| Message ID | 20200826132952.GA4752@gondor.apana.org.au (mailing list archive) |
|---|---|
| State | Superseded |
| Delegated to: | Herbert Xu |
| Headers | show |
| Series | crypto: af_alg - Work around empty control messages without MSG_MORE | expand |
On Wed, 26 Aug 2020 at 15:30, Herbert Xu <herbert@gondor.apana.org.au> wrote: > > The iwd daemon uses libell which sets up the skcipher operation with > two separate control messages. This is fine by itself but the first > control message is sent without MSG_MORE. This means that the first > control message is interpreted as an empty request. > > While libell should be fixed to use MSG_MORE where appropriate, this > patch works around the bug in the kernel so that existing binaries > continue to work. > > We will print a warning however. > > Reported-by: Caleb Jorden <caljorden@hotmail.com> > Fixes: f3c802a1f300 ("crypto: algif_aead - Only wake up when...") > Cc: <stable@vger.kernel.org> > Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> > Applied this onto v5.4.60, and it makes the iwd selftests pass again Acked-by: Ard Biesheuvel <ardb@kernel.org> Tested-by: Ard Biesheuvel <ardb@kernel.org> > diff --git a/crypto/af_alg.c b/crypto/af_alg.c > index a6f581ab200c..3da21cadc326 100644 > --- a/crypto/af_alg.c > +++ b/crypto/af_alg.c > @@ -16,6 +16,7 @@ > #include <linux/module.h> > #include <linux/net.h> > #include <linux/rwsem.h> > +#include <linux/sched.h> > #include <linux/sched/signal.h> > #include <linux/security.h> > > @@ -846,8 +847,14 @@ int af_alg_sendmsg(struct socket *sock, struct msghdr *msg, size_t size, > > lock_sock(sk); > if (ctx->init && (init || !ctx->more)) { > - err = -EINVAL; > - goto unlock; > + if (ctx->used) { > + err = -EINVAL; > + goto unlock; > + } > + > + pr_info_once( > + "%s sent an empty control message without MSG_MORE.\n", > + current->comm); > } > ctx->init = true; > > -- > Email: Herbert Xu <herbert@gondor.apana.org.au> > Home Page: http://gondor.apana.org.au/~herbert/ > PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt
diff --git a/crypto/af_alg.c b/crypto/af_alg.c index a6f581ab200c..3da21cadc326 100644 --- a/crypto/af_alg.c +++ b/crypto/af_alg.c @@ -16,6 +16,7 @@ #include <linux/module.h> #include <linux/net.h> #include <linux/rwsem.h> +#include <linux/sched.h> #include <linux/sched/signal.h> #include <linux/security.h> @@ -846,8 +847,14 @@ int af_alg_sendmsg(struct socket *sock, struct msghdr *msg, size_t size, lock_sock(sk); if (ctx->init && (init || !ctx->more)) { - err = -EINVAL; - goto unlock; + if (ctx->used) { + err = -EINVAL; + goto unlock; + } + + pr_info_once( + "%s sent an empty control message without MSG_MORE.\n", + current->comm); } ctx->init = true;
The iwd daemon uses libell which sets up the skcipher operation with two separate control messages. This is fine by itself but the first control message is sent without MSG_MORE. This means that the first control message is interpreted as an empty request. While libell should be fixed to use MSG_MORE where appropriate, this patch works around the bug in the kernel so that existing binaries continue to work. We will print a warning however. Reported-by: Caleb Jorden <caljorden@hotmail.com> Fixes: f3c802a1f300 ("crypto: algif_aead - Only wake up when...") Cc: <stable@vger.kernel.org> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>