Received: by 2002:a05:6358:3188:b0:123:57c1:9b43 with SMTP id q8csp27392870rwd; Tue, 4 Jul 2023 02:15:08 -0700 (PDT) X-Google-Smtp-Source: APBJJlEVGYke+bP5J2QDVfP8UD90X9cKGDbEk20qtkp57Wci3oOCDrvxWX1qbefBbMEUV+qMbRpy X-Received: by 2002:a17:90b:4397:b0:263:e4bb:1367 with SMTP id in23-20020a17090b439700b00263e4bb1367mr1228041pjb.0.1688462107951; Tue, 04 Jul 2023 02:15:07 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1688462107; cv=none; d=google.com; s=arc-20160816; b=OA5AZJf1RHBomOngNPSVDojzVoeGbmifhXUW2bNNk5swOmBT678OgDs0hN0109yBXw MT2hH2af1+ksjMGts+YA7tPJPTRqVV02vysidZKaMA6ttqqUE8Ww81XCmB01Ps1D7o+U z5ULUM8LPjml+qO6IT0fOl03Pkc849e38w9zzLg5rmtL9JTaGNJvK9gVYS/GpK7iihFv 0CXRZWmbboIobFeb2igkmD3vck9twdiiAvw4UPDSrFRwY5iAgleJ11CqOjcQiRnxHAjq eOwxKqpV/DYTvuHVqIBHqQtF4zcnHP9bDZDaU2U0O3L1obgx85mKv89zZ3P7aLq4s8iD LU8w== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:in-reply-to:content-disposition:mime-version :references:message-id:subject:cc:to:from:date; bh=KOS2Iaz1IvO60IGRq3MEFN34L6+RfAJ8eyGq8vozsrc=; fh=FuuxaJ3obNelM+QMUih2Qu8vLQnx8VD9lWBQyhxk96k=; b=cOhlilfD+ZDcWYoXDHzRVCtuD4tIoYe9ToOkNPuCBV4bAMOdhRwVxy9Di/9+sAcSdN xFRKhccDZ0abts5N+ClEX6diynccoz4oaQxE2B7Cf5jqA+Yln3SnVJ8J8opA2dp01xLf VHuWbKJGt9H95s2P+g90uy2ChHOHQY7oT6TiRxPlDYx9qjyiKXX0BPUZPTXJfRIReQNj O9VscTxF7ex6SXeSLdCoxrfLNmWwjV0FotTn6zipKX6NDZwMNZZX9Yz40wbDJIq39J6Y mGVOagCTNY82KwrJRmCYfsi05ihWYmMN20FvaEF9aP/wIumSKsgjsxBBs81ZD6IKOvAv 5/7A== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of linux-crypto-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org Return-Path: Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id i9-20020a17090a650900b002509d96227esi22373158pjj.173.2023.07.04.02.14.54; Tue, 04 Jul 2023 02:15:07 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-crypto-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; spf=pass (google.com: domain of linux-crypto-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S229598AbjGDJEi (ORCPT + 99 others); Tue, 4 Jul 2023 05:04:38 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:37104 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S231336AbjGDJEg (ORCPT ); Tue, 4 Jul 2023 05:04:36 -0400 Received: from 167-179-156-38.a7b39c.syd.nbn.aussiebb.net (167-179-156-38.a7b39c.syd.nbn.aussiebb.net [167.179.156.38]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id AA136127; Tue, 4 Jul 2023 02:04:29 -0700 (PDT) Received: from gwarestrin.arnor.me.apana.org.au ([192.168.103.7]) by fornost.hmeau.com with smtp (Exim 4.94.2 #2 (Debian)) id 1qGbxR-000RVO-1q; Tue, 04 Jul 2023 19:04:26 +1000 Received: by gwarestrin.arnor.me.apana.org.au (sSMTP sendmail emulation); Tue, 04 Jul 2023 17:04:18 +0800 Date: Tue, 4 Jul 2023 17:04:18 +0800 From: Herbert Xu To: David Howells Cc: Ondrej Mosnacek , Linux Crypto Mailing List , Paolo Abeni , netdev@vger.kernel.org, Linux Kernel Mailing List , regressions@lists.linux.dev Subject: Re: Regression bisected to "crypto: af_alg: Convert af_alg_sendpage() to use MSG_SPLICE_PAGES" Message-ID: References: <1357760.1688460637@warthog.procyon.org.uk> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <1357760.1688460637@warthog.procyon.org.uk> X-Spam-Status: No, score=2.7 required=5.0 tests=BAYES_00,HELO_DYNAMIC_IPADDR2, PDS_RDNS_DYNAMIC_FP,RDNS_DYNAMIC,SPF_HELO_NONE,SPF_PASS,TVD_RCVD_IP, T_SCC_BODY_TEXT_LINE,URIBL_BLOCKED autolearn=no autolearn_force=no version=3.4.6 X-Spam-Level: ** X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org On Tue, Jul 04, 2023 at 09:50:37AM +0100, David Howells wrote: > One problem with libkcapi is that it's abusing vmsplice(). It must not use > vmsplice(SPLICE_F_GIFT) on a buffer that's in the heap. To quote the manual > page: > > The user pages are a gift to the kernel. The application may > not modify this memory ever, otherwise the page cache and on- > disk data may differ. Gifting pages to the kernel means that a > subsequent splice(2) SPLICE_F_MOVE can successfully move the > pages; if this flag is not specified, then a subsequent > splice(2) SPLICE_F_MOVE must copy the pages. Data must also be > properly page aligned, both in memory and length. > > Basically, this can destroy the integrity of the process's heap as the > allocator may have metadata there that then gets excised. All it's saying is that if you modify the data after sending it off via splice then the data that will be on the wire is undefined. There is no reason why this should crash. > If I remove the flag, it still crashes, so that's not the only problem. If we can't fix this the patches should be reverted. Thanks, -- Email: Herbert Xu Home Page: http://gondor.apana.org.au/~herbert/ PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt