WARNING in crypto_wait_for_test

2015-12-08 Thread Dmitry Vyukov
Hello, The following program triggers a WARNING in crypto_wait_for_test: // autogenerated by syzkaller (http://github.com/google/syzkaller) #include #include #include int main() { long r0 = syscall(SYS_mmap, 0x2000ul, 0x1000ul, 0x3ul, 0x32ul, 0xul, 0x0ul);

GPF in gf128mul_64k_bbe

2015-12-17 Thread Dmitry Vyukov
Hello, The following program causes GPF in gf128mul_64k_bbe: // autogenerated by syzkaller (http://github.com/google/syzkaller) #include #include #include int main() { long r0 = syscall(SYS_socket, 0x26ul, 0x5ul, 0x0ul, 0, 0, 0); long r1 = syscall(SYS_mmap, 0x2000ul,

GPF in lrw_crypt

2015-12-17 Thread Dmitry Vyukov
Hello, The following program causes GPF in lrw_crypt: // autogenerated by syzkaller (http://github.com/google/syzkaller) #include #include #include int main() { long r0 = syscall(SYS_socket, 0x26ul, 0x5ul, 0x0ul, 0, 0, 0); long r1 = syscall(SYS_mmap, 0x2000ul, 0x1ul,

use-after-free in hash_sock_destruct

2015-12-17 Thread Dmitry Vyukov
Hello, The following program causes use-after-free in hash_sock_destruct: // autogenerated by syzkaller (http://github.com/google/syzkaller) #include #include #include #include #include #include struct sockaddr_alg { unsigned short salg_family; charsalg_type[14];

use-after-free in skcipher_sock_destruct

2015-12-17 Thread Dmitry Vyukov
Hello, The following program triggers use-after-free in skcipher_sock_destruct: // autogenerated by syzkaller (http://github.com/google/syzkaller) #include #include #include #include #include #include struct sockaddr_alg { unsigned short salg_family; char

bad page state due to PF_ALG socket

2015-12-17 Thread Dmitry Vyukov
Hello, The following program triggers multiple bugs including bad page state warnings and GPFs: // autogenerated by syzkaller (http://github.com/google/syzkaller) #include #include #include #include void foo() { long r0 = syscall(SYS_socket, 0x26ul, 0x5ul, 0x0ul, 0, 0, 0);

Re: use-after-free in hash_sock_destruct

2015-12-29 Thread Dmitry Vyukov
On Tue, Dec 29, 2015 at 3:40 PM, Herbert Xu <herb...@gondor.apana.org.au> wrote: > On Thu, Dec 17, 2015 at 01:59:50PM +0100, Dmitry Vyukov wrote: >> >> The following program causes use-after-free in hash_sock_destruct: > > This patch should fix the problem. AFA

crypto: deadlock in alg_setsockopt

2015-12-29 Thread Dmitry Vyukov
Hello, On commit 8513342170278468bac126640a5d2d12ffbff106 + crypto: algif_skcipher - Use new skcipher interface + crypto: algif_skcipher - Require setkey before accept(2) + crypto: af_alg - Disallow bind/setkey/... after accept(2) The following program creates an unkillable, deadlocked process:

Re: use-after-free in hash_sock_destruct

2015-12-29 Thread Dmitry Vyukov
On Tue, Dec 29, 2015 at 4:28 PM, Dmitry Vyukov <dvyu...@google.com> wrote: > On Tue, Dec 29, 2015 at 3:40 PM, Herbert Xu <herb...@gondor.apana.org.au> > wrote: >> On Thu, Dec 17, 2015 at 01:59:50PM +0100, Dmitry Vyukov wrote: >>> >>> T

crypto: use-after-free in alg_bind

2015-12-29 Thread Dmitry Vyukov
Hello, On commit 8513342170278468bac126640a5d2d12ffbff106 + crypto: algif_skcipher - Use new skcipher interface + crypto: algif_skcipher - Require setkey before accept(2) + crypto: af_alg - Disallow bind/setkey/... after accept(2) The following program causes use-after-free in alg_bind and later

crypto: use-after-free in rng_recvmsg

2015-12-28 Thread Dmitry Vyukov
Hello, On commit a88164345b81292b55a8d4829fdd35c8d611cd7d (Dec 23) + crypto: algif_skcipher - Use new skcipher interface + crypto: algif_skcipher - Require setkey before accept(2) The following program triggers use-after-free in rng_recvmsg: // autogenerated by syzkaller

