From: Herbert Xu <herbert@gondor.apana.org.au>
To: Ard Biesheuvel <ardb@kernel.org>
Cc: Denis Kenzior <denkenz@gmail.com>,
Andrew Zaborowski <andrew.zaborowski@intel.com>,
Paul Menzel <pmenzel@molgen.mpg.de>,
Caleb Jorden <caljorden@hotmail.com>,
Sasha Levin <sashal@kernel.org>,
iwd@lists.01.org, "# 3.4.x" <stable@vger.kernel.org>,
Greg KH <gregkh@linuxfoundation.org>,
LKML <linux-kernel@vger.kernel.org>,
"David S. Miller" <davem@davemloft.net>,
Linux Crypto Mailing List <linux-crypto@vger.kernel.org>
Subject: [v2 PATCH] crypto: af_alg - Work around empty control messages without MSG_MORE
Date: Thu, 27 Aug 2020 17:14:36 +1000 [thread overview]
Message-ID: <20200827071436.GA30281@gondor.apana.org.au> (raw)
In-Reply-To: <CAMj1kXH-qZZhw5D5sBEVFP9=Z04pU+xCnQ78sDDw6WuSM-pRGQ@mail.gmail.com>
On Thu, Aug 27, 2020 at 08:40:01AM +0200, Ard Biesheuvel wrote:
>
> It is part of iwd - just build that and run 'make check'
>
> With your patch applied, the occurrence of sendmsg() in
> operate_cipher() triggers the warn_once(), but if I add MSG_MORE
> there, the test hangs.
I see. This is a different issue. The original kernel change
was a bit too strict here and it is barfing at the fact that two
successive sendmsg's of the same request both contain a control
message.
Here's an updated patch to allow this.
---8<---
The iwd daemon uses libell which sets up the skcipher operation with
two separate control messages. As the first control message is sent
without MSG_MORE, it is interpreted as an empty request.
While libell should be fixed to use MSG_MORE where appropriate, this
patch works around the bug in the kernel so that existing binaries
continue to work.
We will print a warning however.
A separate issue is that the new kernel code no longer allows the
control message to be sent twice within the same request. This
restriction is obviously incompatible with what iwd was doing (first
setting an IV and then sending the real control message). This
patch changes the kernel so that this is explicitly allowed.
Reported-by: Caleb Jorden <caljorden@hotmail.com>
Fixes: f3c802a1f300 ("crypto: algif_aead - Only wake up when...")
Cc: <stable@vger.kernel.org>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
diff --git a/crypto/af_alg.c b/crypto/af_alg.c
index a6f581ab200c..8be8bec07cdd 100644
--- a/crypto/af_alg.c
+++ b/crypto/af_alg.c
@@ -16,6 +16,7 @@
#include <linux/module.h>
#include <linux/net.h>
#include <linux/rwsem.h>
+#include <linux/sched.h>
#include <linux/sched/signal.h>
#include <linux/security.h>
@@ -845,9 +846,15 @@ int af_alg_sendmsg(struct socket *sock, struct msghdr *msg, size_t size,
}
lock_sock(sk);
- if (ctx->init && (init || !ctx->more)) {
- err = -EINVAL;
- goto unlock;
+ if (ctx->init && !ctx->more) {
+ if (ctx->used) {
+ err = -EINVAL;
+ goto unlock;
+ }
+
+ pr_info_once(
+ "%s sent an empty control message without MSG_MORE.\n",
+ current->comm);
}
ctx->init = true;
--
Email: Herbert Xu <herbert@gondor.apana.org.au>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt
next prev parent reply other threads:[~2020-08-27 7:15 UTC|newest]
Thread overview: 18+ messages / expand[flat|nested] mbox.gz Atom feed top
[not found] <20200826055150.2753.90553@ml01.vlan13.01.org>
2020-08-26 6:18 ` Issue with iwd + Linux 5.8.3 + WPA Enterprise Paul Menzel
2020-08-26 10:40 ` Ard Biesheuvel
2020-08-26 11:49 ` Herbert Xu
2020-08-26 11:59 ` Ard Biesheuvel
2020-08-26 12:08 ` Herbert Xu
2020-08-26 12:58 ` Andrew Zaborowski
2020-08-26 13:00 ` Herbert Xu
2020-08-26 13:57 ` Denis Kenzior
2020-08-26 14:19 ` Herbert Xu
2020-08-26 15:25 ` Denis Kenzior
2020-08-26 15:42 ` Ard Biesheuvel
2020-08-26 22:19 ` Herbert Xu
2020-08-27 6:40 ` Ard Biesheuvel
2020-08-27 7:14 ` Herbert Xu [this message]
2020-08-27 7:40 ` [v2 PATCH] crypto: af_alg - Work around empty control messages without MSG_MORE Ard Biesheuvel
[not found] ` <BL0PR11MB329980406FA0A14A8EF61A07B9550@BL0PR11MB3299.namprd11.prod.outlook.com>
2020-08-27 7:54 ` Issue with iwd + Linux 5.8.3 + WPA Enterprise Ard Biesheuvel
2020-08-26 13:29 ` [PATCH] crypto: af_alg - Work around empty control messages without MSG_MORE Herbert Xu
2020-08-26 13:56 ` Ard Biesheuvel
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20200827071436.GA30281@gondor.apana.org.au \
--to=herbert@gondor.apana.org.au \
--cc=andrew.zaborowski@intel.com \
--cc=ardb@kernel.org \
--cc=caljorden@hotmail.com \
--cc=davem@davemloft.net \
--cc=denkenz@gmail.com \
--cc=gregkh@linuxfoundation.org \
--cc=iwd@lists.01.org \
--cc=linux-crypto@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=pmenzel@molgen.mpg.de \
--cc=sashal@kernel.org \
--cc=stable@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).