Mirror of https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/ https://git.shady.money/linux/atom?h=v6.15 2025-05-19T05:44:16Z 2025-05-19T05:44:16Z Ivan Pravdin ipravdin.official@gmail.com 2025-05-18T22:41:02Z urn:sha1:b2df03ed4052e97126267e8c13ad4204ea6ba9b6 If accept(2) is called on socket type algif_hash with MSG_MORE flag set and crypto_ahash_import fails, sk2 is freed. However, it is also freed in af_alg_release, leading to slab-use-after-free error. Fixes: fe869cdb89c9 ("crypto: algif_hash - User-space interface for hash operations") Cc: <stable@vger.kernel.org> Signed-off-by: Ivan Pravdin <ipravdin.official@gmail.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> 2025-04-25T02:33:30Z Sabrina Dubroca sd@queasysnail.net 2025-04-24T20:15:50Z urn:sha1:a32f1923c6d6e9e727d00558a15ec0af6639de19 Commit ddd0a42671c0 only increments scomp_scratch_users when it was 0, causing a panic when using ipcomp: Oops: general protection fault, probably for non-canonical address 0xdffffc0000000000: 0000 [#1] SMP KASAN NOPTI KASAN: null-ptr-deref in range [0x0000000000000000-0x0000000000000007] CPU: 1 UID: 0 PID: 619 Comm: ping Tainted: G N 6.15.0-rc3-net-00032-ga79be02bba5c #41 PREEMPT(full) Tainted: [N]=TEST Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS Arch Linux 1.16.3-1-1 04/01/2014 RIP: 0010:inflate_fast+0x5a2/0x1b90 [...] Call Trace: <IRQ> zlib_inflate+0x2d60/0x6620 deflate_sdecompress+0x166/0x350 scomp_acomp_comp_decomp+0x45f/0xa10 scomp_acomp_decompress+0x21/0x120 acomp_do_req_chain+0x3e5/0x4e0 ipcomp_input+0x212/0x550 xfrm_input+0x2de2/0x72f0 [...] Kernel panic - not syncing: Fatal exception in interrupt Kernel Offset: disabled ---[ end Kernel panic - not syncing: Fatal exception in interrupt ]--- Instead, let's keep the old increment, and decrement back to 0 if the scratch allocation fails. Fixes: ddd0a42671c0 ("crypto: scompress - Fix scratch allocation failure handling") Signed-off-by: Sabrina Dubroca <sd@queasysnail.net> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> 2025-04-23T01:32:57Z Herbert Xu herbert@gondor.apana.org.au 2025-04-21T03:31:31Z urn:sha1:002ba346e3d76bb2b09448beed06c5ea1b0e06b8 Fix off-by-one bug in the last page calculation for src and dst. Reported-by: Nhat Pham <nphamcs@gmail.com> Fixes: 2d3553ecb4e3 ("crypto: scomp - Remove support for some non-trivial SG lists") Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> 2025-04-19T03:07:58Z Herbert Xu herbert@gondor.apana.org.au 2025-04-12T05:36:51Z urn:sha1:aece1cf146741761a1243746db5b72f5ece68290 This reverts commit 99585c2192cb1ce212876e82ef01d1c98c7f4699. Remove the acomp multibuffer tests as they are buggy. Reported-by: Dmitry Antipov <dmantipov@yandex.ru> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> 2025-04-12T01:33:09Z Herbert Xu herbert@gondor.apana.org.au 2025-04-11T07:14:18Z urn:sha1:b2e689baf220408aff8ee5dfb4edb0817e1632bb Disable hash request chaining in case a driver that copies an ahash_request object by hand accidentally triggers chaining. Reported-by: Manorit Chawdhry <m-chawdhry@ti.com> Fixes: f2ffe5a9183d ("crypto: hash - Add request chaining API") Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> Tested-by: Manorit Chawdhry <m-chawdhry@ti.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> 2025-04-12T01:33:09Z Herbert Xu herbert@gondor.apana.org.au 2025-04-11T01:26:47Z urn:sha1:9ae0c92fec69374c6db8dddb0df00d86b9afa5da In order to use scomp_free_streams to free the partially allocted streams in the allocation error path, move the alg->stream assignment to the beginning. Also check for error pointers in scomp_free_streams before freeing the ctx. Finally set alg->stream to NULL to not break subsequent attempts to allocate the streams. Fixes: 3d72ad46a23a ("crypto: acomp - Move stream management into scomp layer") Reported-by: syzkaller <syzkaller@googlegroups.com> Co-developed-by: Kuniyuki Iwashima <kuniyu@amazon.com> Signed-off-by: Kuniyuki Iwashima <kuniyu@amazon.com> Co-developed-by: Herbert Xu <herbert@gondor.apana.org.au> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> 2025-04-09T13:28:31Z Herbert Xu herbert@gondor.apana.org.au 2025-04-08T04:20:34Z urn:sha1:cfb32c656eb7bf1d7a776b8793bb6baa6f58b5a4 As the scomp streams are freed when an algorithm is unregistered, it is possible that the algorithm has never been used at all (e.g., an algorithm that does not have a self-test). So test whether the streams exist before freeing them. Reported-by: Sourabh Jain <sourabhjain@linux.ibm.com> Fixes: 3d72ad46a23a ("crypto: acomp - Move stream management into scomp layer") Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> Tested-by: Sourabh Jain <sourabhjain@linux.ibm.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> 2025-04-02T16:14:59Z Linus Torvalds torvalds@linux-foundation.org 2025-04-02T16:14:59Z urn:sha1:5de0afb422e18a22968ac3d4f700e26fa15a20f9 Pull crypto fix from Herbert Xu: - revert the multibuffer hash testing as it is buggy * tag 'v6.15-p2' of git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6: Revert "crypto: testmgr - Add multibuffer hash testing" 2025-03-30T01:39:57Z Herbert Xu herbert@gondor.apana.org.au 2025-03-30T01:32:00Z urn:sha1:9764d5b0cd0ea4846fd46c7d0b4238ea122075a9 This reverts commit 8b54e6a8f4156ed43627f40300b0711dc977fbc1. The multibuffer tests has a number of bugs. For example, the SG lists for the filler requests weren't initialised properly, and it fails to take data-keyed algorithms such as poly1305 into account. More importantly, the chaining interface itself is under review. Revert this until the interface is fully settled. Reported-by: Manorit Chawdhry <m-chawdhry@ti.com> Reported-by: kernel test robot <oliver.sang@intel.com> Closes: https://lore.kernel.org/oe-lkp/202503281658.7a078821-lkp@intel.com Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> 2025-03-29T17:01:55Z Linus Torvalds torvalds@linux-foundation.org 2025-03-29T17:01:55Z urn:sha1:e5e0e6bebef3a21081fd1057c40468d4cff1a60d Pull crypto updates from Herbert Xu: "API: - Remove legacy compression interface - Improve scatterwalk API - Add request chaining to ahash and acomp - Add virtual address support to ahash and acomp - Add folio support to acomp - Remove NULL dst support from acomp Algorithms: - Library options are fuly hidden (selected by kernel users only) - Add Kerberos5 algorithms - Add VAES-based ctr(aes) on x86 - Ensure LZO respects output buffer length on compression - Remove obsolete SIMD fallback code path from arm/ghash-ce Drivers: - Add support for PCI device 0x1134 in ccp - Add support for rk3588's standalone TRNG in rockchip - Add Inside Secure SafeXcel EIP-93 crypto engine support in eip93 - Fix bugs in tegra uncovered by multi-threaded self-test - Fix corner cases in hisilicon/sec2 Others: - Add SG_MITER_LOCAL to sg miter - Convert ubifs, hibernate and xfrm_ipcomp from legacy API to acomp" * tag 'v6.15-p1' of git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6: (187 commits) crypto: testmgr - Add multibuffer acomp testing crypto: acomp - Fix synchronous acomp chaining fallback crypto: testmgr - Add multibuffer hash testing crypto: hash - Fix synchronous ahash chaining fallback crypto: arm/ghash-ce - Remove SIMD fallback code path crypto: essiv - Replace memcpy() + NUL-termination with strscpy() crypto: api - Call crypto_alg_put in crypto_unregister_alg crypto: scompress - Fix incorrect stream freeing crypto: lib/chacha - remove unused arch-specific init support crypto: remove obsolete 'comp' compression API crypto: compress_null - drop obsolete 'comp' implementation crypto: cavium/zip - drop obsolete 'comp' implementation crypto: zstd - drop obsolete 'comp' implementation crypto: lzo - drop obsolete 'comp' implementation crypto: lzo-rle - drop obsolete 'comp' implementation crypto: lz4hc - drop obsolete 'comp' implementation crypto: lz4 - drop obsolete 'comp' implementation crypto: deflate - drop obsolete 'comp' implementation crypto: 842 - drop obsolete 'comp' implementation crypto: nx - Migrate to scomp API ...