Received: by 2002:a05:7412:b995:b0:f9:9502:5bb8 with SMTP id it21csp563279rdb;
        Thu, 21 Dec 2023 19:42:52 -0800 (PST)
X-Google-Smtp-Source: AGHT+IFjxabbmVkb3wRLTAx4vzZD5KOmcpPlf3Lg2N7IGe5EALP6j3RjqUHGjK3F+aU633bnnjYi
X-Received: by 2002:a05:6214:2a85:b0:67f:7f57:e368 with SMTP id jr5-20020a0562142a8500b0067f7f57e368mr1067423qvb.47.1703216572234;
        Thu, 21 Dec 2023 19:42:52 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; t=1703216572; cv=none;
        d=google.com; s=arc-20160816;
        b=Oa5yFVVzj9M6Zhw+1XSlA2ahsx/b7W9EWuLuWqFraing3LwoM7NeFtVjt6Z6HfkhzW
         BxpnDLIYW08u8toqyt7Ey3c+PIImPMXtEIl++x5hae30oPodOiX7wW2eJ1+4qHzIDoP1
         1xbiUkwxIfVcHecGspPkIPnC4HpvnT/cWoWHbqoKMwJa4DzST9lPEdtp9K15qr4q5BwF
         Rx8r38UCYDu5mh28lrzXasQhgKcIjmz6Am6W2HL1xsWcOvg8zhKXxdhy7/e3evlc1yOM
         LE2BjOSfIdR3i7bO5bzbLOb54hjsDe0Bs4qAomH2zyU9s5Yc6Kx9Q7/RZ+nidS75mqAR
         FXjg==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=in-reply-to:content-disposition:mime-version:list-unsubscribe
         :list-subscribe:list-id:precedence:references:message-id:subject:cc
         :to:from:date;
        bh=NWCE2GXnVTQSnX4/5vhInGvITs7n/c4fnIFMMwArBjs=;
        fh=38oqJKCCK7bJIjrVvT8Q0lzV/cQ1pVFvsr1eUld9Jws=;
        b=RJNY8t/+9HB2vJdPyAD6ALHfjQHFE7RYc5cRMowIgx2kaRBGIHwIUFPoIUAD8fpP4s
         0dvIoWToZy+gzVlM/lEhAlJL5euo+wfQ97duoKFC0Z7xGahnviuRLMRqPS//iTYr4pXk
         66ZZlyAMlT+BfMqwLq5oX3Px7v60hydGilGUgYe8h1BIY5JuHpjULDL9z/MdsW//kz22
         Jpex9gwi7JA92twKqI5IB5NdwBuLcCK4mbgtK5JN3Z/yxww7F3oi9wRPeum97+MhZ0r4
         85x/HsE3UJkyBUXosZ0B3cILRX4+vwxuHNhcuan6dJNTG+lok6Lg7UslrGxW0fo/zvtG
         8BIA==
ARC-Authentication-Results: i=1; mx.google.com;
       spf=pass (google.com: domain of linux-crypto+bounces-959-linux.lists.archive=gmail.com@vger.kernel.org designates 147.75.199.223 as permitted sender) smtp.mailfrom="linux-crypto+bounces-959-linux.lists.archive=gmail.com@vger.kernel.org"
Return-Path: <linux-crypto+bounces-959-linux.lists.archive=gmail.com@vger.kernel.org>
Received: from ny.mirrors.kernel.org (ny.mirrors.kernel.org. [147.75.199.223])
        by mx.google.com with ESMTPS id z5-20020a0cda85000000b0067f79fc97f1si3730563qvj.397.2023.12.21.19.42.52
        for <linux.lists.archive@gmail.com>
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Thu, 21 Dec 2023 19:42:52 -0800 (PST)
Received-SPF: pass (google.com: domain of linux-crypto+bounces-959-linux.lists.archive=gmail.com@vger.kernel.org designates 147.75.199.223 as permitted sender) client-ip=147.75.199.223;
Authentication-Results: mx.google.com;
       spf=pass (google.com: domain of linux-crypto+bounces-959-linux.lists.archive=gmail.com@vger.kernel.org designates 147.75.199.223 as permitted sender) smtp.mailfrom="linux-crypto+bounces-959-linux.lists.archive=gmail.com@vger.kernel.org"
Received: from smtp.subspace.kernel.org (wormhole.subspace.kernel.org [52.25.139.140])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by ny.mirrors.kernel.org (Postfix) with ESMTPS id 058F21C24337
	for <linux.lists.archive@gmail.com>; Fri, 22 Dec 2023 03:42:52 +0000 (UTC)
Received: from localhost.localdomain (localhost.localdomain [127.0.0.1])
	by smtp.subspace.kernel.org (Postfix) with ESMTP id 48950185D;
	Fri, 22 Dec 2023 03:42:46 +0000 (UTC)
X-Original-To: linux-crypto@vger.kernel.org
Received: from abb.hmeau.com (abb.hmeau.com [144.6.53.87])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by smtp.subspace.kernel.org (Postfix) with ESMTPS id CDC8017D3;
	Fri, 22 Dec 2023 03:42:42 +0000 (UTC)
Authentication-Results: smtp.subspace.kernel.org; dmarc=none (p=none dis=none) header.from=gondor.apana.org.au
Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=gondor.apana.org.au
Received: from loth.rohan.me.apana.org.au ([192.168.167.2])
	by formenos.hmeau.com with smtp (Exim 4.94.2 #2 (Debian))
	id 1rGWQi-00DgwM-Sq; Fri, 22 Dec 2023 11:42:33 +0800
Received: by loth.rohan.me.apana.org.au (sSMTP sendmail emulation); Fri, 22 Dec 2023 11:42:43 +0800
Date: Fri, 22 Dec 2023 11:42:43 +0800
From: Herbert Xu <herbert@gondor.apana.org.au>
To: Shigeru Yoshida <syoshida@redhat.com>
Cc: davem@davemloft.net, dhowells@redhat.com, linux-crypto@vger.kernel.org,
	linux-kernel@vger.kernel.org
Subject: Re: [PATCH] crypto: af_alg/hash: Fix uninit-value access in
 af_alg_free_sg()
Message-ID: <ZYUFs1MumRFf3mnv@gondor.apana.org.au>
References: <20231211135949.689204-1-syoshida@redhat.com>
Precedence: bulk
X-Mailing-List: linux-crypto@vger.kernel.org
List-Id: <linux-crypto.vger.kernel.org>
List-Subscribe: <mailto:linux-crypto+subscribe@vger.kernel.org>
List-Unsubscribe: <mailto:linux-crypto+unsubscribe@vger.kernel.org>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <20231211135949.689204-1-syoshida@redhat.com>

On Mon, Dec 11, 2023 at 10:59:49PM +0900, Shigeru Yoshida wrote:
>
> Fixes: c662b043cdca ("crypto: af_alg/hash: Support MSG_SPLICE_PAGES")

I think it should actually be

	b6d972f6898308fbe7e693bf8d44ebfdb1cd2dc4
	crypto: af_alg/hash: Fix recvmsg() after sendmsg(MSG_MORE)

Anyway, I think we should fix it by adding a new goto label that
does not free the SG list:

unlock_free:
	af_alg_free_sg(&ctx->sgl);
<--- Add new label here
	hash_free_result(sk, ctx);
	ctx->more = false;
	goto unlock;

Thanks,
-- 
Email: Herbert Xu <herbert@gondor.apana.org.au>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt