Home Home > GIT Browse > SLE15
summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorMichal Suchanek <msuchanek@suse.de>2019-06-24 19:17:51 +0200
committerMichal Suchanek <msuchanek@suse.de>2019-06-25 15:59:22 +0200
commitb90bc9fa36b0a70ec3caa57dc23d3abfa7046d5f (patch)
tree19a324d9354c77584bf40ab5259b8dd7435a56f8
parent68e4b01caa2b2d0e1607c5ab787e67ad4324fc0b (diff)
crypto: algapi - guard against uninitialized spawn list in
crypto_remove_spawns (bsc#1133401).
-rw-r--r--patches.fixes/crypto-algapi-guard-against-uninitialized-spawn-list.patch62
-rw-r--r--series.conf1
2 files changed, 63 insertions, 0 deletions
diff --git a/patches.fixes/crypto-algapi-guard-against-uninitialized-spawn-list.patch b/patches.fixes/crypto-algapi-guard-against-uninitialized-spawn-list.patch
new file mode 100644
index 0000000000..79c7eedc66
--- /dev/null
+++ b/patches.fixes/crypto-algapi-guard-against-uninitialized-spawn-list.patch
@@ -0,0 +1,62 @@
+From 26087c9dda1e9fdc646fc7c04e5f533e609abe15 Mon Sep 17 00:00:00 2001
+From: Michal Suchanek <msuchanek@suse.de>
+Date: Sat, 22 Jun 2019 14:50:52 +0200
+Subject: [PATCH] crypto: algapi - guard against uninitialized spawn list in
+ crypto_remove_spawns
+
+References: bsc#1133401
+Patch-mainline: submitted https://patchwork.kernel.org/patch/11014809/
+
+In practice you can encounter uninitialized spawn list at the very beginning of
+crypto_remove_spawns.
+
+Fixes: 9a00674213a3 ("crypto: algapi - fix NULL dereference in crypto_remove_spawns()")
+
+Signed-off-by: Michal Suchanek <msuchanek@suse.de>
+---
+ crypto/algapi.c | 22 +++++++++++++---------
+ 1 file changed, 13 insertions(+), 9 deletions(-)
+
+diff --git a/crypto/algapi.c b/crypto/algapi.c
+index 305895b22192..c832f9efb6ca 100644
+--- a/crypto/algapi.c
++++ b/crypto/algapi.c
+@@ -142,6 +142,18 @@ void crypto_remove_spawns(struct crypto_alg *alg, struct list_head *list,
+ LIST_HEAD(top);
+
+ spawns = &alg->cra_users;
++
++ /*
++ * We may encounter an unregistered instance here, since an instance's
++ * spawns are set up prior to the instance being registered.
++ * An unregistered instance will have NULL ->cra_users.next, since
++ * ->cra_users isn't properly initialized until registration. But an
++ * unregistered instance cannot have any users, so treat it the same as
++ * ->cra_users being empty.
++ */
++ if (spawns->next == NULL)
++ return;
++
+ list_for_each_entry_safe(spawn, n, spawns, list) {
+ if ((spawn->alg->cra_flags ^ new_type) & spawn->mask)
+ continue;
+@@ -168,15 +180,7 @@ void crypto_remove_spawns(struct crypto_alg *alg, struct list_head *list,
+ spawn->alg = NULL;
+ spawns = &inst->alg.cra_users;
+
+- /*
+- * We may encounter an unregistered instance here, since
+- * an instance's spawns are set up prior to the instance
+- * being registered. An unregistered instance will have
+- * NULL ->cra_users.next, since ->cra_users isn't
+- * properly initialized until registration. But an
+- * unregistered instance cannot have any users, so treat
+- * it the same as ->cra_users being empty.
+- */
++ /* Guard against unregistered instance */
+ if (spawns->next == NULL)
+ break;
+ }
+--
+2.12.3
+
diff --git a/series.conf b/series.conf
index 01a7056018..193763fa70 100644
--- a/series.conf
+++ b/series.conf
@@ -22939,6 +22939,7 @@
patches.suse/0001-iommu-vt-d-Fix-race-condition-in-add_unmap.patch
patches.drivers/Linux-v5.0-rc7-bcm2835-MMC-issues.patch
+ patches.fixes/crypto-algapi-guard-against-uninitialized-spawn-list.patch
########################################################
# Filesystem