| Message ID | 3368ebb31bd1670b8ea8ff45c81807c8c0e6bc3b.1485948732.git.harsh@chelsio.com (mailing list archive) |
|---|---|
| State | Accepted |
| Delegated to: | Herbert Xu |
| Headers | show |
Am Mittwoch, 1. Februar 2017, 21:10:28 CET schrieb Harsh Jain: Hi Harsh, > Kernel panics when userspace program try to access AEAD interface. > Remove node from Linked List before freeing its memory. Very good catch. Thank you. Reviewed-by: Stephan Müller <smueller@chronox.de> (PS: Herbert, in case you want to apply my patches regarding fixing the memory management for algif_aead and algif_skcipher, please note that this error is in the new function aead_free_rsgl/skcipher_free_sgl. Thus, if you think that my approach is good after all, I will need to re-send the patch.) Ciao Stephan
diff --git a/crypto/algif_aead.c b/crypto/algif_aead.c index f849311..533265f 100644 --- a/crypto/algif_aead.c +++ b/crypto/algif_aead.c @@ -661,9 +661,9 @@ static int aead_recvmsg_sync(struct socket *sock, struct msghdr *msg, int flags) unlock: list_for_each_entry_safe(rsgl, tmp, &ctx->list, list) { af_alg_free_sg(&rsgl->sgl); + list_del(&rsgl->list); if (rsgl != &ctx->first_rsgl) sock_kfree_s(sk, rsgl, sizeof(*rsgl)); - list_del(&rsgl->list); } INIT_LIST_HEAD(&ctx->list); aead_wmem_wakeup(sk);
Kernel panics when userspace program try to access AEAD interface. Remove node from Linked List before freeing its memory. Signed-off-by: Harsh Jain <harsh@chelsio.com> --- crypto/algif_aead.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-)