From: Greg Kroah-Hartman Date: Fri, 14 Apr 2017 12:38:41 +0000 (+0200) Subject: 3.18 patches X-Git-Tag: v4.10.11~5 X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=3bf6ca71aacc1903031cdb8fbd02340269aa40e6;p=thirdparty%2Fkernel%2Fstable-queue.git 3.18 patches --- diff --git a/queue-3.18/crypto-algif_hash-avoid-zero-sized-array.patch b/queue-3.18/crypto-algif_hash-avoid-zero-sized-array.patch new file mode 100644 index 00000000000..f3f701183c7 --- /dev/null +++ b/queue-3.18/crypto-algif_hash-avoid-zero-sized-array.patch @@ -0,0 +1,70 @@ +From 6207119444595d287b1e9e83a2066c17209698f3 Mon Sep 17 00:00:00 2001 +From: Jiri Slaby +Date: Thu, 15 Dec 2016 14:31:01 +0100 +Subject: crypto: algif_hash - avoid zero-sized array + +From: Jiri Slaby + +commit 6207119444595d287b1e9e83a2066c17209698f3 upstream. + +With this reproducer: + struct sockaddr_alg alg = { + .salg_family = 0x26, + .salg_type = "hash", + .salg_feat = 0xf, + .salg_mask = 0x5, + .salg_name = "digest_null", + }; + int sock, sock2; + + sock = socket(AF_ALG, SOCK_SEQPACKET, 0); + bind(sock, (struct sockaddr *)&alg, sizeof(alg)); + sock2 = accept(sock, NULL, NULL); + setsockopt(sock, SOL_ALG, ALG_SET_KEY, "\x9b\xca", 2); + accept(sock2, NULL, NULL); + +==== 8< ======== 8< ======== 8< ======== 8< ==== + +one can immediatelly see an UBSAN warning: +UBSAN: Undefined behaviour in crypto/algif_hash.c:187:7 +variable length array bound value 0 <= 0 +CPU: 0 PID: 15949 Comm: syz-executor Tainted: G E 4.4.30-0-default #1 +... +Call Trace: +... + [] ? __ubsan_handle_vla_bound_not_positive+0x13d/0x188 + [] ? __ubsan_handle_out_of_bounds+0x1bc/0x1bc + [] ? hash_accept+0x5bd/0x7d0 [algif_hash] + [] ? hash_accept_nokey+0x3f/0x51 [algif_hash] + [] ? hash_accept_parent_nokey+0x4a0/0x4a0 [algif_hash] + [] ? SyS_accept+0x2b/0x40 + +It is a correct warning, as hash state is propagated to accept as zero, +but creating a zero-length variable array is not allowed in C. + +Fix this as proposed by Herbert -- do "?: 1" on that site. No sizeof or +similar happens in the code there, so we just allocate one byte even +though we do not use the array. + +Signed-off-by: Jiri Slaby +Cc: Herbert Xu +Cc: "David S. Miller" (maintainer:CRYPTO API) +Reported-by: Sasha Levin +Signed-off-by: Herbert Xu +Signed-off-by: Greg Kroah-Hartman + +--- + crypto/algif_hash.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +--- a/crypto/algif_hash.c ++++ b/crypto/algif_hash.c +@@ -195,7 +195,7 @@ static int hash_accept(struct socket *so + struct alg_sock *ask = alg_sk(sk); + struct hash_ctx *ctx = ask->private; + struct ahash_request *req = &ctx->req; +- char state[crypto_ahash_statesize(crypto_ahash_reqtfm(req))]; ++ char state[crypto_ahash_statesize(crypto_ahash_reqtfm(req)) ? : 1]; + struct sock *sk2; + struct alg_sock *ask2; + struct hash_ctx *ctx2; diff --git a/queue-3.18/crypto-cryptd-assign-statesize-properly.patch b/queue-3.18/crypto-cryptd-assign-statesize-properly.patch new file mode 100644 index 00000000000..40aa1f53814 --- /dev/null +++ b/queue-3.18/crypto-cryptd-assign-statesize-properly.patch @@ -0,0 +1,33 @@ +From 1a07834024dfca5c4bed5de8f8714306e0a11836 Mon Sep 17 00:00:00 2001 +From: "Wang, Rui Y" +Date: Sun, 29 Nov 2015 22:45:34 +0800 +Subject: crypto: cryptd - Assign statesize properly + +From: Wang, Rui Y + +commit 1a07834024dfca5c4bed5de8f8714306e0a11836 upstream. + +cryptd_create_hash() fails by returning -EINVAL. It is because after +8996eafdc ("crypto: ahash - ensure statesize is non-zero") all ahash +drivers must have