Re: general protection fault in ___cache_free
From: Eric Biggers
Date: Fri Dec 15 2017 - 12:21:56 EST
On Fri, Dec 15, 2017 at 12:02:01AM -0800, syzbot wrote:
> Call Trace:
> __cache_free mm/slab.c:3494 [inline]
> kfree+0x1a3/0x250 mm/slab.c:3806
> blkcipher_walk_done+0x72b/0xde0 crypto/blkcipher.c:139
> encrypt+0x20e/0x540 arch/x86/crypto/salsa20_glue.c:79
> skcipher_crypt_blkcipher crypto/skcipher.c:622 [inline]
> skcipher_decrypt_blkcipher+0x213/0x310 crypto/skcipher.c:640
> crypto_skcipher_decrypt include/crypto/skcipher.h:463 [inline]
> _skcipher_recvmsg crypto/algif_skcipher.c:144 [inline]
> skcipher_recvmsg+0xa54/0xf20 crypto/algif_skcipher.c:165
> sock_recvmsg_nosec net/socket.c:809 [inline]
> sock_recvmsg+0xc9/0x110 net/socket.c:816
> ___sys_recvmsg+0x29b/0x630 net/socket.c:2185
> __sys_recvmsg+0xe2/0x210 net/socket.c:2230
> SYSC_recvmsg net/socket.c:2242 [inline]
> SyS_recvmsg+0x2d/0x50 net/socket.c:2237
> entry_SYSCALL_64_fastpath+0x1f/0x96
Already fixed:
#syz fix: crypto: salsa20 - fix blkcipher_walk API usage