Re: INFO: task hung in aead_recvmsg

2017-12-23 Thread Eric Biggers 
[+Cc Steffen Klassert ]

On Tue, Dec 12, 2017 at 05:46:46PM +0100, 'Dmitry Vyukov' via syzkaller-bugs 
wrote:
> On Sun, Dec 10, 2017 at 2:34 PM, syzbot
> 
> wrote:
> > Hello,
> >
> > syzkaller hit the following crash on
> > ad4dac17f9d563b9e34aab78a34293b10993e9b5
> > git://git.kernel.org/pub/scm/linux/kernel/git/next/linux-next.git/master
> > compiler: gcc (GCC) 7.1.1 20170620
> > .config is attached
> > Raw console output is attached.
> >
> > Unfortunately, I don't have any reproducer for this bug yet.
> >
> >
> > Use struct sctp_assoc_value instead
> > INFO: task syz-executor6:7377 blocked for more than 120 seconds.
> >   Not tainted 4.15.0-rc2-next-20171208+ #63
> > "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
> > syz-executor6   D24416  7377   3393 0x0004
> > Call Trace:
> >  context_switch kernel/sched/core.c:2800 [inline]
> >  __schedule+0x8eb/0x2060 kernel/sched/core.c:3376
> >  schedule+0xf5/0x430 kernel/sched/core.c:3435
> >  schedule_timeout+0x43a/0x560 kernel/time/timer.c:1776
> >  do_wait_for_common kernel/sched/completion.c:91 [inline]
> >  __wait_for_common kernel/sched/completion.c:112 [inline]
> >  wait_for_common kernel/sched/completion.c:123 [inline]
> >  wait_for_completion+0x44b/0x7b0 kernel/sched/completion.c:144
> >  crypto_wait_req include/linux/crypto.h:496 [inline]
> >  _aead_recvmsg crypto/algif_aead.c:308 [inline]
> >  aead_recvmsg+0x1396/0x1bc0 crypto/algif_aead.c:329
> >  aead_recvmsg_nokey+0x60/0x80 crypto/algif_aead.c:447
> >  sock_recvmsg_nosec net/socket.c:809 [inline]
> >  sock_recvmsg+0xc9/0x110 net/socket.c:816
> >  ___sys_recvmsg+0x29b/0x630 net/socket.c:2185
> >  __sys_recvmsg+0xe2/0x210 net/socket.c:2230
> >  SYSC_recvmsg net/socket.c:2242 [inline]
> >  SyS_recvmsg+0x2d/0x50 net/socket.c:2237
> >  entry_SYSCALL_64_fastpath+0x1f/0x96
> > RIP: 0033:0x452a39
> > RSP: 002b:7f9dc7c93c58 EFLAGS: 0212 ORIG_RAX: 002f
> > RAX: ffda RBX: 7f9dc7c94700 RCX: 00452a39
> > RDX:  RSI: 20539fc8 RDI: 0025
> > RBP:  R08:  R09: 
> > R10:  R11: 0212 R12: 
> > R13: 00a6f7ff R14: 7f9dc7c949c0 R15: 
> >
> > Showing all locks held in the system:
> > 2 locks held by khungtaskd/671:
> >  #0:  (rcu_read_lock){}, at: []
> > check_hung_uninterruptible_tasks kernel/hung_task.c:175 [inline]
> >  #0:  (rcu_read_lock){}, at: [] watchdog+0x1c5/0xd60
> > kernel/hung_task.c:249
> >  #1:  (tasklist_lock){.+.+}, at: []
> > debug_show_all_locks+0xd3/0x400 kernel/locking/lockdep.c:4554
> > 1 lock held by rsyslogd/2995:
> >  #0:  (>f_pos_lock){+.+.}, at: [<34bb33fc>]
> > __fdget_pos+0x131/0x1a0 fs/file.c:765
> > 2 locks held by getty/3116:
> >  #0:  (>ldisc_sem){}, at: [<8df66e53>]
> > ldsem_down_read+0x37/0x40 drivers/tty/tty_ldsem.c:365
> >  #1:  (>atomic_read_lock){+.+.}, at: [<870ebf25>]
> > n_tty_read+0x2f2/0x1a10 drivers/tty/n_tty.c:2131
> > 2 locks held by getty/3117:
> >  #0:  (>ldisc_sem){}, at: [<8df66e53>]
> > ldsem_down_read+0x37/0x40 drivers/tty/tty_ldsem.c:365
> >  #1:  (>atomic_read_lock){+.+.}, at: [<870ebf25>]
> > n_tty_read+0x2f2/0x1a10 drivers/tty/n_tty.c:2131
> > 2 locks held by getty/3118:
> >  #0:  (>ldisc_sem){}, at: [<8df66e53>]
> > ldsem_down_read+0x37/0x40 drivers/tty/tty_ldsem.c:365
> >  #1:  (>atomic_read_lock){+.+.}, at: [<870ebf25>]
> > n_tty_read+0x2f2/0x1a10 drivers/tty/n_tty.c:2131
> > 2 locks held by getty/3119:
> >  #0:  (>ldisc_sem){}, at: [<8df66e53>]
> > ldsem_down_read+0x37/0x40 drivers/tty/tty_ldsem.c:365
> >  #1:  (>atomic_read_lock){+.+.}, at: [<870ebf25>]
> > n_tty_read+0x2f2/0x1a10 drivers/tty/n_tty.c:2131
> > 2 locks held by getty/3120:
> >  #0:  (>ldisc_sem){}, at: [<8df66e53>]
> > ldsem_down_read+0x37/0x40 drivers/tty/tty_ldsem.c:365
> >  #1:  (>atomic_read_lock){+.+.}, at: [<870ebf25>]
> > n_tty_read+0x2f2/0x1a10 drivers/tty/n_tty.c:2131
> > 2 locks held by getty/3121:
> >  #0:  (>ldisc_sem){}, at: [<8df66e53>]
> > ldsem_down_read+0x37/0x40 drivers/tty/tty_ldsem.c:365
> >  #1:  (>atomic_read_lock){+.+.}, at: [<870ebf25>]
> > n_tty_read+0x2f2/0x1a10 drivers/tty/n_tty.c:2131
> > 2 locks held by getty/3122:
> >  #0:  (>ldisc_sem){}, at: [<8df66e53>]
> > ldsem_down_read+0x37/0x40 drivers/tty/tty_ldsem.c:365
> >  #1:  (>atomic_read_lock){+.+.}, at: [<870ebf25>]
> > n_tty_read+0x2f2/0x1a10 drivers/tty/n_tty.c:2131
> > 1 lock held by syz-executor6/7377:
> >  #0:  (sk_lock-AF_ALG){+.+.}, at: [<96d0e030>] lock_sock
> > include/net/sock.h:1463 [inline]
> >  #0:  (sk_lock-AF_ALG){+.+.}, at: [<96d0e030>]
> >

