'crypto: af_alg - Work around empty control messages without MSG_MORE'

[prev in list] [next in list] [prev in thread] [next in thread] 

List:       git-commits-head
Subject:    crypto: af_alg - Work around empty control messages without MSG_MORE
From:       Linux Kernel Mailing List <linux-kernel () vger ! kernel ! org>
Date:       2020-08-30 23:02:46
Message-ID: git-mailbomb-linux-master-c195d66a8a75c60515819b101975f38b7ec6577f () kernel ! org
[Download RAW message or body]

Commit:     c195d66a8a75c60515819b101975f38b7ec6577f
Parent:     bfe8fe939a049e99e1bda0f81e72a612e83ab446
Refname:    refs/heads/master
Web:        https://git.kernel.org/torvalds/c/c195d66a8a75c60515819b101975f38b7ec6577f
Author:     Herbert Xu <herbert@gondor.apana.org.au>
AuthorDate: Thu Aug 27 17:14:36 2020 +1000
Committer:  Herbert Xu <herbert@gondor.apana.org.au>
CommitDate: Thu Aug 27 23:20:36 2020 +1000

    crypto: af_alg - Work around empty control messages without MSG_MORE
    
    The iwd daemon uses libell which sets up the skcipher operation with
    two separate control messages.  As the first control message is sent
    without MSG_MORE, it is interpreted as an empty request.
    
    While libell should be fixed to use MSG_MORE where appropriate, this
    patch works around the bug in the kernel so that existing binaries
    continue to work.
    
    We will print a warning however.
    
    A separate issue is that the new kernel code no longer allows the
    control message to be sent twice within the same request.  This
    restriction is obviously incompatible with what iwd was doing (first
    setting an IV and then sending the real control message).  This
    patch changes the kernel so that this is explicitly allowed.
    
    Reported-by: Caleb Jorden <caljorden@hotmail.com>
    Fixes: f3c802a1f300 ("crypto: algif_aead - Only wake up when...")
    Cc: <stable@vger.kernel.org>
    Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
---
 crypto/af_alg.c | 13 ++++++++++---
 1 file changed, 10 insertions(+), 3 deletions(-)

diff --git a/crypto/af_alg.c b/crypto/af_alg.c
index a6f581ab200c..8be8bec07cdd 100644
--- a/crypto/af_alg.c
+++ b/crypto/af_alg.c
@@ -16,6 +16,7 @@
 #include <linux/module.h>
 #include <linux/net.h>
 #include <linux/rwsem.h>
+#include <linux/sched.h>
 #include <linux/sched/signal.h>
 #include <linux/security.h>
 
@@ -845,9 +846,15 @@ int af_alg_sendmsg(struct socket *sock, struct msghdr *msg, size_t size,
 	}
 
 	lock_sock(sk);
-	if (ctx->init && (init || !ctx->more)) {
-		err = -EINVAL;
-		goto unlock;
+	if (ctx->init && !ctx->more) {
+		if (ctx->used) {
+			err = -EINVAL;
+			goto unlock;
+		}
+
+		pr_info_once(
+			"%s sent an empty control message without MSG_MORE.\n",
+			current->comm);
 	}
 	ctx->init = true;
 
[prev in list] [next in list] [prev in thread] [next in thread]
Configure | About | News | Add a list | Sponsored by KoreLogic