Re: [PATCH v2] crypto: algif_skcipher - Require setkey before accept(2)

2015-12-28 Thread Dmitry Vyukov
On Fri, Dec 25, 2015 at 8:40 AM, Herbert Xu <herb...@gondor.apana.org.au> wrote: > Dmitry Vyukov <dvyu...@google.com> wrote: >> >> I am testing with your two patches: >> crypto: algif_skcipher - Use new skcipher interface >> crypto: algif_skcipher - Re

Re: GPF in lrw_crypt

2015-12-24 Thread Dmitry Vyukov
On Thu, Dec 24, 2015 at 10:39 AM, Herbert Xu <herb...@gondor.apana.org.au> wrote: > On Thu, Dec 17, 2015 at 01:59:11PM +0100, Dmitry Vyukov wrote: >> >> The following program causes GPF in lrw_crypt: > > OK, this is a result of certain implementations (such as lrw) &g

Re: crypto: use-after-free in alg_bind

2015-12-30 Thread Dmitry Vyukov
On Wed, Dec 30, 2015 at 11:53 AM, Herbert Xu <herb...@gondor.apana.org.au> wrote: > On Wed, Dec 30, 2015 at 11:19:45AM +0100, Dmitry Vyukov wrote: >> >> This use-after-free does not reproduce on every run. It seems to be >> triggered by some race. Try to run the progr

Re: crypto: use-after-free in alg_bind

2015-12-30 Thread Dmitry Vyukov
On Wed, Dec 30, 2015 at 2:24 AM, Herbert Xu <herb...@gondor.apana.org.au> wrote: > On Tue, Dec 29, 2015 at 09:19:22PM +0100, Dmitry Vyukov wrote: >> Hello, >> >> On commit 8513342170278468bac126640a5d2d12ffbff106 >> + crypto: algif_skcipher - Use new skcipher inte

Re: crypto: use-after-free in alg_bind

2015-12-30 Thread Dmitry Vyukov
On Wed, Dec 30, 2015 at 1:24 PM, Herbert Xu <herb...@gondor.apana.org.au> wrote: > On Wed, Dec 30, 2015 at 11:58:58AM +0100, Dmitry Vyukov wrote: >> >> I forgot to diff include/crypto/if_alg.h, but the changes are there >> (otherwise all references to refcnt would not co

Re: crypto: NULL deref in sha512_mb_mgr_get_comp_job_avx2

2017-02-02 Thread Dmitry Vyukov
On Wed, Feb 1, 2017 at 7:45 PM, Tim Chen <tim.c.c...@linux.intel.com> wrote: > On Tue, Jan 31, 2017 at 02:16:31PM +0100, Dmitry Vyukov wrote: >> Hello, >> >> I am getting the following reports with low frequency while running >> syzkaller fuzzer. Unfortunately the

crypto: NULL deref in sha512_mb_mgr_get_comp_job_avx2

2017-01-31 Thread Dmitry Vyukov
Hello, I am getting the following reports with low frequency while running syzkaller fuzzer. Unfortunately they are not reproducible and happen in a background thread, so it is difficult to extract any context on my side. I see only few such crashes per week, so most likely it is some hard to

Re: [PATCH 6/7] md/raid10, LLVM: get rid of variable length array

2017-03-24 Thread Dmitry Vyukov
On Fri, Mar 17, 2017 at 9:04 PM, wrote: > On March 17, 2017 12:27:46 PM PDT, Peter Zijlstra > wrote: >>On Fri, Mar 17, 2017 at 11:52:01AM -0700, Michael Davidson wrote: >>> On Fri, Mar 17, 2017 at 5:44 AM, Peter Zijlstra >> wrote: >>>

