Offering: HULK hulk inclusion category: bugfix bugzilla: https://gitee.com/openeuler/kernel/issues/I90AZP CVE: NA
--------------------------------
An error was reported:
BUG: kernel NULL pointer dereference, address: 000000000000002c PGD 12e952067 P4D 0 Oops: 0000 [#1] PREEMPT SMP NOPTI CPU: 80 PID: 1469 Comm: cryptomgr_test Not tainted 6.6.0-iommufd66+ #1 Hardware name: Intel Corporation M50CYP2SBSTD/M50CYP2SBSTD, BIOS SE5C620.86B.01.01.0005.2202160810 02/16/2022 RIP: 0010:crypto_ahash_setkey+0x11/0x60
Call Trace: <TASK> ? __die+0x23/0x70 ? page_fault_oops+0x81/0x150 ? exc_page_fault+0x5ea/0x7d0 ? asm_exc_page_fault+0x26/0x30 ? crypto_ahash_setkey+0x11/0x60 crypto_ahash_setkey+0x1c/0x60 test_ahash_vec_cfg+0x165/0x840 ? vsnprintf+0x44d/0x630 ? sprintf+0x5a/0x80 __alg_test_hash.isra.0+0x1aa/0x3a0 alg_test+0x199/0x610 ? __schedule+0x611/0xc30 ? __pfx_cryptomgr_test+0x10/0x10 cryptomgr_test+0x24/0x40 kthread+0xe5/0x120 ? __pfx_kthread+0x10/0x10 ret_from_fork+0x31/0x50 ? __pfx_kthread+0x10/0x10 ret_from_fork_asm+0x1b/0x30
Fix this by reverting the KABI reservation for cryptd structures. Cryptd would cast a crypto_ahash structure into a cryptd_ahash structure, so we are not allowed to add anything before member base in cryptd_ahash.
Fixes: 16257e430641 ("crypto: kabi: KABI reservation for crypto") Signed-off-by: GUO Zihua guozihua@huawei.com --- include/crypto/cryptd.h | 3 --- 1 file changed, 3 deletions(-)
diff --git a/include/crypto/cryptd.h b/include/crypto/cryptd.h index a060f4a11c89..796d986e58e1 100644 --- a/include/crypto/cryptd.h +++ b/include/crypto/cryptd.h @@ -18,7 +18,6 @@ #include <crypto/aead.h> #include <crypto/hash.h> #include <crypto/skcipher.h> -#include <linux/kabi.h>
struct cryptd_skcipher { struct crypto_skcipher base; @@ -33,8 +32,6 @@ bool cryptd_skcipher_queued(struct cryptd_skcipher *tfm); void cryptd_free_skcipher(struct cryptd_skcipher *tfm);
struct cryptd_ahash { - KABI_RESERVE(1) - KABI_RESERVE(2) struct crypto_ahash base; };