Re: INFO: task hung in lock_sock_nested

2017-12-23 Thread Eric Biggers 
On Tue, Dec 12, 2017 at 05:47:34PM +0100, Dmitry Vyukov wrote:
> On Sun, Dec 10, 2017 at 2:37 PM, syzbot
> 
> wrote:
> > Hello,
> >
> > syzkaller hit the following crash on
> > 51e18a453f5f59a40c721d4aeab082b4e2e9fac6
> > git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-next.git/master
> > compiler: gcc (GCC) 7.1.1 20170620
> > .config is attached
> > Raw console output is attached.
> >
> > Unfortunately, I don't have any reproducer for this bug yet.
> >
> >
> > RDS: rds_bind could not find a transport for 172.20.1.187, load rds_tcp or
> > rds_rdma?
> > INFO: task syz-executor2:19495 blocked for more than 120 seconds.
> >   Not tainted 4.15.0-rc2+ #148
> > "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
> > syz-executor2   D25200 19495   3406 0x0004
> > Call Trace:
> >  context_switch kernel/sched/core.c:2799 [inline]
> >  __schedule+0x8eb/0x2060 kernel/sched/core.c:3375
> >  schedule+0xf5/0x430 kernel/sched/core.c:3434
> >  __lock_sock+0x1dc/0x2f0 net/core/sock.c:2240
> >  lock_sock_nested+0xf3/0x110 net/core/sock.c:2764
> >  lock_sock include/net/sock.h:1461 [inline]
> >  af_alg_sendmsg+0x349/0x1080 crypto/af_alg.c:858
> >  aead_sendmsg+0x103/0x150 crypto/algif_aead.c:76
> >  sock_sendmsg_nosec net/socket.c:636 [inline]
> >  sock_sendmsg+0xca/0x110 net/socket.c:646
> >  ___sys_sendmsg+0x75b/0x8a0 net/socket.c:2026
> >  __sys_sendmsg+0xe5/0x210 net/socket.c:2060
> >  SYSC_sendmsg net/socket.c:2071 [inline]
> >  SyS_sendmsg+0x2d/0x50 net/socket.c:2067
> >  entry_SYSCALL_64_fastpath+0x1f/0x96
> > RIP: 0033:0x452a39
> > RSP: 002b:7f63f58cfc58 EFLAGS: 0212 ORIG_RAX: 002e
> > RAX: ffda RBX: 00758020 RCX: 00452a39
> > RDX: 0040 RSI: 2063 RDI: 0015
> > RBP: 0001 R08:  R09: 
> > R10:  R11: 0212 R12: 006ee0b8
> > R13:  R14: 7f63f58d06d4 R15: 
> >
> > Showing all locks held in the system:
> > 2 locks held by khungtaskd/663:
> >  #0:  (rcu_read_lock){}, at: []
> > check_hung_uninterruptible_tasks kernel/hung_task.c:175 [inline]
> >  #0:  (rcu_read_lock){}, at: [] watchdog+0x1c5/0xd60
> > kernel/hung_task.c:249
> >  #1:  (tasklist_lock){.+.+}, at: []
> > debug_show_all_locks+0xd3/0x400 kernel/locking/lockdep.c:4554
> > 1 lock held by rsyslogd/3008:
> >  #0:  (>f_pos_lock){+.+.}, at: []
> > __fdget_pos+0x131/0x1a0 fs/file.c:770
> > 2 locks held by getty/3130:
> >  #0:  (>ldisc_sem){}, at: []
> > ldsem_down_read+0x37/0x40 drivers/tty/tty_ldsem.c:365
> >  #1:  (>atomic_read_lock){+.+.}, at: [<2bd4e259>]
> > n_tty_read+0x2f2/0x1a10 drivers/tty/n_tty.c:2131
> > 2 locks held by getty/3131:
> >  #0:  (>ldisc_sem){}, at: []
> > ldsem_down_read+0x37/0x40 drivers/tty/tty_ldsem.c:365
> >  #1:  (>atomic_read_lock){+.+.}, at: [<2bd4e259>]
> > n_tty_read+0x2f2/0x1a10 drivers/tty/n_tty.c:2131
> > 2 locks held by getty/3132:
> >  #0:  (>ldisc_sem){}, at: []
> > ldsem_down_read+0x37/0x40 drivers/tty/tty_ldsem.c:365
> >  #1:  (>atomic_read_lock){+.+.}, at: [<2bd4e259>]
> > n_tty_read+0x2f2/0x1a10 drivers/tty/n_tty.c:2131
> > 2 locks held by getty/3133:
> >  #0:  (>ldisc_sem){}, at: []
> > ldsem_down_read+0x37/0x40 drivers/tty/tty_ldsem.c:365
> >  #1:  (>atomic_read_lock){+.+.}, at: [<2bd4e259>]
> > n_tty_read+0x2f2/0x1a10 drivers/tty/n_tty.c:2131
> > 2 locks held by getty/3134:
> >  #0:  (>ldisc_sem){}, at: []
> > ldsem_down_read+0x37/0x40 drivers/tty/tty_ldsem.c:365
> >  #1:  (>atomic_read_lock){+.+.}, at: [<2bd4e259>]
> > n_tty_read+0x2f2/0x1a10 drivers/tty/n_tty.c:2131
> > 2 locks held by getty/3135:
> >  #0:  (>ldisc_sem){}, at: []
> > ldsem_down_read+0x37/0x40 drivers/tty/tty_ldsem.c:365
> >  #1:  (>atomic_read_lock){+.+.}, at: [<2bd4e259>]
> > n_tty_read+0x2f2/0x1a10 drivers/tty/n_tty.c:2131
> > 2 locks held by getty/3136:
> >  #0:  (>ldisc_sem){}, at: []
> > ldsem_down_read+0x37/0x40 drivers/tty/tty_ldsem.c:365
> >  #1:  (>atomic_read_lock){+.+.}, at: [<2bd4e259>]
> > n_tty_read+0x2f2/0x1a10 drivers/tty/n_tty.c:2131
> > 1 lock held by syz-executor2/19506:
> >  #0:  (sk_lock-AF_ALG){+.+.}, at: [] lock_sock
> > include/net/sock.h:1461 [inline]
> >  #0:  (sk_lock-AF_ALG){+.+.}, at: []
> > aead_recvmsg+0xb3/0x1bc0 crypto/algif_aead.c:327
> >

I think this is a duplicate:

#syz dup: INFO: task hung in aead_recvmsg

There is a thread hung in aead_recvmsg() while holding the socket lock, so it's
blocking other threads too.

Eric

[PATCH v1] crypto: crypto4xx - perform aead icv check in the driver

2017-12-23 Thread Christian Lamparter 
The ccm-aes-ppc4xx now fails one of testmgr's expected
failure test cases as such:

|decryption failed on test 10 for ccm-aes-ppc4xx:
|ret was 0, |expected -EBADMSG

It doesn't look like the hardware sets the authentication failure
flag. The original vendor source from which this was ported does
not have any special code or notes about why this would happen or
if there are any WAs.

Hence, this patch converts the aead_done callback handler to
perform the icv check in the driver. And this fixes the false
negative and the ccm-aes-ppc4xx passes the selftests once again.

|name : ccm(aes)
|driver   : ccm-aes-ppc4xx
|module   : crypto4xx
|priority : 300
|refcnt   : 1
|selftest : passed
|internal : no
|type : aead
|async: yes
|blocksize: 1
|ivsize   : 16
|maxauthsize  : 16
|geniv: 

Signed-off-by: Christian Lamparter 
---
 drivers/crypto/amcc/crypto4xx_alg.c  |  6 +---
 drivers/crypto/amcc/crypto4xx_core.c | 54 ++--
 2 files changed, 28 insertions(+), 32 deletions(-)

diff --git a/drivers/crypto/amcc/crypto4xx_alg.c 
b/drivers/crypto/amcc/crypto4xx_alg.c
index eeaf27859d80..ea83d0bff0e9 100644
--- a/drivers/crypto/amcc/crypto4xx_alg.c
+++ b/drivers/crypto/amcc/crypto4xx_alg.c
@@ -256,10 +256,6 @@ static inline bool crypto4xx_aead_need_fallback(struct 
aead_request *req,
if (is_ccm && !(req->iv[0] == 1 || req->iv[0] == 3))
return true;
 
-   /* CCM - fix CBC MAC mismatch in special case */
-   if (is_ccm && decrypt && !req->assoclen)
-   return true;
-
return false;
 }
 
@@ -330,7 +326,7 @@ int crypto4xx_setkey_aes_ccm(struct crypto_aead *cipher, 
const u8 *key,
sa = (struct dynamic_sa_ctl *) ctx->sa_in;
sa->sa_contents.w = SA_AES_CCM_CONTENTS | (keylen << 2);
 
-   set_dynamic_sa_command_0(sa, SA_NOT_SAVE_HASH, SA_NOT_SAVE_IV,
+   set_dynamic_sa_command_0(sa, SA_SAVE_HASH, SA_NOT_SAVE_IV,
 SA_LOAD_HASH_FROM_SA, SA_LOAD_IV_FROM_STATE,
 SA_NO_HEADER_PROC, SA_HASH_ALG_CBC_MAC,
 SA_CIPHER_ALG_AES,
diff --git a/drivers/crypto/amcc/crypto4xx_core.c 
b/drivers/crypto/amcc/crypto4xx_core.c
index f148627e925c..ad19aa806931 100644
--- a/drivers/crypto/amcc/crypto4xx_core.c
+++ b/drivers/crypto/amcc/crypto4xx_core.c
@@ -577,15 +577,14 @@ static void crypto4xx_aead_done(struct crypto4xx_device 
*dev,
struct pd_uinfo *pd_uinfo,
struct ce_pd *pd)
 {
-   struct aead_request *aead_req;
-   struct crypto4xx_ctx *ctx;
+   struct aead_request *aead_req = container_of(pd_uinfo->async_req,
+   struct aead_request, base);
struct scatterlist *dst = pd_uinfo->dest_va;
+   size_t cp_len = crypto_aead_authsize(
+   crypto_aead_reqtfm(aead_req));
+   u32 icv[cp_len];
int err = 0;
 
-   aead_req = container_of(pd_uinfo->async_req, struct aead_request,
-   base);
-   ctx  = crypto_tfm_ctx(aead_req->base.tfm);
-
if (pd_uinfo->using_sd) {
crypto4xx_copy_pkt_to_dst(dev, pd, pd_uinfo,
  pd->pd_ctl_len.bf.pkt_len,
@@ -597,38 +596,39 @@ static void crypto4xx_aead_done(struct crypto4xx_device 
*dev,
 
if (pd_uinfo->sa_va->sa_command_0.bf.dir == DIR_OUTBOUND) {
/* append icv at the end */
-   size_t cp_len = crypto_aead_authsize(
-   crypto_aead_reqtfm(aead_req));
-   u32 icv[cp_len];
-
crypto4xx_memcpy_from_le32(icv, pd_uinfo->sr_va->save_digest,
   cp_len);
 
scatterwalk_map_and_copy(icv, dst, aead_req->cryptlen,
 cp_len, 1);
+   } else {
+   /* check icv at the end */
+   scatterwalk_map_and_copy(icv, aead_req->src,
+   aead_req->assoclen + aead_req->cryptlen -
+   cp_len, cp_len, 0);
+
+   crypto4xx_memcpy_from_le32(icv, icv, cp_len);
+
+   if (crypto_memneq(icv, pd_uinfo->sr_va->save_digest, cp_len))
+   err = -EBADMSG;
}
 
crypto4xx_ret_sg_desc(dev, pd_uinfo);
 
if (pd->pd_ctl.bf.status & 0xff) {
-   if (pd->pd_ctl.bf.status & 0x1) {
-   /* authentication error */
-   err = -EBADMSG;
-   } else {
-   if (!__ratelimit(>aead_ratelimit)) {
-   if (pd->pd_ctl.bf.status & 2)
-   pr_err("pad fail error\n");
-   if (pd->pd_ctl.bf.status & 4)
-   pr_err("seqnum fail\n");
-   if (pd->pd_ctl.bf.status &