ce>] __do_sys_mount fs/namespace.c:3591 [inline]
> > [<ffffffff8162a7ce>] __se_sys_mount fs/namespace.c:3568 [inline]
> > [<ffffffff8162a7ce>] __x64_sys_mount+0x18e/0x1d0 fs/namespace.c:3568
> > [<ffffffff8460f1e5>] do_syscall_x64 arch/x86/entry/common.c:50 [inline]
> > [<ffffffff8460f1e5>] do_syscall_64+0x35/0xb0 arch/x86/entry/common.c:80
> > [<ffffffff84800087>] entry_SYSCALL_64_after_hwframe+0x63/0xcd
> >
> > BUG: memory leak
> > unreferenced object 0xffff88810a820800 (size 1024):
> > comm "syz-executor361", pid 3670, jiffies 4294954234 (age 29.660s)
> > hex dump (first 32 bytes):
> > 00 b0 a4 0e 81 88 ff ff 00 00 00 00 00 00 00 00 ................
> > 58 19 9a 0a 81 88 ff ff 00 00 00 00 00 00 00 00 X...............
> > backtrace:
> > [<ffffffff8168e25a>] kmalloc include/linux/slab.h:600 [inline]
> > [<ffffffff8168e25a>] kzalloc include/linux/slab.h:733 [inline]
> > [<ffffffff8168e25a>] add_new_master_key+0x4a/0x250 fs/crypto/keyring.c:418
> > [<ffffffff8168ec10>] do_add_master_key fs/crypto/keyring.c:504 [inline]
> > [<ffffffff8168ec10>] add_master_key+0x1e0/0x370 fs/crypto/keyring.c:554
> > [<ffffffff8168f233>] fscrypt_add_test_dummy_key+0x93/0xc0 fs/crypto/keyring.c:801
> > [<ffffffff8180b59a>] ext4_check_test_dummy_encryption fs/ext4/super.c:2680 [inline]
> > [<ffffffff8180b59a>] ext4_check_opt_consistency+0x79a/0xb80 fs/ext4/super.c:2735
> > [<ffffffff818119f6>] __ext4_fill_super fs/ext4/super.c:5095 [inline]
> > [<ffffffff818119f6>] ext4_fill_super+0xb66/0x5080 fs/ext4/super.c:5648
> > [<ffffffff815e7851>] get_tree_bdev+0x1f1/0x320 fs/super.c:1323
> > [<ffffffff815e5a88>] vfs_get_tree+0x28/0x100 fs/super.c:1530
> > [<ffffffff81629be7>] do_new_mount fs/namespace.c:3040 [inline]
> > [<ffffffff81629be7>] path_mount+0xc37/0x10d0 fs/namespace.c:3370
> > [<ffffffff8162a7ce>] do_mount fs/namespace.c:3383 [inline]
> > [<ffffffff8162a7ce>] __do_sys_mount fs/namespace.c:3591 [inline]
> > [<ffffffff8162a7ce>] __se_sys_mount fs/namespace.c:3568 [inline]
> > [<ffffffff8162a7ce>] __x64_sys_mount+0x18e/0x1d0 fs/namespace.c:3568
> > [<ffffffff8460f1e5>] do_syscall_x64 arch/x86/entry/common.c:50 [inline]
> > [<ffffffff8460f1e5>] do_syscall_64+0x35/0xb0 arch/x86/entry/common.c:80
> > [<ffffffff84800087>] entry_SYSCALL_64_after_hwframe+0x63/0xcd
> >
> > executing program
> > executing program
> > executing program
> >
> >
> > ---
> > This report is generated by a bot. It may contain errors.
> > See https://goo.gl/tpsmEJ for more information about syzbot.
> > syzbot engineers can be reached at syzkaller@googlegroups.com.
> >
> > syzbot will keep track of this issue. See:
> > https://goo.gl/tpsmEJ#status for how to communicate with syzbot.
> > syzbot can test patches for this issue, for details see:
> > https://goo.gl/tpsmEJ#testing-patches
>
> --
> Email: Herbert Xu <herbert@gondor.apana.org.au>
> Home Page: http://gondor.apana.org.au/~herbert/
> PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt
>
> --
> You received this message because you are subscribed to the Google Groups "syzkaller-bugs" group.
> To unsubscribe from this group and stop receiving emails from it, send an email to syzkaller-bugs+unsubscribe@googlegroups.com.
> To view this discussion on the web visit https://groups.google.com/d/msgid/syzkaller-bugs/Y0aHieBUF%2BCY2rTT%40gondor.apana.org.au.
^ permalink raw reply [flat|nested] 8+ messages in thread
* Re: [syzbot] memory leak in crypto_create_tfm_node
2022-10-12 10:26 ` Dmitry Vyukov
@ 2022-10-13 1:56 ` Herbert Xu
2022-10-13 5:59 ` Eric Biggers
0 siblings, 1 reply; 8+ messages in thread
From: Herbert Xu @ 2022-10-13 1:56 UTC (permalink / raw)
To: Dmitry Vyukov
Cc: syzbot, Theodore Y. Ts'o, Jaegeuk Kim, Eric Biggers,
linux-fscrypt, davem, linux-crypto, linux-kernel, syzkaller-bugs
On Wed, Oct 12, 2022 at 12:26:09PM +0200, Dmitry Vyukov wrote:
> On Wed, 12 Oct 2022 at 11:23, Herbert Xu <herbert@gondor.apana.org.au> wrote:
> >
> > Hi:
> >
> > I presume this is a leak in fscrypt (or perhaps something at an
> > even higher level).
>
> Eric sent this:
>
> [PATCH] fscrypt: fix keyring memory leak on mount failure
> https://lore.kernel.org/all/20221011213838.209879-1-ebiggers@kernel.org/
Oh I missed that.
Thanks,
--
Email: Herbert Xu <herbert@gondor.apana.org.au>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt
^ permalink raw reply [flat|nested] 8+ messages in thread
* Re: [syzbot] memory leak in crypto_create_tfm_node
2022-10-13 1:56 ` Herbert Xu
@ 2022-10-13 5:59 ` Eric Biggers
0 siblings, 0 replies; 8+ messages in thread
From: Eric Biggers @ 2022-10-13 5:59 UTC (permalink / raw)
To: Herbert Xu
Cc: Dmitry Vyukov, syzbot, Theodore Y. Ts'o, Jaegeuk Kim,
linux-fscrypt, davem, linux-crypto, linux-kernel, syzkaller-bugs
On Thu, Oct 13, 2022 at 09:56:37AM +0800, Herbert Xu wrote:
> On Wed, Oct 12, 2022 at 12:26:09PM +0200, Dmitry Vyukov wrote:
> > On Wed, 12 Oct 2022 at 11:23, Herbert Xu <herbert@gondor.apana.org.au> wrote:
> > >
> > > Hi:
> > >
> > > I presume this is a leak in fscrypt (or perhaps something at an
> > > even higher level).
> >
> > Eric sent this:
> >
> > [PATCH] fscrypt: fix keyring memory leak on mount failure
> > https://lore.kernel.org/all/20221011213838.209879-1-ebiggers@kernel.org/
>
> Oh I missed that.
>
> Thanks,
Yes, and I used 'git format-patch --in-reply-to=$messageId' with the message ID
of the syzbot email, so it should show up in this same thread.
- Eric
^ permalink raw reply [flat|nested] 8+ messages in thread
* Re: [PATCH] fscrypt: fix keyring memory leak on mount failure
2022-10-11 21:38 ` [PATCH] fscrypt: fix keyring memory leak on mount failure Eric Biggers
@ 2022-10-18 0:52 ` Eric Biggers
2022-10-19 11:36 ` Christian Brauner
1 sibling, 0 replies; 8+ messages in thread
From: Eric Biggers @ 2022-10-18 0:52 UTC (permalink / raw)
To: linux-fscrypt
Cc: linux-fsdevel, linux-crypto, linux-kernel, syzkaller-bugs,
syzbot+104c2a89561289cec13e
On Tue, Oct 11, 2022 at 02:38:38PM -0700, Eric Biggers wrote:
> From: Eric Biggers <ebiggers@google.com>
>
> Commit d7e7b9af104c ("fscrypt: stop using keyrings subsystem for
> fscrypt_master_key") moved the keyring destruction from __put_super() to
> generic_shutdown_super() so that the filesystem's block device(s) are
> still available. Unfortunately, this causes a memory leak in the case
> where a mount is attempted with the test_dummy_encryption mount option,
> but the mount fails after the option has already been processed.
>
> To fix this, attempt the keyring destruction in both places.
>
> Reported-by: syzbot+104c2a89561289cec13e@syzkaller.appspotmail.com
> Fixes: d7e7b9af104c ("fscrypt: stop using keyrings subsystem for fscrypt_master_key")
> Signed-off-by: Eric Biggers <ebiggers@google.com>
Applied to fscrypt.git#for-stable for 6.1.
As usual, I'd greatly appreciate reviews though...
- Eric
^ permalink raw reply [flat|nested] 8+ messages in thread
* Re: [PATCH] fscrypt: fix keyring memory leak on mount failure
2022-10-11 21:38 ` [PATCH] fscrypt: fix keyring memory leak on mount failure Eric Biggers
2022-10-18 0:52 ` Eric Biggers
@ 2022-10-19 11:36 ` Christian Brauner
1 sibling, 0 replies; 8+ messages in thread
From: Christian Brauner @ 2022-10-19 11:36 UTC (permalink / raw)
To: Eric Biggers
Cc: linux-fscrypt, linux-fsdevel, linux-crypto, linux-kernel,
syzkaller-bugs, syzbot+104c2a89561289cec13e
On Tue, Oct 11, 2022 at 02:38:38PM -0700, Eric Biggers wrote:
> From: Eric Biggers <ebiggers@google.com>
>
> Commit d7e7b9af104c ("fscrypt: stop using keyrings subsystem for
> fscrypt_master_key") moved the keyring destruction from __put_super() to
> generic_shutdown_super() so that the filesystem's block device(s) are
> still available. Unfortunately, this causes a memory leak in the case
> where a mount is attempted with the test_dummy_encryption mount option,
> but the mount fails after the option has already been processed.
>
> To fix this, attempt the keyring destruction in both places.
>
> Reported-by: syzbot+104c2a89561289cec13e@syzkaller.appspotmail.com
> Fixes: d7e7b9af104c ("fscrypt: stop using keyrings subsystem for fscrypt_master_key")
> Signed-off-by: Eric Biggers <ebiggers@google.com>
> ---
Looks good,
Reviewed-by: Christian Brauner (Microsoft) <brauner@kernel.org>
^ permalink raw reply [flat|nested] 8+ messages in thread
end of thread, other threads:[~2022-10-19 12:01 UTC | newest]
Thread overview: 8+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2022-10-11 20:46 [syzbot] memory leak in crypto_create_tfm_node syzbot
2022-10-11 21:38 ` [PATCH] fscrypt: fix keyring memory leak on mount failure Eric Biggers
2022-10-18 0:52 ` Eric Biggers
2022-10-19 11:36 ` Christian Brauner
2022-10-12 9:23 ` [syzbot] memory leak in crypto_create_tfm_node Herbert Xu
2022-10-12 10:26 ` Dmitry Vyukov
2022-10-13 1:56 ` Herbert Xu
2022-10-13 5:59 ` Eric Biggers
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).