a non-zero statesize. + +This patch fixes the problem by properly assigning the statesize. + +Signed-off-by: Rui Wang +Signed-off-by: Herbert Xu +Signed-off-by: Greg Kroah-Hartman + +--- + crypto/cryptd.c | 1 + + 1 file changed, 1 insertion(+) + +--- a/crypto/cryptd.c ++++ b/crypto/cryptd.c +@@ -606,6 +606,7 @@ static int cryptd_create_hash(struct cry + inst->alg.halg.base.cra_flags = CRYPTO_ALG_ASYNC; + + inst->alg.halg.digestsize = salg->digestsize; ++ inst->alg.halg.statesize = salg->statesize; + inst->alg.halg.base.cra_ctxsize = sizeof(struct cryptd_hash_ctx); + + inst->alg.halg.base.cra_init = cryptd_hash_init_tfm; diff --git a/queue-3.18/crypto-ghash-clmulni-fix-load-failure.patch b/queue-3.18/crypto-ghash-clmulni-fix-load-failure.patch new file mode 100644 index 00000000000..a2b4d251c1e --- /dev/null +++ b/queue-3.18/crypto-ghash-clmulni-fix-load-failure.patch @@ -0,0 +1,72 @@ +From 3a020a723c65eb8ffa7c237faca26521a024e582 Mon Sep 17 00:00:00 2001 +From: "Wang, Rui Y" +Date: Sun, 29 Nov 2015 22:45:33 +0800 +Subject: crypto: ghash-clmulni - Fix load failure + +From: Wang, Rui Y + +commit 3a020a723c65eb8ffa7c237faca26521a024e582 upstream. + +ghash_clmulni_intel fails to load on Linux 4.3+ with the following message: +"modprobe: ERROR: could not insert 'ghash_clmulni_intel': Invalid argument" + +After 8996eafdc ("crypto: ahash - ensure statesize is non-zero") all ahash +drivers are required to implement import()/export(), and must have a non- +zero statesize. + +This patch has been tested with the algif_hash interface. The calculated +digest values, after several rounds of import()s and export()s, match those +calculated by tcrypt. + +Signed-off-by: Rui Wang +Signed-off-by: Herbert Xu +Signed-off-by: Greg Kroah-Hartman + +--- + arch/x86/crypto/ghash-clmulni-intel_glue.c | 26 ++++++++++++++++++++++++++ + 1 file changed, 26 insertions(+) + +--- a/arch/x86/crypto/ghash-clmulni-intel_glue.c ++++ b/arch/x86/crypto/ghash-clmulni-intel_glue.c +@@ -218,6 +218,29 @@ static int ghash_async_final(struct ahas + } + } + ++static int ghash_async_import(struct ahash_request *req, const void *in) ++{ ++ struct ahash_request *cryptd_req = ahash_request_ctx(req); ++ struct shash_desc *desc = cryptd_shash_desc(cryptd_req); ++ struct ghash_desc_ctx *dctx = shash_desc_ctx(desc); ++ ++ ghash_async_init(req); ++ memcpy(dctx, in, sizeof(*dctx)); ++ return 0; ++ ++} ++ ++static int ghash_async_export(struct ahash_request *req, void *out) ++{ ++ struct ahash_request *cryptd_req = ahash_request_ctx(req); ++ struct shash_desc *desc = cryptd_shash_desc(cryptd_req); ++ struct ghash_desc_ctx *dctx = shash_desc_ctx(desc); ++ ++ memcpy(out, dctx, sizeof(*dctx)); ++ return 0; ++ ++} ++ + static int ghash_async_digest(struct ahash_request *req) + { + struct crypto_ahash *tfm = crypto_ahash_reqtfm(req); +@@ -285,8 +308,11 @@ static struct ahash_alg ghash_async_alg + .final = ghash_async_final, + .setkey = ghash_async_setkey, + .digest = ghash_async_digest, ++ .export = ghash_async_export, ++ .import = ghash_async_import, + .halg = { + .digestsize = GHASH_DIGEST_SIZE, ++ .statesize = sizeof(struct ghash_desc_ctx), + .base = { + .cra_name = "ghash", + .cra_driver_name = "ghash-clmulni", diff --git a/queue-3.18/crypto-mcryptd-fix-load-failure.patch b/queue-3.18/crypto-mcryptd-fix-load-failure.patch new file mode 100644 index 00000000000..24e68198eaa --- /dev/null +++ b/queue-3.18/crypto-mcryptd-fix-load-failure.patch @@ -0,0 +1,31 @@ +From ddef482420b1ba8ec45e6123a7e8d3f67b21e5e3 Mon Sep 