Re: [PATCH 6/7] md/raid10, LLVM: get rid of variable length array

2017-03-24 Thread Dmitry Vyukov
On Fri, Mar 24, 2017 at 3:10 PM, Peter Zijlstra <pet...@infradead.org> wrote: > On Fri, Mar 24, 2017 at 02:50:24PM +0100, Dmitry Vyukov wrote: >> OK, I guess should not have referenced the llvm-linux page. >> So here are reasons on our side that I am ready to vouch: >> &

Re: [PATCH 6/7] md/raid10, LLVM: get rid of variable length array

2017-03-24 Thread Dmitry Vyukov
On Fri, Mar 17, 2017 at 8:29 PM, Peter Zijlstra <pet...@infradead.org> wrote: > On Fri, Mar 17, 2017 at 08:26:42PM +0100, Peter Zijlstra wrote: >> On Fri, Mar 17, 2017 at 08:05:16PM +0100, Dmitry Vyukov wrote: >> > You can also find some reasons in the Why section of LLVM-

Re: [PATCH 6/7] md/raid10, LLVM: get rid of variable length array

2017-03-17 Thread Dmitry Vyukov
On Fri, Mar 17, 2017 at 7:03 PM, Borislav Petkov wrote: > On Fri, Mar 17, 2017 at 01:32:00PM +0100, Alexander Potapenko wrote: >> > IIUC there's only a handful of VLAIS instances in LLVM code, why not >> Sorry, "kernel code", not "LLVM code". >> > just drop them for the sake of

Re: [PATCH 6/7] md/raid10, LLVM: get rid of variable length array

2017-03-17 Thread Dmitry Vyukov
On Fri, Mar 17, 2017 at 7:57 PM, Borislav Petkov <b...@alien8.de> wrote: > On Fri, Mar 17, 2017 at 07:47:33PM +0100, Dmitry Vyukov wrote: >> This problem is more general and is not specific to clang. It equally >> applies to different versions of gcc, different arches and

Re: crypto: deadlock between crypto_alg_sem/rtnl_mutex/genl_mutex

2017-03-15 Thread Dmitry Vyukov
On Tue, Mar 14, 2017 at 4:25 PM, Sowmini Varadhan <sowmini.varad...@oracle.com> wrote: > On (03/14/17 09:14), Dmitry Vyukov wrote: >> Another one now involving rds_tcp_listen_stop >: >> kworker/u4:1/19 is trying to acquire lock: >> (sk_lock-AF_INET){+.+.+.}, a

Re: [PATCH 0/7] LLVM: make x86_64 kernel build with clang.

2017-03-17 Thread Dmitry Vyukov
On Fri, Mar 17, 2017 at 1:15 AM, Michael Davidson wrote: > This patch set is sufficient to get the x86_64 kernel to build > and boot correctly with clang-3.8 or greater. > > The resulting build still has about 300 warnings, very few of > which appear to be significant. Most of

Re: crypto: deadlock between crypto_alg_sem/rtnl_mutex/genl_mutex

2017-03-14 Thread Dmitry Vyukov
On Tue, Mar 14, 2017 at 10:16 AM, Herbert Xu <herb...@gondor.apana.org.au> wrote: > On Sun, Mar 05, 2017 at 04:08:39PM +0100, Dmitry Vyukov wrote: >> >> -> #1 (genl_mutex){+.+.+.}: >>validate_chain kernel/locking/lockdep.c:2267 [inline] >>__lock_

Re: crypto: deadlock between crypto_alg_sem/rtnl_mutex/genl_mutex

2017-03-14 Thread Dmitry Vyukov
On Tue, Mar 14, 2017 at 11:25 AM, Herbert Xu <herb...@gondor.apana.org.au> wrote: > On Tue, Mar 14, 2017 at 10:44:10AM +0100, Dmitry Vyukov wrote: >> >> Yes, please. >> Disregarding some reports is not a good way long term. > > Please try this patch. Applied on

Re: crypto: deadlock between crypto_alg_sem/rtnl_mutex/genl_mutex

2017-03-14 Thread Dmitry Vyukov
On Mon, Mar 6, 2017 at 10:36 AM, Dmitry Vyukov <dvyu...@google.com> wrote: > On Sun, Mar 5, 2017 at 6:36 PM, Dmitry Vyukov <dvyu...@google.com> wrote: >> On Sun, Mar 5, 2017 at 4:08 PM, Dmitry Vyukov <dvyu...@google.com> wrote: >>> Hello, >>> >>

crypto: deadlock between crypto_alg_sem/rtnl_mutex/genl_mutex

2017-03-05 Thread Dmitry Vyukov
Hello, I am getting the following deadlock reports while running syzkaller fuzzer on net-next/8d70eeb84ab277377c017af6a21d0a337025dede: == [ INFO: possible circular locking dependency detected ] 4.10.0+ #5 Not tainted

Re: crypto: deadlock between crypto_alg_sem/rtnl_mutex/genl_mutex

2017-03-05 Thread Dmitry Vyukov
On Sun, Mar 5, 2017 at 4:08 PM, Dmitry Vyukov <dvyu...@google.com> wrote: > Hello, > > I am getting the following deadlock reports while running syzkaller > fuzzer on net-next/8d70eeb84ab277377c017af6a21d0a337025dede: > > =

Re: crypto: deadlock between crypto_alg_sem/rtnl_mutex/genl_mutex

2017-03-06 Thread Dmitry Vyukov
On Sun, Mar 5, 2017 at 6:36 PM, Dmitry Vyukov <dvyu...@google.com> wrote: > On Sun, Mar 5, 2017 at 4:08 PM, Dmitry Vyukov <dvyu...@google.com> wrote: >> Hello, >> >> I am getting the following deadlock reports while running syzkaller >> fuzzer on net-next/8

Re: x509 parsing bug + fuzzing crypto in the userspace

2017-11-28 Thread Dmitry Vyukov
On Fri, Nov 24, 2017 at 5:31 PM, Stephan Mueller <smuel...@chronox.de> wrote: > Am Freitag, 24. November 2017, 17:25:55 CET schrieb Dmitry Vyukov: > > Hi Dmitry, > >> Eric also pointed me to grep. But I can't say the code is intuitive. >> I've spent way more time than

Re: x509 parsing bug + fuzzing crypto in the userspace

2017-11-24 Thread Dmitry Vyukov
On Thu, Nov 23, 2017 at 1:35 PM, Stephan Mueller <smuel...@chronox.de> wrote: > Am Donnerstag, 23. November 2017, 12:34:54 CET schrieb Dmitry Vyukov: > > Hi Dmitry, > >> Btw, I've started doing some minimal improvements, did not yet sorted >> out alg types/names,

Re: x509 parsing bug + fuzzing crypto in the userspace

2017-11-24 Thread Dmitry Vyukov
On Fri, Nov 24, 2017 at 4:03 PM, Stephan Mueller <smuel...@chronox.de> wrote: > Am Freitag, 24. November 2017, 14:49:49 CET schrieb Dmitry Vyukov: > > Hi Dmitry, > >> I've cooked syzkaller change that teaches it to generate more >> algorithm names. Probably

Re: x509 parsing bug + fuzzing crypto in the userspace

2017-11-24 Thread Dmitry Vyukov
On Fri, Nov 24, 2017 at 5:19 PM, Stephan Mueller <smuel...@chronox.de> wrote: > Am Freitag, 24. November 2017, 17:10:59 CET schrieb Dmitry Vyukov: > > Hi Dmitry, > >> That's more-or-less what I did. Here: >> >> var allAlgs = map[int][]algDesc{ >>

Re: x509 parsing bug + fuzzing crypto in the userspace

2017-11-24 Thread Dmitry Vyukov
On Fri, Nov 24, 2017 at 3:36 PM, Stephan Mueller <smuel...@chronox.de> wrote: > Am Freitag, 24. November 2017, 14:49:49 CET schrieb Dmitry Vyukov: > > Hi Dmitry, > >> On Thu, Nov 23, 2017 at 1:35 PM, Stephan Mueller <smuel...@chronox.de> > wrote: >> > Am D

Re: x509 parsing bug + fuzzing crypto in the userspace

2017-11-24 Thread Dmitry Vyukov
On Fri, Nov 24, 2017 at 4:03 PM, Stephan Mueller <smuel...@chronox.de> wrote: > Am Freitag, 24. November 2017, 14:49:49 CET schrieb Dmitry Vyukov: > > Hi Dmitry, > >> I've cooked syzkaller change that teaches it to generate more >> algorithm names. Probably

Re: x509 parsing bug + fuzzing crypto in the userspace

2017-11-24 Thread Dmitry Vyukov
On Fri, Nov 24, 2017 at 4:13 PM, Stephan Mueller <smuel...@chronox.de> wrote: > Am Freitag, 24. November 2017, 15:55:59 CET schrieb Dmitry Vyukov: > > Hi Dmitry, > >> On Fri, Nov 24, 2017 at 3:36 PM, Stephan Mueller <smuel...@chronox.de> > wrote: >> > A

Re: x509 parsing bug + fuzzing crypto in the userspace

2017-11-23 Thread Dmitry Vyukov
On Thu, Nov 23, 2017 at 10:32 AM, Dmitry Vyukov <dvyu...@google.com> wrote: > On Wed, Nov 22, 2017 at 6:08 PM, Stephan Mueller <smuel...@chronox.de> wrote: >> Am Mittwoch, 22. November 2017, 11:44:51 CET schrieb Dmitry Vyukov: >> >> Hi Dmitry, >> >

Re: x509 parsing bug + fuzzing crypto in the userspace

2017-11-23 Thread Dmitry Vyukov
On Thu, Nov 23, 2017 at 12:10 PM, Stephan Mueller <smuel...@chronox.de> wrote: > Am Donnerstag, 23. November 2017, 10:37:35 CET schrieb Dmitry Vyukov: > > Hi Dmitry, > >> >> I've read the links and starring at the code, but still can't get it. >> >>

Re: x509 parsing bug + fuzzing crypto in the userspace

2017-11-23 Thread Dmitry Vyukov
On Thu, Nov 23, 2017 at 10:35 AM, Dmitry Vyukov <dvyu...@google.com> wrote: > On Thu, Nov 23, 2017 at 10:32 AM, Dmitry Vyukov <dvyu...@google.com> wrote: >> On Wed, Nov 22, 2017 at 6:08 PM, Stephan Mueller <smuel...@chronox.de> wrote: >>> Am Mittwoch, 22. Novemb

Re: x509 parsing bug + fuzzing crypto in the userspace

2017-11-23 Thread Dmitry Vyukov
On Thu, Nov 23, 2017 at 12:27 PM, Dmitry Vyukov <dvyu...@google.com> wrote: >> >> Hi Dmitry, >> >>> >> I've read the links and starring at the code, but still can't get it. >>> >> The question is about textual type names in sockaddr. >&

Re: x509 parsing bug + fuzzing crypto in the userspace

2017-11-23 Thread Dmitry Vyukov
On Wed, Nov 22, 2017 at 6:08 PM, Stephan Mueller <smuel...@chronox.de> wrote: > Am Mittwoch, 22. November 2017, 11:44:51 CET schrieb Dmitry Vyukov: > > Hi Dmitry, > >> >> Thanks! I think we can incorporate this into syzkaller. >> >> One question: what

Re: x509 parsing bug + fuzzing crypto in the userspace

2017-11-22 Thread Dmitry Vyukov
On Wed, Nov 22, 2017 at 5:54 PM, Stephan Mueller wrote: > Am Dienstag, 21. November 2017, 21:46:28 CET schrieb Eric Biggers: > > Hi Eric, > >> >> (There is probably more to improve for AF_ALG besides the algorithm names; >> this is just what I happened to notice for now.) > >

Re: BUG: unable to handle kernel NULL pointer dereference in kfree

2017-11-29 Thread Dmitry Vyukov
On Wed, Nov 29, 2017 at 11:24 AM, syzbot wrote: > Hello, > > syzkaller hit the following crash on > 43570f0383d6d5879ae585e6c3cf027ba321546f > git://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/master >

