Re: [syzbot] [crypto?] general protection fault in shash_async_final

From: Herbert Xu
Date: Thu Jun 15 2023 - 05:13:45 EST

Next message: H. Nikolaus Schaller: "Re: [PATCH 0/9] MIPS: CI20: Add WiFi / Bluetooth support"
Previous message: Andreas Schwab: "Re: [PATCH v2] RISC-V: Support 32_PCREL relocation type in kernel module"
In reply to: David Howells: "Re: [syzbot] [crypto?] general protection fault in shash_async_final"
Next in thread: David Howells: "Re: [syzbot] [crypto?] general protection fault in shash_async_final"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Wed, Jun 14, 2023 at 12:25:14PM +0100, David Howells wrote:
> Here's a reduced testcase for this. The key seems to be passing MSG_MORE to
> sendmsg() and then not following up with more data before calling recvmsg().
> Apart from not oopsing, I wonder what the behaviour should be here? Should
> recvmsg() return an error (EAGAIN or ENODATA maybe) or should it close the
> existing operation?

On send if MSG_MORE is set then we don't finalise the hash.

If the user calls recvmsg while the hash hasn't been finalised, then
we will force finalisation (thus rendering the last MSG_MORE moot).

Cheers,
--
Email: Herbert Xu <herbert@xxxxxxxxxxxxxxxxxxx>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt

Next message: H. Nikolaus Schaller: "Re: [PATCH 0/9] MIPS: CI20: Add WiFi / Bluetooth support"
Previous message: Andreas Schwab: "Re: [PATCH v2] RISC-V: Support 32_PCREL relocation type in kernel module"
In reply to: David Howells: "Re: [syzbot] [crypto?] general protection fault in shash_async_final"
Next in thread: David Howells: "Re: [syzbot] [crypto?] general protection fault in shash_async_final"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]