# git rev-parse -q --verify 55b3209acbb01cb02b1ee6b1afe80d83b1aab36d^{commit} 55b3209acbb01cb02b1ee6b1afe80d83b1aab36d already have revision, skipping fetch # git checkout -q -f -B kisskb 55b3209acbb01cb02b1ee6b1afe80d83b1aab36d # git clean -qxdf # < git log -1 # commit 55b3209acbb01cb02b1ee6b1afe80d83b1aab36d # Author: Iuliana Prodan # Date: Tue Apr 7 18:58:45 2020 +0300 # # crypto: caam - fix the address of the last entry of S/G # # For skcipher algorithms, the input, output HW S/G tables # look like this: [IV, src][dst, IV] # Now, we can have 2 conditions here: # - there is no IV; # - src and dst are equal (in-place encryption) and scattered # and the error is an "off-by-one" in the HW S/G table. # # This issue was seen with KASAN: # BUG: KASAN: slab-out-of-bounds in skcipher_edesc_alloc+0x95c/0x1018 # # Read of size 4 at addr ffff000022a02958 by task cryptomgr_test/321 # # CPU: 2 PID: 321 Comm: cryptomgr_test Not tainted # 5.6.0-rc1-00165-ge4ef8383-dirty #4 # Hardware name: LS1046A RDB Board (DT) # Call trace: # dump_backtrace+0x0/0x260 # show_stack+0x14/0x20 # dump_stack+0xe8/0x144 # print_address_description.isra.11+0x64/0x348 # __kasan_report+0x11c/0x230 # kasan_report+0xc/0x18 # __asan_load4+0x90/0xb0 # skcipher_edesc_alloc+0x95c/0x1018 # skcipher_encrypt+0x84/0x150 # crypto_skcipher_encrypt+0x50/0x68 # test_skcipher_vec_cfg+0x4d4/0xc10 # test_skcipher_vec+0x178/0x1d8 # alg_test_skcipher+0xec/0x230 # alg_test.part.44+0x114/0x4a0 # alg_test+0x1c/0x60 # cryptomgr_test+0x34/0x58 # kthread+0x1b8/0x1c0 # ret_from_fork+0x10/0x18 # # Allocated by task 321: # save_stack+0x24/0xb0 # __kasan_kmalloc.isra.10+0xc4/0xe0 # kasan_kmalloc+0xc/0x18 # __kmalloc+0x178/0x2b8 # skcipher_edesc_alloc+0x21c/0x1018 # skcipher_encrypt+0x84/0x150 # crypto_skcipher_encrypt+0x50/0x68 # test_skcipher_vec_cfg+0x4d4/0xc10 # test_skcipher_vec+0x178/0x1d8 # alg_test_skcipher+0xec/0x230 # alg_test.part.44+0x114/0x4a0 # alg_test+0x1c/0x60 # cryptomgr_test+0x34/0x58 # kthread+0x1b8/0x1c0 # ret_from_fork+0x10/0x18 # # Freed by task 0: # (stack is not available) # # The buggy address belongs to the object at ffff000022a02800 # which belongs to the cache dma-kmalloc-512 of size 512 # The buggy address is located 344 bytes inside of # 512-byte region [ffff000022a02800, ffff000022a02a00) # The buggy address belongs to the page: # page:fffffe00006a8000 refcount:1 mapcount:0 mapping:ffff00093200c400 # index:0x0 compound_mapcount: 0 # flags: 0xffff00000010200(slab|head) # raw: 0ffff00000010200 dead000000000100 dead000000000122 ffff00093200c400 # raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000 # page dumped because: kasan: bad access detected # # Memory state around the buggy address: # ffff000022a02800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 # ffff000022a02880: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 # >ffff000022a02900: 00 00 00 00 00 00 00 00 00 00 fc fc fc fc fc fc # ^ # ffff000022a02980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc # ffff000022a02a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc # # Fixes: 334d37c9e263 ("crypto: caam - update IV using HW support") # Cc: # v5.3+ # Signed-off-by: Iuliana Prodan # Reviewed-by: Horia Geantă # Signed-off-by: Herbert Xu # < /opt/cross/kisskb/gcc-4.6.3-nolibc/powerpc-linux/bin/powerpc-linux-gcc --version # < /opt/cross/kisskb/gcc-4.6.3-nolibc/powerpc-linux/bin/powerpc-linux-ld --version # < git log --format=%s --max-count=1 55b3209acbb01cb02b1ee6b1afe80d83b1aab36d # < make -s -j 24 ARCH=powerpc O=/kisskb/build/crypto_ppc64_defconfig+NO_TM_powerpc-gcc4.6 CROSS_COMPILE=/opt/cross/kisskb/gcc-4.6.3-nolibc/powerpc-linux/bin/powerpc-linux- ppc64_defconfig # Added to kconfig CONFIG_PPC_TRANSACTIONAL_MEM=n # < make -s -j 24 ARCH=powerpc O=/kisskb/build/crypto_ppc64_defconfig+NO_TM_powerpc-gcc4.6 CROSS_COMPILE=/opt/cross/kisskb/gcc-4.6.3-nolibc/powerpc-linux/bin/powerpc-linux- help # make -s -j 24 ARCH=powerpc O=/kisskb/build/crypto_ppc64_defconfig+NO_TM_powerpc-gcc4.6 CROSS_COMPILE=/opt/cross/kisskb/gcc-4.6.3-nolibc/powerpc-linux/bin/powerpc-linux- olddefconfig # make -s -j 24 ARCH=powerpc O=/kisskb/build/crypto_ppc64_defconfig+NO_TM_powerpc-gcc4.6 CROSS_COMPILE=/opt/cross/kisskb/gcc-4.6.3-nolibc/powerpc-linux/bin/powerpc-linux- /kisskb/src/fs/proc/inode.c: In function 'proc_reg_open': /kisskb/src/include/linux/list.h:72:12: warning: 'pdeo' may be used uninitialized in this function [-Wuninitialized] /kisskb/src/fs/proc/inode.c:471:21: note: 'pdeo' was declared here /kisskb/src/kernel/printk/printk.c: In function 'devkmsg_sysctl_set_loglvl': /kisskb/src/kernel/printk/printk.c:204:16: warning: 'old' may be used uninitialized in this function [-Wuninitialized] /kisskb/src/fs/ext4/extents.c: In function 'ext4_convert_unwritten_io_end_vec': /kisskb/src/fs/ext4/extents.c:4774:23: warning: 'ret' may be used uninitialized in this function [-Wuninitialized] /kisskb/src/kernel/trace/ftrace.c: In function 'pid_open': /kisskb/src/kernel/trace/ftrace.c:7166:6: warning: 'seq_ops' may be used uninitialized in this function [-Wuninitialized] /kisskb/src/kernel/trace/ftrace.c: In function 'pid_write': /kisskb/src/kernel/trace/ftrace.c:7261:22: warning: 'other_pids' may be used uninitialized in this function [-Wuninitialized] /kisskb/src/kernel/trace/ftrace.c:7244:23: warning: 'filtered_pids' may be used uninitialized in this function [-Wuninitialized] /kisskb/src/kernel/trace/trace_events.c: In function 'event_create_dir': /kisskb/src/kernel/trace/trace_events.c:2189:6: warning: 'ret' may be used uninitialized in this function [-Wuninitialized] /kisskb/src/mm/hugetlb.c: In function 'alloc_pool_huge_page': /kisskb/src/mm/hugetlb.c:1774:5: warning: 'page' may be used uninitialized in this function [-Wuninitialized] /kisskb/src/drivers/tty/serial/8250/8250_core.c: In function 'univ8250_release_irq': /kisskb/src/drivers/tty/serial/8250/8250_core.c:247:18: warning: 'i' may be used uninitialized in this function [-Wuninitialized] /kisskb/src/drivers/tty/serial/8250/8250_core.c:227:19: note: 'i' was declared here /kisskb/src/drivers/base/regmap/regmap.c: In function 'regmap_raw_read': /kisskb/src/drivers/base/regmap/regmap.c:2598:6: warning: 'ret' may be used uninitialized in this function [-Wuninitialized] /kisskb/src/drivers/base/regmap/regmap.c: In function '_regmap_raw_write': /kisskb/src/drivers/base/regmap/regmap.c:1859:6: warning: 'ret' may be used uninitialized in this function [-Wuninitialized] /kisskb/src/net/core/devlink.c: In function 'devlink_fmsg_prepare_skb': /kisskb/src/net/core/devlink.c:4957:6: warning: 'err' may be used uninitialized in this function [-Wuninitialized] /kisskb/src/net/bridge/br_netlink.c: In function 'br_process_vlan_info': /kisskb/src/net/bridge/br_netlink.c:571:6: warning: 'err' may be used uninitialized in this function [-Wuninitialized] /kisskb/src/drivers/usb/core/devio.c: In function 'async_completed': /kisskb/src/drivers/usb/core/devio.c:625:23: warning: 'errno' may be used uninitialized in this function [-Wuninitialized] /kisskb/src/drivers/net/tun.c: In function 'tun_get_user': /kisskb/src/drivers/net/tun.c:1801:30: warning: 'copylen' may be used uninitialized in this function [-Wuninitialized] /kisskb/src/drivers/net/tun.c:1714:46: warning: 'linear' may be used uninitialized in this function [-Wuninitialized] /kisskb/src/fs/btrfs/backref.c: In function 'is_shared_data_backref': /kisskb/src/fs/btrfs/backref.c:394:9: warning: missing braces around initializer [-Wmissing-braces] /kisskb/src/fs/btrfs/backref.c:394:9: warning: (near initialization for 'target.rbnode') [-Wmissing-braces] /kisskb/src/fs/nfsd/nfs4xdr.c: In function 'nfsd4_encode_components_esc': /kisskb/src/fs/nfsd/nfs4xdr.c:2151:9: warning: 'str' may be used uninitialized in this function [-Wuninitialized] /kisskb/src/fs/namei.c: In function 'handle_dots': /kisskb/src/fs/namei.c:1805:10: warning: 'inode' may be used uninitialized in this function [-Wuninitialized] /kisskb/src/fs/namei.c:1805:10: warning: 'seq' may be used uninitialized in this function [-Wuninitialized] /kisskb/src/fs/udf/unicode.c: In function 'udf_name_conv_char': /kisskb/src/fs/udf/unicode.c:132:8: warning: 'c' may be used uninitialized in this function [-Wuninitialized] /kisskb/src/fs/io_uring.c: In function '__io_sqe_files_update': /kisskb/src/fs/io_uring.c:6673:13: warning: 'err' may be used uninitialized in this function [-Wuninitialized] Completed OK # rm -rf /kisskb/build/crypto_ppc64_defconfig+NO_TM_powerpc-gcc4.6 # Build took: 0:02:41.106436