Re: INFO: task hung in lock_sock_nested

2017-12-12 Thread Dmitry Vyukov
On Sun, Dec 10, 2017 at 2:37 PM, syzbot wrote: > Hello, > > syzkaller hit the following crash on > 51e18a453f5f59a40c721d4aeab082b4e2e9fac6 > git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-next.git/master > compiler:

Re: INFO: task hung in aead_recvmsg

2017-12-12 Thread Dmitry Vyukov
On Sun, Dec 10, 2017 at 2:34 PM, syzbot wrote: > Hello, > > syzkaller hit the following crash on > ad4dac17f9d563b9e34aab78a34293b10993e9b5 > git://git.kernel.org/pub/scm/linux/kernel/git/next/linux-next.git/master >

Re: KASAN: use-after-free Read in crypto_aead_free_instance

2017-12-20 Thread Dmitry Vyukov
On Wed, Dec 20, 2017 at 10:17 AM, Stephan Müller wrote: > Am Mittwoch, 20. Dezember 2017, 08:48:01 CET schrieb syzbot: > > Hi, > >> Hello, >> >> syzkaller hit the following crash on >> 032b4cc8ff84490c4bc7c4ef8c91e6d83a637538 >>

Re: KASAN: use-after-free Read in crypto_aead_free_instance

2017-12-20 Thread Dmitry Vyukov
On Wed, Dec 20, 2017 at 10:55 AM, Stephan Mueller <smuel...@chronox.de> wrote: > Am Mittwoch, 20. Dezember 2017, 10:50:10 CET schrieb Dmitry Vyukov: > > Hi Dmitry, > >> On Wed, Dec 20, 2017 at 10:29 AM, Stephan Mueller <smuel...@chronox.de> > wrote: >> >

Re: KASAN: use-after-free Read in crypto_aead_free_instance

2017-12-20 Thread Dmitry Vyukov
On Wed, Dec 20, 2017 at 10:29 AM, Stephan Mueller <smuel...@chronox.de> wrote: > Am Mittwoch, 20. Dezember 2017, 10:19:43 CET schrieb Dmitry Vyukov: > > Hi Dmitry, >> > >> > This issue vanishes after applying the patch "[PATCH v2] crypto: AF_ALG - >&

Re: KASAN: use-after-free Read in crypto_aead_free_instance

2017-12-20 Thread Dmitry Vyukov
On Wed, Dec 20, 2017 at 12:49 PM, Stephan Mueller <smuel...@chronox.de> wrote: > Am Mittwoch, 20. Dezember 2017, 11:15:38 CET schrieb Dmitry Vyukov: > > Hi Dmitry, > >> >> What will be its meaning? How will it differ from fix? > > Maybe a short clarifica

Re: x509 parsing bug + fuzzing crypto in the userspace

2017-11-21 Thread Dmitry Vyukov
On Mon, Nov 20, 2017 at 10:42 PM, Eric Biggers wrote: > +Cc keyri...@vger.kernel.org (for asymmetric_keys) > > First of all, thanks for working on this! A lot of this code really needs to > be > better tested. > > On Mon, Nov 20, 2017 at 03:10:55PM +0100, Alexander

Re: BUG: unable to handle kernel paging request in hmac_init_tfm

2017-12-20 Thread Dmitry Vyukov
On Thu, Dec 21, 2017 at 12:09 AM, Eric Biggers wrote: > On Mon, Dec 18, 2017 at 11:36:01AM -0800, syzbot wrote: >> Hello, >> >> syzkaller hit the following crash on >> 6084b576dca2e898f5c101baef151f7bfdbb606d >>

Re: [PATCH] crypto: pcrypt - fix freeing pcrypt instances

2017-12-21 Thread Dmitry Vyukov
On Wed, Dec 20, 2017 at 11:28 PM, Eric Biggers wrote: > From: Eric Biggers > > pcrypt is using the old way of freeing instances, where the ->free() > method specified in the 'struct crypto_template' is passed a pointer to > the 'struct crypto_instance'.

