Received: by 2002:a05:6358:3188:b0:123:57c1:9b43 with SMTP id q8csp27381767rwd; Tue, 4 Jul 2023 02:04:24 -0700 (PDT) X-Google-Smtp-Source: APBJJlFtWuh3j/F7xTbCYBOWd8NAy23ya+9P2Yuoy4Sgszl9pzQygA8y4dEqvAFM7p7YTYYYSZkB X-Received: by 2002:a05:6a00:1d05:b0:67f:8ef5:2643 with SMTP id a5-20020a056a001d0500b0067f8ef52643mr14376466pfx.2.1688461464024; Tue, 04 Jul 2023 02:04:24 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1688461464; cv=none; d=google.com; s=arc-20160816; b=lG8DqYaPmk/QjiI0hnFa6gRke82QHJIOaPp35IznknB4rkLNvXqZzTvA1ERHp5oaqu QPjpEuLuV+w76AIXF+waFxz5oD6xFktrinn1n2OUiVy1XB4ujPxYc/zoyUOYB4Zdai4D TGN4zussXTqSEjhrGAoznZWPU/WNAvNyWR6UOXfBHhChcp/UEisJYfyzLB8tdgB/Jx7w doYkiHXjkHBCLmScZMVOesEuY07uJjyqLN4hfA6/8ybpNv30LzhzlguIInQDt5kRj4ms aoavgKEvxvEe2Bwjz4QKdqwdTf3qiEbdE4cox7kcyKmbrV5c8MRa4sEm7u1Vg6P+Lgsi txgQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:message-id:date:content-id:mime-version:subject :cc:to:references:in-reply-to:from:organization:dkim-signature; bh=zdyxwyfyCuKz7/7BHOPg3TNF1zFyGIHGDllKl8O41gE=; fh=5Q7brpoQfJwDeAKDbnKaro+PXe6mlNwbWrU1Ou18mzM=; b=U6is+2He3SzUZTTqKPk2xubX7YmyMTMtybMjEbSd+mmymYFSJpFUiEJe4e8WgXu2va yQUzy7lnS0I+XRBbyU85lJjhtI58xkzknJLkiqmv69GOv1WNsAq2emF+zE1rXrOGeDRL 59ehNjdsWutlnvckG3dUJ5onUglC60ghfP+df4gqJsEALW3xuBsI+YCdYDRvE2cpE00H GRUicHXy+rJqvuPItadEaWqgMzSejuCsW3qwm4mzZWljG7gQIfvgdA3yrvW/hYKmtKW1 7JEfdqTLUjLshVdpanjftG0fRGL3X0nhtcdBYpWSr0TJZ+gLHjSnqcr7wPtTfo30z57h /wZA== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@redhat.com header.s=mimecast20190719 header.b=jWLJsInS; spf=pass (google.com: domain of linux-crypto-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=redhat.com Return-Path: Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id bv7-20020a056a00414700b0064d28479818si18364274pfb.96.2023.07.04.02.04.03; Tue, 04 Jul 2023 02:04:24 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-crypto-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@redhat.com header.s=mimecast20190719 header.b=jWLJsInS; spf=pass (google.com: domain of linux-crypto-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=redhat.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S229994AbjGDIvu (ORCPT + 99 others); Tue, 4 Jul 2023 04:51:50 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:58766 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229708AbjGDIvt (ORCPT ); Tue, 4 Jul 2023 04:51:49 -0400 Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.133.124]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id C610D10DF for ; Tue, 4 Jul 2023 01:51:02 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1688460661; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: in-reply-to:in-reply-to:references:references; bh=zdyxwyfyCuKz7/7BHOPg3TNF1zFyGIHGDllKl8O41gE=; b=jWLJsInSvF2oQRYBtZVnQXYo9ad8f3p/vbrHwX22TaNyURQwDp3CAakXpet1GOrR6vl5Lx 2/E1HvdC13vRogDhmmIfberkUnhEQUO7qIV8SA9sAwEaKGY/+7ez5GtY2e7m8YiPMSZFIF /AxUbjnbd0wnYF6BxGVyY4TGIjYJ6Ik= Received: from mimecast-mx02.redhat.com (mimecast-mx02.redhat.com [66.187.233.88]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id us-mta-472-75wUcZQuO5O7AiS-mVACww-1; Tue, 04 Jul 2023 04:50:58 -0400 X-MC-Unique: 75wUcZQuO5O7AiS-mVACww-1 Received: from smtp.corp.redhat.com (int-mx06.intmail.prod.int.rdu2.redhat.com [10.11.54.6]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx02.redhat.com (Postfix) with ESMTPS id 5FE6F1044590; Tue, 4 Jul 2023 08:50:58 +0000 (UTC) Received: from warthog.procyon.org.uk (unknown [10.42.28.195]) by smtp.corp.redhat.com (Postfix) with ESMTP id 14DE62166B34; Tue, 4 Jul 2023 08:50:38 +0000 (UTC) Organization: Red Hat UK Ltd. Registered Address: Red Hat UK Ltd, Amberley Place, 107-111 Peascod Street, Windsor, Berkshire, SI4 1TE, United Kingdom. Registered in England and Wales under Company Registration No. 3798903 From: David Howells In-Reply-To: References: To: Ondrej Mosnacek Cc: dhowells@redhat.com, Linux Crypto Mailing List , Herbert Xu , Paolo Abeni , netdev@vger.kernel.org Subject: Re: Regression bisected to "crypto: af_alg: Convert af_alg_sendpage() to use MSG_SPLICE_PAGES" MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-ID: <1357759.1688460637.1@warthog.procyon.org.uk> Date: Tue, 04 Jul 2023 09:50:37 +0100 Message-ID: <1357760.1688460637@warthog.procyon.org.uk> X-Scanned-By: MIMEDefang 3.1 on 10.11.54.6 X-Spam-Status: No, score=-2.1 required=5.0 tests=BAYES_00,DKIMWL_WL_HIGH, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_NONE, RCVD_IN_MSPIKE_H4,RCVD_IN_MSPIKE_WL,SPF_HELO_NONE,SPF_NONE, T_SCC_BODY_TEXT_LINE autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org One problem with libkcapi is that it's abusing vmsplice(). It must not use vmsplice(SPLICE_F_GIFT) on a buffer that's in the heap. To quote the manual page: The user pages are a gift to the kernel. The application may not modify this memory ever, otherwise the page cache and on- disk data may differ. Gifting pages to the kernel means that a subsequent splice(2) SPLICE_F_MOVE can successfully move the pages; if this flag is not specified, then a subsequent splice(2) SPLICE_F_MOVE must copy the pages. Data must also be properly page aligned, both in memory and length. Basically, this can destroy the integrity of the process's heap as the allocator may have metadata there that then gets excised. If I remove the flag, it still crashes, so that's not the only problem. David