Received: by 2002:a05:6358:3188:b0:123:57c1:9b43 with SMTP id q8csp27381767rwd;
        Tue, 4 Jul 2023 02:04:24 -0700 (PDT)
X-Google-Smtp-Source: APBJJlFtWuh3j/F7xTbCYBOWd8NAy23ya+9P2Yuoy4Sgszl9pzQygA8y4dEqvAFM7p7YTYYYSZkB
X-Received: by 2002:a05:6a00:1d05:b0:67f:8ef5:2643 with SMTP id a5-20020a056a001d0500b0067f8ef52643mr14376466pfx.2.1688461464024;
        Tue, 04 Jul 2023 02:04:24 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1688461464; cv=none;
        d=google.com; s=arc-20160816;
        b=lG8DqYaPmk/QjiI0hnFa6gRke82QHJIOaPp35IznknB4rkLNvXqZzTvA1ERHp5oaqu
         QPjpEuLuV+w76AIXF+waFxz5oD6xFktrinn1n2OUiVy1XB4ujPxYc/zoyUOYB4Zdai4D
         TGN4zussXTqSEjhrGAoznZWPU/WNAvNyWR6UOXfBHhChcp/UEisJYfyzLB8tdgB/Jx7w
         doYkiHXjkHBCLmScZMVOesEuY07uJjyqLN4hfA6/8ybpNv30LzhzlguIInQDt5kRj4ms
         aoavgKEvxvEe2Bwjz4QKdqwdTf3qiEbdE4cox7kcyKmbrV5c8MRa4sEm7u1Vg6P+Lgsi
         txgQ==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:message-id:date:content-id:mime-version:subject
         :cc:to:references:in-reply-to:from:organization:dkim-signature;
        bh=zdyxwyfyCuKz7/7BHOPg3TNF1zFyGIHGDllKl8O41gE=;
        fh=5Q7brpoQfJwDeAKDbnKaro+PXe6mlNwbWrU1Ou18mzM=;
        b=U6is+2He3SzUZTTqKPk2xubX7YmyMTMtybMjEbSd+mmymYFSJpFUiEJe4e8WgXu2va
         yQUzy7lnS0I+XRBbyU85lJjhtI58xkzknJLkiqmv69GOv1WNsAq2emF+zE1rXrOGeDRL
         59ehNjdsWutlnvckG3dUJ5onUglC60ghfP+df4gqJsEALW3xuBsI+YCdYDRvE2cpE00H
         GRUicHXy+rJqvuPItadEaWqgMzSejuCsW3qwm4mzZWljG7gQIfvgdA3yrvW/hYKmtKW1
         7JEfdqTLUjLshVdpanjftG0fRGL3X0nhtcdBYpWSr0TJZ+gLHjSnqcr7wPtTfo30z57h
         /wZA==
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=pass header.i=@redhat.com header.s=mimecast20190719 header.b=jWLJsInS;
       spf=pass (google.com: domain of linux-crypto-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=redhat.com
Return-Path: <linux-crypto-owner@vger.kernel.org>
Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20])
        by mx.google.com with ESMTP id bv7-20020a056a00414700b0064d28479818si18364274pfb.96.2023.07.04.02.04.03;
        Tue, 04 Jul 2023 02:04:24 -0700 (PDT)
Received-SPF: pass (google.com: domain of linux-crypto-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20;
Authentication-Results: mx.google.com;
       dkim=pass header.i=@redhat.com header.s=mimecast20190719 header.b=jWLJsInS;
       spf=pass (google.com: domain of linux-crypto-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=redhat.com
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S229994AbjGDIvu (ORCPT <rfc822;proase2022@gmail.com> + 99 others);
        Tue, 4 Jul 2023 04:51:50 -0400
Received: from lindbergh.monkeyblade.net ([23.128.96.19]:58766 "EHLO
        lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S229708AbjGDIvt (ORCPT
        <rfc822;linux-crypto@vger.kernel.org>);
        Tue, 4 Jul 2023 04:51:49 -0400
Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.133.124])
        by lindbergh.monkeyblade.net (Postfix) with ESMTPS id C610D10DF
        for <linux-crypto@vger.kernel.org>; Tue,  4 Jul 2023 01:51:02 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com;
        s=mimecast20190719; t=1688460661;
        h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
         to:to:cc:cc:mime-version:mime-version:content-type:content-type:
         in-reply-to:in-reply-to:references:references;
        bh=zdyxwyfyCuKz7/7BHOPg3TNF1zFyGIHGDllKl8O41gE=;
        b=jWLJsInSvF2oQRYBtZVnQXYo9ad8f3p/vbrHwX22TaNyURQwDp3CAakXpet1GOrR6vl5Lx
        2/E1HvdC13vRogDhmmIfberkUnhEQUO7qIV8SA9sAwEaKGY/+7ez5GtY2e7m8YiPMSZFIF
        /AxUbjnbd0wnYF6BxGVyY4TGIjYJ6Ik=
Received: from mimecast-mx02.redhat.com (mimecast-mx02.redhat.com
 [66.187.233.88]) by relay.mimecast.com with ESMTP with STARTTLS
 (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id
 us-mta-472-75wUcZQuO5O7AiS-mVACww-1; Tue, 04 Jul 2023 04:50:58 -0400
X-MC-Unique: 75wUcZQuO5O7AiS-mVACww-1
Received: from smtp.corp.redhat.com (int-mx06.intmail.prod.int.rdu2.redhat.com [10.11.54.6])
        (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits))
        (No client certificate requested)
        by mimecast-mx02.redhat.com (Postfix) with ESMTPS id 5FE6F1044590;
        Tue,  4 Jul 2023 08:50:58 +0000 (UTC)
Received: from warthog.procyon.org.uk (unknown [10.42.28.195])
        by smtp.corp.redhat.com (Postfix) with ESMTP id 14DE62166B34;
        Tue,  4 Jul 2023 08:50:38 +0000 (UTC)
Organization: Red Hat UK Ltd. Registered Address: Red Hat UK Ltd, Amberley
        Place, 107-111 Peascod Street, Windsor, Berkshire, SI4 1TE, United
        Kingdom.
        Registered in England and Wales under Company Registration No. 3798903
From:   David Howells <dhowells@redhat.com>
In-Reply-To: <CAAUqJDvFuvms55Td1c=XKv6epfRnnP78438nZQ-JKyuCptGBiQ@mail.gmail.com>
References: <CAAUqJDvFuvms55Td1c=XKv6epfRnnP78438nZQ-JKyuCptGBiQ@mail.gmail.com>
To:     Ondrej Mosnacek <omosnacek@gmail.com>
Cc:     dhowells@redhat.com,
        Linux Crypto Mailing List <linux-crypto@vger.kernel.org>,
        Herbert Xu <herbert@gondor.apana.org.au>,
        Paolo Abeni <pabeni@redhat.com>, netdev@vger.kernel.org
Subject: Re: Regression bisected to "crypto: af_alg: Convert af_alg_sendpage() to use MSG_SPLICE_PAGES"
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-ID: <1357759.1688460637.1@warthog.procyon.org.uk>
Date:   Tue, 04 Jul 2023 09:50:37 +0100
Message-ID: <1357760.1688460637@warthog.procyon.org.uk>
X-Scanned-By: MIMEDefang 3.1 on 10.11.54.6
X-Spam-Status: No, score=-2.1 required=5.0 tests=BAYES_00,DKIMWL_WL_HIGH,
        DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_NONE,
        RCVD_IN_MSPIKE_H4,RCVD_IN_MSPIKE_WL,SPF_HELO_NONE,SPF_NONE,
        T_SCC_BODY_TEXT_LINE autolearn=ham autolearn_force=no version=3.4.6
X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on
        lindbergh.monkeyblade.net
Precedence: bulk
List-ID: <linux-crypto.vger.kernel.org>
X-Mailing-List: linux-crypto@vger.kernel.org

One problem with libkcapi is that it's abusing vmsplice().  It must not use
vmsplice(SPLICE_F_GIFT) on a buffer that's in the heap.  To quote the manual
page:

	      The user pages are a gift to the kernel.   The  application  may
              not  modify  this  memory ever, otherwise the page cache and on-
              disk data may differ.  Gifting pages to the kernel means that  a
              subsequent  splice(2)  SPLICE_F_MOVE  can  successfully move the
              pages;  if  this  flag  is  not  specified,  then  a  subsequent
              splice(2)  SPLICE_F_MOVE must copy the pages.  Data must also be
              properly page aligned, both in memory and length.

Basically, this can destroy the integrity of the process's heap as the
allocator may have metadata there that then gets excised.

If I remove the flag, it still crashes, so that's not the only problem.

David