Re: WARNING: kernel stack regs has bad 'bp' value (3)

2018-05-12 Thread Dmitry Vyukov
On Sat, May 12, 2018 at 11:09 AM, Ard Biesheuvel <ard.biesheu...@linaro.org> wrote: > (+ Arnd) > > On 12 May 2018 at 10:43, Dmitry Vyukov <dvyu...@google.com> wrote: >> On Fri, Feb 2, 2018 at 11:18 PM, Eric Biggers <ebigge...@gmail.com> wrote: >>> On Fri

Re: WARNING: kernel stack regs has bad 'bp' value (3)

2018-05-12 Thread Dmitry Vyukov
On Fri, Feb 2, 2018 at 11:18 PM, Eric Biggers <ebigge...@gmail.com> wrote: > On Fri, Feb 02, 2018 at 02:57:32PM +0100, Dmitry Vyukov wrote: >> On Fri, Feb 2, 2018 at 2:48 PM, syzbot >> <syzbot+ffa3a158337bbc01f...@syzkaller.appspotmail.com> wrote: >> > Hello

[PATCH] crypto: don't optimize keccakf()

2018-06-08 Thread Dmitry Vyukov
callers and keccakf_round() wasn't inlined into keccakf(). Drop __optimize() to resolve both problems. Signed-off-by: Dmitry Vyukov Fixes: 83dee2ce1ae7 ("crypto: sha3-generic - rewrite KECCAK transform to help the compiler optimize") Reported-by: syzbot+37035cc

Re: KASAN: use-after-free Read in crypto_destroy_tfm

2018-05-26 Thread Dmitry Vyukov
On Sat, May 26, 2018 at 7:40 PM, syzbot wrote: > Hello, > > syzbot found the following crash on: > > HEAD commit:0644f186fc9d Merge tag 'for_linus' of git://git.kernel.org.. > git tree: upstream > console output:

Re: WARNING: kernel stack regs has bad 'bp' value (2)

2017-12-27 Thread Dmitry Vyukov
On Thu, Nov 30, 2017 at 10:17 AM, Eric Biggers wrote: > On Tue, Nov 28, 2017 at 10:36:01AM -0800, syzbot wrote: >> WARNING: kernel stack regs at 8801c1e5f468 in syzkaller196611:6199 has >> bad 'bp' value 0001 >> unwind stack type:0 next_sp: (null)

Re: WARNING: kernel stack regs has bad 'bp' value (3)

2018-02-02 Thread Dmitry Vyukov
On Fri, Feb 2, 2018 at 2:48 PM, syzbot wrote: > Hello, > > syzbot hit the following crash on upstream commit > 7109a04eae81c41ed529da9f3c48c3655ccea741 (Thu Feb 1 17:37:30 2018 +) > Merge

Re: BUG: unable to handle kernel paging request in hmac_init_tfm

2017-12-22 Thread Dmitry Vyukov
On Fri, Dec 22, 2017 at 3:27 AM, Eric Biggers <ebigge...@gmail.com> wrote: > On Thu, Dec 21, 2017 at 08:44:03AM +0100, 'Dmitry Vyukov' via syzkaller-bugs > wrote: >> On Thu, Dec 21, 2017 at 12:09 AM, Eric Biggers <ebigge...@gmail.com> wrote: >> > On Mon, Dec 18,

Re: WARNING: kernel stack regs has bad 'bp' value (2)

2017-12-27 Thread Dmitry Vyukov
On Wed, Dec 27, 2017 at 7:29 PM, Dmitry Vyukov <dvyu...@google.com> wrote: > On Thu, Nov 30, 2017 at 10:17 AM, Eric Biggers <ebigge...@gmail.com> wrote: >> On Tue, Nov 28, 2017 at 10:36:01AM -0800, syzbot wrote: >>> WARNING: kernel stack regs at 8801c1e5f468 in sy

Re: WARNING in kmem_cache_free

2018-04-08 Thread Dmitry Vyukov
On Sun, Apr 8, 2018 at 12:26 PM, Dmitry Vyukov <dvyu...@google.com> wrote: > On Sun, Apr 8, 2018 at 8:01 AM, Matthew Wilcox <wi...@infradead.org> wrote: >> On Fri, Apr 06, 2018 at 03:33:36PM +0200, Dmitry Vyukov wrote: >>> On Fri, Apr 6, 2018 at 3:24 PM, syzbot

Re: WARNING in kmem_cache_free

2018-04-08 Thread Dmitry Vyukov
On Sun, Apr 8, 2018 at 5:31 PM, Stephan Müller <smuel...@chronox.de> wrote: > Am Sonntag, 8. April 2018, 13:18:06 CEST schrieb Dmitry Vyukov: > > Hi Dmitry, > >> >> Running syz-repro utility on this log, I think I've found the guilty guy: >> https:

Re: [PATCH] crypto: DRBG - guard uninstantion by lock

2018-04-10 Thread Dmitry Vyukov
On Mon, Apr 9, 2018 at 9:57 AM, Dmitry Vyukov <dvyu...@google.com> wrote: > On Mon, Apr 9, 2018 at 7:40 AM, Stephan Mueller <smuel...@chronox.de> wrote: >> Am Montag, 9. April 2018, 00:46:03 CEST schrieb Theodore Y. Ts'o: >> >> Hi Theodore, >>> >&

Re: [PATCH] crypto: DRBG - guard uninstantion by lock

2018-04-11 Thread Dmitry Vyukov
On Tue, Apr 10, 2018 at 5:35 PM, Stephan Mueller <smuel...@chronox.de> wrote: > Am Dienstag, 10. April 2018, 17:23:46 CEST schrieb Dmitry Vyukov: > > Hi Dmitry, > >> Stephan, >> >> Do you have any hypothesis as to why this is not detected by KASAN and >>

Re: [PATCH] crypto: DRBG - guard uninstantion by lock

2018-04-11 Thread Dmitry Vyukov
On Wed, Apr 11, 2018 at 4:26 PM, Stephan Müller wrote: > Hi Dimitry, > > This fix prevents the kernel from crashing when injecting the fault. Good! > Stack traces are yet shown but I guess that is expected every time > a fault is injected. Yes, nothing to fix here. > As

Re: [PATCH] AF_ALG: register completely initialized request in list

2018-04-09 Thread Dmitry Vyukov
On Sun, Apr 8, 2018 at 7:57 PM, Stephan Müller wrote: > Hi, > > May I ask to check whether this patch fixes the issue? I cannot re-create > the issue with the reproducter. Yet, as far as I understand, you try to > induce errors which shall validate whether the error code

Re: [PATCH] crypto: DRBG - guard uninstantion by lock

2018-04-09 Thread Dmitry Vyukov
On Mon, Apr 9, 2018 at 7:40 AM, Stephan Mueller wrote: > Am Montag, 9. April 2018, 00:46:03 CEST schrieb Theodore Y. Ts'o: > > Hi Theodore, >> >> So the syzbot will run while the patch goes through the normal e-mail >> review process, which is kind of neat. :-) > > Thank you

Re: WARNING: kernel stack frame pointer has bad value

2018-04-19 Thread Dmitry Vyukov
On Thu, Apr 19, 2018 at 5:57 PM, syzbot wrote: > Hello, > > syzbot hit the following crash on upstream commit > 48023102b7078a6674516b1fe0d639669336049d (Fri Apr 13 23:55:41 2018 +) > Merge branch 'overlayfs-linus' of >

Re: WARNING: kernel stack regs at (ptrval) in syzkaller has bad 'bp' value (ptrval)

2018-04-23 Thread Dmitry Vyukov
On Mon, Apr 23, 2018 at 12:10 PM, syzbot wrote: > Hello, > > syzbot hit the following crash on upstream commit > 5ec83b22a2dd13180762c89698e4e2c2881a423c (Sun Apr 22 19:13:04 2018 +) > Merge tag '4.17-rc1-SMB3-CIFS' of