17 00:00:00 2001 +From: "Wang, Rui Y" +Date: Wed, 27 Jan 2016 17:08:36 +0800 +Subject: crypto: mcryptd - Fix load failure + +From: Wang, Rui Y + +commit ddef482420b1ba8ec45e6123a7e8d3f67b21e5e3 upstream. + +mcryptd_create_hash() fails by returning -EINVAL, causing any +driver using mcryptd to fail to load. It is because it needs +to set its statesize properly. + +Signed-off-by: Rui Wang +Signed-off-by: Herbert Xu +Signed-off-by: Greg Kroah-Hartman + +--- + crypto/mcryptd.c | 1 + + 1 file changed, 1 insertion(+) + +--- a/crypto/mcryptd.c ++++ b/crypto/mcryptd.c +@@ -505,6 +505,7 @@ static int mcryptd_create_hash(struct cr + inst->alg.halg.base.cra_flags = CRYPTO_ALG_ASYNC; + + inst->alg.halg.digestsize = salg->digestsize; ++ inst->alg.halg.statesize = salg->statesize; + inst->alg.halg.base.cra_ctxsize = sizeof(struct mcryptd_hash_ctx); + + inst->alg.halg.base.cra_init = mcryptd_hash_init_tfm; diff --git a/queue-3.18/futex-add-missing-error-handling-to-futex_requeue_pi.patch b/queue-3.18/futex-add-missing-error-handling-to-futex_requeue_pi.patch new file mode 100644 index 00000000000..0d0c7486a5e --- /dev/null +++ b/queue-3.18/futex-add-missing-error-handling-to-futex_requeue_pi.patch @@ -0,0 +1,42 @@ +From 9bbb25afeb182502ca4f2c4f3f88af0681b34cae Mon Sep 17 00:00:00 2001 +From: Peter Zijlstra +Date: Sat, 4 Mar 2017 10:27:19 +0100 +Subject: futex: Add missing error handling to FUTEX_REQUEUE_PI + +From: Peter Zijlstra + +commit 9bbb25afeb182502ca4f2c4f3f88af0681b34cae upstream. + +Thomas spotted that fixup_pi_state_owner() can return errors and we +fail to unlock the rt_mutex in that case. + +Reported-by: Thomas Gleixner +Signed-off-by: Peter Zijlstra (Intel) +Reviewed-by: Darren Hart +Cc: juri.lelli@arm.com +Cc: bigeasy@linutronix.de +Cc: xlpang@redhat.com +Cc: rostedt@goodmis.org +Cc: mathieu.desnoyers@efficios.com +Cc: jdesfossez@efficios.com +Cc: dvhart@infradead.org +Cc: bristot@redhat.com +Link: http://lkml.kernel.org/r/20170304093558.867401760@infradead.org +Signed-off-by: Thomas Gleixner +Signed-off-by: Greg Kroah-Hartman + +--- + kernel/futex.c | 2 ++ + 1 file changed, 2 insertions(+) + +--- a/kernel/futex.c ++++ b/kernel/futex.c +@@ -2650,6 +2650,8 @@ static int futex_wait_requeue_pi(u32 __u + if (q.pi_state && (q.pi_state->owner != current)) { + spin_lock(q.lock_ptr); + ret = fixup_pi_state_owner(uaddr2, &q, current); ++ if (ret && rt_mutex_owner(&q.pi_state->pi_mutex) == current) ++ rt_mutex_unlock(&q.pi_state->pi_mutex); + /* + * Drop the reference to the pi state which + * the requeue_pi() code acquired for us. diff --git a/queue-3.18/futex-fix-potential-use-after-free-in-futex_requeue_pi.patch b/queue-3.18/futex-fix-potential-use-after-free-in-futex_requeue_pi.patch new file mode 100644 index 00000000000..fda21aaf118 --- /dev/null +++ b/queue-3.18/futex-fix-potential-use-after-free-in-futex_requeue_pi.patch @@ -0,0 +1,85 @@ +From c236c8e95a3d395b0494e7108f0d41cf36ec107c Mon Sep 17 00:00:00 2001 +From: Peter Zijlstra +Date: Sat, 4 Mar 2017 10:27:18 +0100 +Subject: futex: Fix potential use-after-free in FUTEX_REQUEUE_PI + +From: Peter Zijlstra + +commit c236c8e95a3d395b0494e7108f0d41cf36ec107c upstream. + +While working on the futex code, I stumbled over this potential +use-after-free scenario. Dmitry triggered it later with syzkaller. + +pi_mutex is a pointer into pi_state, which we drop the reference on in +unqueue_me_pi(). So any access to that pointer after that is bad. + +Since other sites already do rt_mutex_unlock() with hb->lock held, see +for example futex_lock_pi(), simply move the unlock before +unqueue_me_pi(). + +Reported-by: Dmitry Vyukov +Signed-off-by: Peter Zijlstra (Intel) +Reviewed-by: Darren Hart +Cc: juri.lelli@arm.com +Cc: bigeasy@linutronix.de +Cc: xlpang@redhat.com +Cc: rostedt@goodmis.org +Cc: mathieu.desnoyers@efficios.com +Cc: jdesfossez@efficios.com +Cc: dvhart@infradead.org +Cc: bristot@redhat.com +Link: http://lkml.kernel.org/r/20170304093558.801744246@infradead.org +Signed-off-by: Thomas Gleixner +Signed-off-by: Greg Kroah-Hartman + +--- + kernel/futex.c | 20 +++++++++++--------- + 1 file changed, 11 insertions(+), 9 deletions(-) + +--- a/kernel/futex.c ++++ b/kernel/futex.c +@@ -2567,7 +2567,6 @@ static int futex_wait_requeue_pi(u32 __u + { + struct hrtimer_sleeper timeout, *to = NULL; + struct rt_mutex_waiter rt_waiter; +- struct rt_mutex *pi_mutex = NULL; + struct futex_hash_bucket *hb; + union futex_key key2 = FUTEX_KEY_INIT; + struct futex_q q = futex_q_init; +@@ -2659,6 +2658,8 @@ static int futex_wait_requeue_pi(u32 __u + spin_unlock(q.lock_ptr); + } + } else { ++ struct rt_mutex *pi_mutex; ++ + /* + * We have been woken up by futex_unlock_pi(), a timeout, or a + * signal. futex_unlock_pi() will not destroy the lock_ptr nor +@@ -2682,18 +2683,19 @@ static int futex_wait_requeue_pi(u32 __u + if (res) + ret = (res < 0) ? res : 0; + ++ /* ++ * If fixup_pi_state_owner() faulted and was unable to handle ++ * the fault, unlock the rt_mutex and return the fault to ++ * userspace. ++ */ ++ if (ret && rt_mutex_owner(pi_mutex) == current) ++ rt_mutex_unlock(pi_mutex); ++ + /* Unqueue and drop the lock. */ + unqueue_me_pi(&q); + } + +- /* +- * If fixup_pi_state_owner() faulted and was unable to handle the +- * fault, unlock the rt_mutex and return the fault to userspace. +- */ +- if (ret == -EFAULT) { +- if (pi_mutex && rt_mutex_owner(pi_mutex) == current) +- rt_mutex_unlock(pi_mutex); +- } else if (ret == -EINTR) { ++ if (ret == -EINTR) { + /* + * We've already been requeued, but cannot restart by calling + * futex_lock_pi() directly. We could restart this syscall, but diff --git a/queue-3.18/mbox_todo b/queue-3.18/mbox_todo index 221e6def33a..3488239b4fd 100644 --- a/queue-3.18/mbox_todo +++ b/queue-3.18/mbox_todo @@ -2867,76 +2867,6 @@ index e504f548b64e..5bbd1989d5e6 100644 -- 2.12.2 -From 3a19419c50c6ee386ca6d22a23acc2df51583d3d Mon Sep 17 00:00:00 2001 -From: Eric Biggers -Date: Sat, 15 Oct 2016 09:48:50 -0400 -Subject: [PATCH 097/251] fscrypto: lock inode while setting encryption policy -Content-Length: 1807 -Lines: 62 - -commit 8906a8223ad4909b391c5628f7991ebceda30e52 upstream. - -i_rwsem needs to be acquired while setting an encryption policy so that -concurrent calls to FS_IOC_SET_ENCRYPTION_POLICY are correctly -serialized (especially the ->get_context() + ->set_context() pair), and -so that new files cannot be created in the directory during or after the -->empty_dir() check. - -Signed-off-by: Eric Biggers -Signed-off-by: Theodore Ts'o -Reviewed-by: Richard Weinberger -Cc: stable@vger.kernel.org -Signed-off-by: Greg Kroah-Hartman ---- - fs/ext4/ioctl.c | 4 ++++ - fs/f2fs/file.c | 9 ++++++++- - 2 files changed, 12 insertions(+), 1 deletion(-) - -diff --git a/fs/ext4/ioctl.c b/fs/ext4/ioctl.c -index 1fb12f9c97a6..789e2d6724a9 100644 ---- a/fs/ext4/ioctl.c -+++ b/fs/ext4/ioctl.c -@@ -633,8 +633,12 @@ resizefs_out: - if (err) - goto encryption_policy_out; - -+ mutex_lock(&inode->i_mutex); -+ - err = ext4_process_policy(&policy, inode); - -+ mutex_unlock(&inode->i_mutex); -+ - mnt_drop_write_file(filp); - encryption_policy_out: - return err; -diff --git a/fs/f2fs/file.c b/fs/f2fs/file.c -index a197215ad52b..4b449d263333 100644 ---- a/fs/f2fs/file.c -+++ b/fs/f2fs/file.c -@@ -1535,12 +1535,19 @@ static int f2fs_ioc_set_encryption_policy(struct file *filp, unsigned long arg) - #ifdef CONFIG_F2FS_FS_ENCRYPTION - struct f2fs_encryption_policy policy; - struct inode *inode = file_inode(filp); -+ int err; - - if (copy_from_user(&policy, (struct f2fs_encryption_policy __user *)arg, - sizeof(policy))) - return -EFAULT; - -- return f2fs_process_policy(&policy, inode); -+ mutex_lock(&inode->i_mutex); -+ -+ err = f2fs_process_policy(&policy, inode); -+ -+ mutex_unlock(&inode->i_mutex); -+ -+ return err; - #else - return -EOPNOTSUPP; - #endif --- -2.12.2 - From 8e0ec20539f8c626463ae43fcaeb218e3b2b5dc4 Mon Sep 17 00:00:00 2001 From: Andrey Ryabinin Date: Mon, 13 Mar 2017 19:33:37 +0300 @@ -3049,142 +2979,6 @@ index 1a8256dd6729..5b2f2306fbcc 100644 -- 2.12.2 -From 44854c191e2cb62d369eb9927e6b6683c11d6b04 Mon Sep 17 00:00:00 2001 -From: Peter Zijlstra -Date: Sat, 4 Mar 2017 10:27:18 +0100 -Subject: [PATCH 100/251] futex: Fix potential use-after-free in - FUTEX_REQUEUE_PI -Content-Length: 2788 -Lines: 81 - -commit c236c8e95a3d395b0494e7108f0d41cf36ec107c upstream. - -While working on the futex code, I stumbled over this potential -use-after-free scenario. Dmitry triggered it later with syzkaller. - -pi_mutex is a pointer into pi_state, which we drop the reference on in -unqueue_me_pi(). So any access to that pointer after that is bad. - -Since other sites already do rt_mutex_unlock() with hb->lock held, see -for example futex_lock_pi(), simply move the unlock before -unqueue_me_pi(). - -Reported-by: Dmitry Vyukov -Signed-off-by: Peter Zijlstra (Intel) -Reviewed-by: Darren Hart -Cc: juri.lelli@arm.com -Cc: bigeasy@linutronix.de -Cc: xlpang@redhat.com -Cc: rostedt@goodmis.org -Cc: mathieu.desnoyers@efficios.com -Cc: jdesfossez@efficios.com -Cc: dvhart@infradead.org -Cc: bristot@redhat.com -Link: http://lkml.kernel.org/r/20170304093558.801744246@infradead.org -Signed-off-by: Thomas Gleixner -Signed-off-by: Greg Kroah-Hartman ---- - kernel/futex.c | 20 +++++++++++--------- - 1 file changed, 11 insertions(+), 9 deletions(-) - -diff --git a/kernel/futex.c b/kernel/futex.c -index 9d251dc3ec40..45170163a0b3 100644 ---- a/kernel/futex.c -+++ b/kernel/futex.c -@@ -2690,7 +2690,6 @@ static int futex_wait_requeue_pi(u32 __user *uaddr, unsigned int flags, - { - struct hrtimer_sleeper timeout, *to = NULL; - struct rt_mutex_waiter rt_waiter; -- struct rt_mutex *pi_mutex = NULL; - struct futex_hash_bucket *hb; - union futex_key key2 = FUTEX_KEY_INIT; - struct futex_q q = futex_q_init; -@@ -2782,6 +2781,8 @@ static int futex_wait_requeue_pi(u32 __user *uaddr, unsigned int flags, - spin_unlock(q.lock_ptr); - } - } else { -+ struct rt_mutex *pi_mutex; -+ - /* - * We have been woken up by futex_unlock_pi(), a timeout, or a - * signal. futex_unlock_pi() will not destroy the lock_ptr nor -@@ -2805,18 +2806,19 @@ static int futex_wait_requeue_pi(u32 __user *uaddr, unsigned int flags, - if (res) - ret = (res < 0) ? res : 0; - -+ /* -+ * If fixup_pi_state_owner() faulted and was unable to handle -+ * the fault, unlock the rt_mutex and return the fault to -+ * userspace. -+ */ -+ if (ret && rt_mutex_owner(pi_mutex) == current) -+ rt_mutex_unlock(pi_mutex); -+ - /* Unqueue and drop the lock. */ - unqueue_me_pi(&q); - } - -- /* -- * If