Received: by 2002:a05:6359:c8b:b0:c7:702f:21d4 with SMTP id go11csp3195594rwb; Thu, 29 Sep 2022 23:17:05 -0700 (PDT) X-Google-Smtp-Source: AMsMyM4eZvjrJLZeXvJ6IdZTGIxGbnJbrJYoobQcOSfCAKOGvQ+4pq8FyKAUF8XGz667fUwOdIlt X-Received: by 2002:a17:902:c949:b0:178:323f:6184 with SMTP id i9-20020a170902c94900b00178323f6184mr7493604pla.130.1664518624835; Thu, 29 Sep 2022 23:17:04 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1664518624; cv=none; d=google.com; s=arc-20160816; b=mbaUVxYyDFmz5Oo1SDd7xPMKmWxDVFm+ic9p/f8l+jGM+RDRLrZUG4CPcu6pUTsvNR yNSqO39npiIm5ubGHEBPYgG0sGRKxG0p3Ohr5cn6h2tJhytsh3lfdLAuh8Z/lkFKB2Hr AVf5MB5QgOj0crdx+JXdy7T1VAlyOHKC+gR4CO18sZnyRFqmELGv2IJYCt1Wb580zNjQ d/jrsXKiz4XyZT+tl+W72H0g/kKB8kxWjybB+9+fyKbX8txjQz9Zy82EEsUedWCDa7Wm Vls4jlZzpKD1XtxZsGpC2wV2g71he9ZlWlhkiQjB2OtXhAdcU//K0ghf+1lEKYHFx02/ Srrw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:in-reply-to:content-disposition:mime-version :references:message-id:subject:cc:to:from:date; bh=3eVb9DdL1oIKMmgtCimY8jGHMUDEN0lMIcaAtIKp0Xk=; b=pf0Y5M5oZhFFSnQSX0o3c1Oc/02OgfxpZGt65eLr+T+Ptx0b7FwQfZkFeNggrh7aKQ cRJ5GtBHtxSAhpiALO7oIht0y7jarnquQrYjM1N1hNtVkvWN86FpltiGBv/H+j/Xgtt3 uPWXzJW01A8BcY6XFkse80Z33pahmU8ABnEaaW6SIfvcs6YHFRtX+dIrX9kRT+mw4T0X djmFsxeAVd0HqaBQqi/7ENpI+K8ZMAeEPPNrJEzxbNnV+9gEI56NXjrHB/Ap/J01etNQ W01ZDqr880OM6C+m0lvX+IVDnVj1h0fCIU64xGePihsvJBFKm6G3EVqa1EjlNc/386F4 SqTA== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of linux-crypto-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org Return-Path: Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id 140-20020a630292000000b0043aebb63fc9si2066843pgc.732.2022.09.29.23.16.52; Thu, 29 Sep 2022 23:17:04 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-crypto-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; spf=pass (google.com: domain of linux-crypto-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S230258AbiI3GPB (ORCPT + 99 others); Fri, 30 Sep 2022 02:15:01 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:46032 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S230259AbiI3GOr (ORCPT ); Fri, 30 Sep 2022 02:14:47 -0400 Received: from fornost.hmeau.com (helcar.hmeau.com [216.24.177.18]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 5AB39230; Thu, 29 Sep 2022 23:14:32 -0700 (PDT) Received: from gwarestrin.arnor.me.apana.org.au ([192.168.103.7]) by fornost.hmeau.com with smtp (Exim 4.94.2 #2 (Debian)) id 1oe9Hy-00A54p-Fm; Fri, 30 Sep 2022 16:14:23 +1000 Received: by gwarestrin.arnor.me.apana.org.au (sSMTP sendmail emulation); Fri, 30 Sep 2022 14:14:22 +0800 Date: Fri, 30 Sep 2022 14:14:22 +0800 From: Herbert Xu To: Lei He Cc: mst@redhat.com, arei.gonglei@huawei.com, linux-crypto@vger.kernel.org, linux-kernel@vger.kernel.org, pizhenwei@bytedance.com Subject: Re: [PATCH v2 RESEND] virtio-crypto: fix memory-leak Message-ID: References: <20220919075158.3625-1-helei.sig11@bytedance.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20220919075158.3625-1-helei.sig11@bytedance.com> X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00,SPF_HELO_NONE, SPF_PASS autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org On Mon, Sep 19, 2022 at 03:51:58PM +0800, Lei He wrote: > From: lei he > > Fix memory-leak for virtio-crypto akcipher request, this problem is > introduced by 59ca6c93387d3(virtio-crypto: implement RSA algorithm). > The leak can be reproduced and tested with the following script > inside virtual machine: > > #!/bin/bash > > LOOP_TIMES=10000 > > # required module: pkcs8_key_parser, virtio_crypto > modprobe pkcs8_key_parser # if CONFIG_PKCS8_PRIVATE_KEY_PARSER=m > modprobe virtio_crypto # if CONFIG_CRYPTO_DEV_VIRTIO=m > rm -rf /tmp/data > dd if=/dev/random of=/tmp/data count=1 bs=230 > > # generate private key and self-signed cert > openssl req -nodes -x509 -newkey rsa:2048 -keyout key.pem \ > -outform der -out cert.der \ > -subj "/C=CN/ST=GD/L=SZ/O=vihoo/OU=dev/CN=always.com/emailAddress=yy@always.com" > # convert private key from pem to der > openssl pkcs8 -in key.pem -topk8 -nocrypt -outform DER -out key.der > > # add key > PRIV_KEY_ID=`cat key.der | keyctl padd asymmetric test_priv_key @s` > echo "priv key id = "$PRIV_KEY_ID > PUB_KEY_ID=`cat cert.der | keyctl padd asymmetric test_pub_key @s` > echo "pub key id = "$PUB_KEY_ID > > # query key > keyctl pkey_query $PRIV_KEY_ID 0 > keyctl pkey_query $PUB_KEY_ID 0 > > # here we only run pkey_encrypt becasuse it is the fastest interface > function bench_pub() { > keyctl pkey_encrypt $PUB_KEY_ID 0 /tmp/data enc=pkcs1 >/tmp/enc.pub > } > > # do bench_pub in loop to obtain the memory leak > for (( i = 0; i < ${LOOP_TIMES}; ++i )); do > bench_pub > done > > Signed-off-by: lei he > Acked-by: Michael S. Tsirkin > Reviewed-by: Gonglei > --- > drivers/crypto/virtio/virtio_crypto_akcipher_algs.c | 4 ++++ > 1 file changed, 4 insertions(+) Patch applied. Thanks. -- Email: Herbert Xu Home Page: http://gondor.apana.org.au/~herbert/ PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt