From: Ondrej Kozina <okozina@redhat.com>
To: stable@vger.kernel.org
Cc: herbert@gondor.apana.org.au, gmazyland@gmail.com,
linux-crypto@vger.kernel.org
Subject: crypto: algif - avoid excessive use of socket buffer in skcipher
Date: Mon, 10 Nov 2014 11:50:36 +0100 [thread overview]
Message-ID: <5460987C.9030007@redhat.com> (raw)
Hello,
could you please add this patch (already landed in 3.18-rc1) to
following stable kernels:
3.17.x, 3.14.x, 3.12.x, 3.4.x, 3.2.x?
The bugfix allows usage of crypto API socket on archs with PAGE_SIZE >=
32 KiB (I have a typo in original changelog).
Some background for the bug (with reproducer and report from users)
- http://www.mail-archive.com/linux-crypto@vger.kernel.org/msg11787.html
- http://bugzilla.redhat.com/show_bug.cgi?id=1160289
Thank you
Ondrej
-------------------
Upstream commit e2cffb5f493a8b431dc87124388ea59b79f0bccb
Author: Ondrej Kozina <okozina@redhat.com>
Date: Mon Aug 25 11:49:54 2014 +0200
crypto: algif - avoid excessive use of socket buffer in skcipher
On archs with PAGE_SIZE >= 64 KiB the function skcipher_alloc_sgl()
fails with -ENOMEM no matter what user space actually requested.
This is caused by the fact sock_kmalloc call inside the function tried
to allocate more memory than allowed by the default kernel socket
buffer
size (kernel param net.core.optmem_max).
Signed-off-by: Ondrej Kozina <okozina@redhat.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
diff --git a/crypto/algif_skcipher.c b/crypto/algif_skcipher.c
index a19c027..83187f4 100644
--- a/crypto/algif_skcipher.c
+++ b/crypto/algif_skcipher.c
@@ -49,7 +49,7 @@ struct skcipher_ctx {
struct ablkcipher_request req;
};
-#define MAX_SGL_ENTS ((PAGE_SIZE - sizeof(struct skcipher_sg_list)) / \
+#define MAX_SGL_ENTS ((4096 - sizeof(struct skcipher_sg_list)) / \
sizeof(struct scatterlist) - 1)
static inline int skcipher_sndbuf(struct sock *sk)
next reply other threads:[~2014-11-10 10:50 UTC|newest]
Thread overview: 4+ messages / expand[flat|nested] mbox.gz Atom feed top
2014-11-10 10:50 Ondrej Kozina [this message]
2014-11-10 22:11 ` crypto: algif - avoid excessive use of socket buffer in skcipher Greg KH
2014-11-12 11:58 ` Luis Henriques
2014-12-12 5:20 ` Ben Hutchings
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=5460987C.9030007@redhat.com \
--to=okozina@redhat.com \
--cc=gmazyland@gmail.com \
--cc=herbert@gondor.apana.org.au \
--cc=linux-crypto@vger.kernel.org \
--cc=stable@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.