fixup_pi_state_owner() faulted and was unable to handle the -- * fault, unlock the rt_mutex and return the fault to userspace. -- */ -- if (ret == -EFAULT) { -- if (pi_mutex && rt_mutex_owner(pi_mutex) == current) -- rt_mutex_unlock(pi_mutex); -- } else if (ret == -EINTR) { -+ if (ret == -EINTR) { - /* - * We've already been requeued, but cannot restart by calling - * futex_lock_pi() directly. We could restart this syscall, but --- -2.12.2 - -From 99d403faba47e5adeb11dbf1094972fc78c29a75 Mon Sep 17 00:00:00 2001 -From: Peter Zijlstra -Date: Sat, 4 Mar 2017 10:27:19 +0100 -Subject: [PATCH 101/251] futex: Add missing error handling to FUTEX_REQUEUE_PI -Content-Length: 1361 -Lines: 38 - -commit 9bbb25afeb182502ca4f2c4f3f88af0681b34cae upstream. - -Thomas spotted that fixup_pi_state_owner() can return errors and we -fail to unlock the rt_mutex in that case. - -Reported-by: Thomas Gleixner -Signed-off-by: Peter Zijlstra (Intel) -Reviewed-by: Darren Hart -Cc: juri.lelli@arm.com -Cc: bigeasy@linutronix.de -Cc: xlpang@redhat.com -Cc: rostedt@goodmis.org -Cc: mathieu.desnoyers@efficios.com -Cc: jdesfossez@efficios.com -Cc: dvhart@infradead.org -Cc: bristot@redhat.com -Link: http://lkml.kernel.org/r/20170304093558.867401760@infradead.org -Signed-off-by: Thomas Gleixner -Signed-off-by: Greg Kroah-Hartman ---- - kernel/futex.c | 2 ++ - 1 file changed, 2 insertions(+) - -diff --git a/kernel/futex.c b/kernel/futex.c -index 45170163a0b3..3057dabf726f 100644 ---- a/kernel/futex.c -+++ b/kernel/futex.c -@@ -2773,6 +2773,8 @@ static int futex_wait_requeue_pi(u32 __user *uaddr, unsigned int flags, - if (q.pi_state && (q.pi_state->owner != current)) { - spin_lock(q.lock_ptr); - ret = fixup_pi_state_owner(uaddr2, &q, current); -+ if (ret && rt_mutex_owner(&q.pi_state->pi_mutex) == current) -+ rt_mutex_unlock(&q.pi_state->pi_mutex); - /* - * Drop the reference to the pi state which - * the requeue_pi() code acquired for us. --- -2.12.2 - From 0136bca4e0f65075b0b4716a270f8b04c6c46abc Mon Sep 17 00:00:00 2001 From: Greg Kroah-Hartman Date: Wed, 22 Mar 2017 12:17:51 +0100 @@ -3566,157 +3360,6 @@ index 9a5303c17de7..5724d7c41e29 100644 -- 2.12.2 -From c78c3376ec6707f4e2177906928b12cb6cd8c5a9 Mon Sep 17 00:00:00 2001 -From: "Wang, Rui Y" -Date: Sun, 29 Nov 2015 22:45:33 +0800 -Subject: [PATCH 105/251] crypto: ghash-clmulni - Fix load failure -Content-Length: 2363 -Lines: 69 - -commit 3a020a723c65eb8ffa7c237faca26521a024e582 upstream. - -ghash_clmulni_intel fails to load on Linux 4.3+ with the following message: -"modprobe: ERROR: could not insert 'ghash_clmulni_intel': Invalid argument" - -After 8996eafdc ("crypto: ahash - ensure statesize is non-zero") all ahash -drivers are required to implement import()/export(), and must have a non- -zero statesize. - -This patch has been tested with the algif_hash interface. The calculated -digest values, after several rounds of import()s and export()s, match those -calculated by tcrypt. - -Signed-off-by: Rui Wang -Signed-off-by: Herbert Xu -Cc: Sumit Semwal -Signed-off-by: Greg Kroah-Hartman ---- - arch/x86/crypto/ghash-clmulni-intel_glue.c | 26 ++++++++++++++++++++++++++ - 1 file changed, 26 insertions(+) - -diff --git a/arch/x86/crypto/ghash-clmulni-intel_glue.c b/arch/x86/crypto/ghash-clmulni-intel_glue.c -index 440df0c7a2ee..a69321a77783 100644 ---- a/arch/x86/crypto/ghash-clmulni-intel_glue.c -+++ b/arch/x86/crypto/ghash-clmulni-intel_glue.c -@@ -219,6 +219,29 @@ static int ghash_async_final(struct ahash_request *req) - } - } - -+static int ghash_async_import(struct ahash_request *req, const void *in) -+{ -+ struct ahash_request *cryptd_req = ahash_request_ctx(req); -+ struct shash_desc *desc = cryptd_shash_desc(cryptd_req); -+ struct ghash_desc_ctx *dctx = shash_desc_ctx(desc); -+ -+ ghash_async_init(req); -+ memcpy(dctx, in, sizeof(*dctx)); -+ return 0; -+ -+} -+ -+static int ghash_async_export(struct ahash_request *req, void *out) -+{ -+ struct ahash_request *cryptd_req = ahash_request_ctx(req); -+ struct shash_desc *desc = cryptd_shash_desc(cryptd_req); -+ struct ghash_desc_ctx *dctx = shash_desc_ctx(desc); -+ -+ memcpy(out, dctx, sizeof(*dctx)); -+ return 0; -+ -+} -+ - static int ghash_async_digest(struct ahash_request *req) - { - struct crypto_ahash *tfm = crypto_ahash_reqtfm(req); -@@ -288,8 +311,11 @@ static struct ahash_alg ghash_async_alg = { - .final = ghash_async_final, - .setkey = ghash_async_setkey, - .digest = ghash_async_digest, -+ .export = ghash_async_export, -+ .import = ghash_async_import, - .halg = { - .digestsize = GHASH_DIGEST_SIZE, -+ .statesize = sizeof(struct ghash_desc_ctx), - .base = { - .cra_name = "ghash", - .cra_driver_name = "ghash-clmulni", --- -2.12.2 - -From 10659b8f5c600e642d0f1cadbbf83c739ac0c739 Mon Sep 17 00:00:00 2001 -From: "Wang, Rui Y" -Date: Sun, 29 Nov 2015 22:45:34 +0800 -Subject: [PATCH 106/251] crypto: cryptd - Assign statesize properly -Content-Length: 1078 -Lines: 30 - -commit 1a07834024dfca5c4bed5de8f8714306e0a11836 upstream. - -cryptd_create_hash() fails by returning -EINVAL. It is because after -8996eafdc ("crypto: ahash - ensure statesize is non-zero") all ahash -drivers must have a non-zero statesize. - -This patch fixes the problem by properly assigning the statesize. - -Signed-off-by: Rui Wang -Signed-off-by: Herbert Xu -Cc: Sumit Semwal -Signed-off-by: Greg Kroah-Hartman ---- - crypto/cryptd.c | 1 + - 1 file changed, 1 insertion(+) - -diff --git a/crypto/cryptd.c b/crypto/cryptd.c -index e7aa904cb20b..26a504db3f53 100644 ---- a/crypto/cryptd.c -+++ b/crypto/cryptd.c -@@ -642,6 +642,7 @@ static int cryptd_create_hash(struct crypto_template *tmpl, struct rtattr **tb, - inst->alg.halg.base.cra_flags = type; - - inst->alg.halg.digestsize = salg->digestsize; -+ inst->alg.halg.statesize = salg->statesize; - inst->alg.halg.base.cra_ctxsize = sizeof(struct cryptd_hash_ctx); - - inst->alg.halg.base.cra_init = cryptd_hash_init_tfm; --- -2.12.2 - -From f8c07cbc2e72a7e26bff8c5823f6e045eeeb4e16 Mon Sep 17 00:00:00 2001 -From: "Wang, Rui Y" -Date: Wed, 27 Jan 2016 17:08:36 +0800 -Subject: [PATCH 107/251] crypto: mcryptd - Fix load failure -Content-Length: 994 -Lines: 28 - -commit ddef482420b1ba8ec45e6123a7e8d3f67b21e5e3 upstream. - -mcryptd_create_hash() fails by returning -EINVAL, causing any -driver using mcryptd to fail to load. It is because it needs -to set its statesize properly. - -Signed-off-by: Rui Wang -Signed-off-by: Herbert Xu -Cc: Sumit Semwal -Signed-off-by: Greg Kroah-Hartman ---- - crypto/mcryptd.c | 1 + - 1 file changed, 1 insertion(+) - -diff --git a/crypto/mcryptd.c b/crypto/mcryptd.c -index a0ceb41d5ccc..b4f3930266b1 100644 ---- a/crypto/mcryptd.c -+++ b/crypto/mcryptd.c -@@ -531,6 +531,7 @@ static int mcryptd_create_hash(struct crypto_template *tmpl, struct rtattr **tb, - inst->alg.halg.base.cra_flags = type; - - inst->alg.halg.digestsize = salg->digestsize; -+ inst->alg.halg.statesize = salg->statesize; - inst->alg.halg.base.cra_ctxsize = sizeof(struct mcryptd_hash_ctx); - - inst->alg.halg.base.cra_init = mcryptd_hash_init_tfm; --- -2.12.2 - From 12e1a3cd11ea373143e957cf9698a26a4e43f4a6 Mon Sep 17 00:00:00 2001 From: "Manoj N. Kumar" Date: Fri, 4 Mar 2016 15:55:20 -0600 @@ -10906,81 +10549,6 @@ index 6e92917ba77a..4e3c78d88832 100644 -- 2.12.2 -From f8a62dbc790239d9cb8bb8757f43a9d2e09f747c Mon Sep 17 00:00:00 2001 -From: Jiri Slaby -Date: Thu, 15 Dec 2016 14:31:01 +0100 -Subject: [PATCH 208/251] crypto: algif_hash - avoid zero-sized array -Content-Length: 2519 -Lines: 67 - -commit 6207119444595d287b1e9e83a2066c17209698f3 upstream. - -With this reproducer: - struct sockaddr_alg alg = { - .salg_family = 0x26, - .salg_type = "hash", - .salg_feat = 0xf, - .salg_mask = 0x5, - .salg_name = "digest_null", - }; - int sock, sock2; - - sock = socket(AF_ALG, SOCK_SEQPACKET, 0); - bind(sock, (struct sockaddr *)&alg, sizeof(alg)); - sock2 = accept(sock, NULL, NULL); - setsockopt(sock, SOL_ALG, ALG_SET_KEY, "\x9b\xca", 2); - accept(sock2, NULL, NULL); - -==== 8< ======== 8< ======== 8< ======== 8< ==== - -one can immediatelly see an UBSAN warning: -UBSAN: Undefined behaviour in crypto/algif_hash.c:187:7 -variable length array bound value 0 <= 0 -CPU: 0 PID: 15949 Comm: syz-executor Tainted: G E 4.4.30-0-default #1 -... -Call Trace: -... - [] ? __ubsan_handle_vla_bound_not_positive+0x13d/0x188 - [] ? __ubsan_handle_out_of_bounds+0x1bc/0x1bc - [] ? hash_accept+0x5bd/0x7d0 [algif_hash] - [] ? hash_accept_nokey+0x3f/0x51 [algif_hash] - [] ? hash_accept_parent_nokey+0x4a0/0x4a0 [algif_hash] - [] ? SyS_accept+0x2b/0x40 - -It is a correct warning, as hash state is propagated to accept as zero, -but creating a zero-length variable array is not allowed in C. - -Fix this as proposed by Herbert -- do "?: 1" on that site. No sizeof or -similar happens in the code there, so we just allocate one byte even -though we do not use the array. - -Signed-off-by: Jiri Slaby -Cc: Herbert Xu -Cc: "David S. Miller" (maintainer:CRYPTO API) -Reported-by: Sasha Levin -Signed-off-by: Herbert Xu -Cc: Arnd Bergmann -Signed-off-by: Greg Kroah-Hartman ---- - crypto/algif_hash.c | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/crypto/algif_hash.c b/crypto/algif_hash.c -index 68a5ceaa04c8..8d8b3eeba725 100644 ---- a/crypto/algif_hash.c -+++ b/crypto/algif_hash.c -@@ -184,7 +184,7 @@ static int hash_accept(struct socket *sock, struct socket *newsock, int flags) - struct alg_sock *ask = alg_sk(sk); - struct hash_ctx *ctx = ask->private; - struct ahash_request *req = &ctx->req; -- char state[crypto_ahash_statesize(crypto_ahash_reqtfm(req))]; -+ char state[crypto_ahash_statesize(crypto_ahash_reqtfm(req)) ? : 1]; - struct sock *sk2; - struct alg_sock *ask2; - struct hash_ctx *ctx2; --- -2.12.2 - From 0a5766a6a73b1eb6a0dfa74adc40272e555ac2f0 Mon Sep 17 00:00:00 2001 From: Greg Kroah-Hartman Date: Thu, 30 Mar 2017 09:36:33 +0200 diff --git a/queue-3.18/series b/queue-3.18/series index 688911e4c83..d22f6e0ff83 100644 --- a/queue-3.18/series +++ b/queue-3.18/series @@ -112,3 +112,9 @@ usb-hub-wait-for-connection-to-be-reestablished-after-port-reset.patch net-mlx4_en-fix-bad-wqe-issue.patch net-mlx4_core-fix-racy-cq-completion-queue-free.patch net-mlx4_core-fix-when-to-save-some-qp-context-flags-for-dynamic-vst-to-vgt-transitions.patch +futex-fix-potential-use-after-free-in-futex_requeue_pi.patch +futex-add-missing-error-handling-to-futex_requeue_pi.patch +crypto-cryptd-assign-statesize-properly.patch +crypto-mcryptd-fix-load-failure.patch +crypto-algif_hash-avoid-zero-sized-array.patch +crypto-ghash-clmulni-fix-load-failure.patch