| Message ID | 20230705164009.58351-2-giovanni.cabiddu@intel.com |
|---|---|
| State | New |
| Headers | show |
| Series | crypto: adjust meaning of CRYPTO_ALG_ALLOCATES_MEMORY | expand |
On Wed, Jul 05, 2023 at 05:40:07PM +0100, Giovanni Cabiddu wrote: > The flag CRYPTO_ALG_ALLOCATES_MEMORY indicates that an algorithm might > allocate memory in the datapath and therefore sleep. > Dm-integrity is filtering out implementations of skcipher algorithms > that have this flag set. However, in the same function it does > allocations with GFP_KERNEL. Which function is the above referring to? The actual encryption/decryption happens in crypt_journal(), and I don't see any memory allocations there. > As dm-integrity is re-entrant and capable of handling sleeps that could > occur during allocations with GFP_KERNEL, then it is also capable of > using skcipher algorithm implementations that have > CRYPTO_ALG_ALLOCATES_MEMORY set. > > Remove the filtering of skcipher implementations with the flag > CRYPTO_ALG_ALLOCATES_MEMORY set. What about the use of CRYPTO_ALG_ALLOCATES_MEMORY in get_mac()? > > Suggested-by: Herbert Xu <herbert@gondor.apana.org.au> > Link: https://lore.kernel.org/linux-crypto/ZILvtASXQKLG43y9@gondor.apana.org.au/ > Signed-off-by: Giovanni Cabiddu <giovanni.cabiddu@intel.com> > Reviewed-by: Fiona Trahe <fiona.trahe@intel.com> This needs: Fixes: a7a10bce8a04 ("dm integrity: don't use drivers that have CRYPTO_ALG_ALLOCATES_MEMORY") Cc: stable@vger.kernel.org But, are you 100% sure the explanation in commit a7a10bce8a04 was incorrect? - Eric
Thanks Eric. On Wed, Jul 05, 2023 at 01:12:05PM -0700, Eric Biggers wrote: > On Wed, Jul 05, 2023 at 05:40:07PM +0100, Giovanni Cabiddu wrote: > > The flag CRYPTO_ALG_ALLOCATES_MEMORY indicates that an algorithm might > > allocate memory in the datapath and therefore sleep. > > Dm-integrity is filtering out implementations of skcipher algorithms > > that have this flag set. However, in the same function it does > > allocations with GFP_KERNEL. > > Which function is the above referring to? The actual encryption/decryption > happens in crypt_journal(), and I don't see any memory allocations there. You are right. I was referring to create_journal() which is allocating memory right before calling do_crypt(). However, I didn't consider crypt_journal() which might not be allocating memory before calling do_crypt(). Then we are then back to square one. We need to check how many entries are present in the scatterlists encrypted by crypt_journal() before adjusting the meaning of !CRYPTO_ALG_ALLOCATES_MEMORY. Regards,
On Wed, Jul 05, 2023 at 09:57:54PM +0100, Giovanni Cabiddu wrote: > > Then we are then back to square one. We need to check how many entries > are present in the scatterlists encrypted by crypt_journal() before > adjusting the meaning of !CRYPTO_ALG_ALLOCATES_MEMORY. Indeed. I missed the fact that it was preallocating memory with GFP_KERNEL. So perhaps the answer is to adjust our API to allow the drivers to pre-allocate memory. I'll look into this. Thanks,
Hi If you allocate memory in crypto processing in dm-integrity, you risk the low-memory deadlock when swapping to dm-integrity. I.e. the machine runs out of memory, it needs to swap out pages to free some memory, the swap-out bio goes to dm-integrity and dm-integrity calls the crypto API and tries to allocate more memory => deadlock. On Wed, 5 Jul 2023, Eric Biggers wrote: > On Wed, Jul 05, 2023 at 05:40:07PM +0100, Giovanni Cabiddu wrote: > > The flag CRYPTO_ALG_ALLOCATES_MEMORY indicates that an algorithm might > > allocate memory in the datapath and therefore sleep. > > Dm-integrity is filtering out implementations of skcipher algorithms > > that have this flag set. However, in the same function it does > > allocations with GFP_KERNEL. It's OK to use GFP_KERNEL in the device mapper target constructor (because at this point there is no I/O going to the device). But it's not OK to use it for individual bio processing. > Which function is the above referring to? The actual encryption/decryption > happens in crypt_journal(), and I don't see any memory allocations there. > > > As dm-integrity is re-entrant and capable of handling sleeps that could > > occur during allocations with GFP_KERNEL, then it is also capable of > > using skcipher algorithm implementations that have > > CRYPTO_ALG_ALLOCATES_MEMORY set. > > > > Remove the filtering of skcipher implementations with the flag > > CRYPTO_ALG_ALLOCATES_MEMORY set. > > What about the use of CRYPTO_ALG_ALLOCATES_MEMORY in get_mac()? > > > > > Suggested-by: Herbert Xu <herbert@gondor.apana.org.au> > > Link: https://lore.kernel.org/linux-crypto/ZILvtASXQKLG43y9@gondor.apana.org.au/ > > Signed-off-by: Giovanni Cabiddu <giovanni.cabiddu@intel.com> > > Reviewed-by: Fiona Trahe <fiona.trahe@intel.com> > > This needs: > > Fixes: a7a10bce8a04 ("dm integrity: don't use drivers that have CRYPTO_ALG_ALLOCATES_MEMORY") > Cc: stable@vger.kernel.org > > But, are you 100% sure the explanation in commit a7a10bce8a04 was incorrect? > > - Eric Mikulas
Hi Herbert, What are your plans for this change? Thanks, Meenakshi > -----Original Message----- > From: Herbert Xu <herbert@gondor.apana.org.au> > Sent: Thursday, July 6, 2023 3:28 AM > To: Giovanni Cabiddu <giovanni.cabiddu@intel.com> > Cc: Eric Biggers <ebiggers@kernel.org>; agk@redhat.com; snitzer@kernel.org; > linux-crypto@vger.kernel.org; dm-devel@redhat.com; linux- > kernel@vger.kernel.org; qat-linux@intel.com; heinzm@redhat.com; Meenakshi > Aggarwal <meenakshi.aggarwal@nxp.com>; Horia Geanta > <horia.geanta@nxp.com>; Varun Sethi <V.Sethi@nxp.com>; Pankaj Gupta > <pankaj.gupta@nxp.com>; Gaurav Jain <gaurav.jain@nxp.com>; > davem@davemloft.net; Iuliana Prodan <iuliana.prodan@nxp.com>; Fiona Trahe > <fiona.trahe@intel.com> > Subject: Re: [PATCH 1/3] dm integrity: do not filter algos with > CRYPTO_ALG_ALLOCATES_MEMORY > > On Wed, Jul 05, 2023 at 09:57:54PM +0100, Giovanni Cabiddu wrote: > > > > Then we are then back to square one. We need to check how many entries > > are present in the scatterlists encrypted by crypt_journal() before > > adjusting the meaning of !CRYPTO_ALG_ALLOCATES_MEMORY. > > Indeed. I missed the fact that it was preallocating memory with GFP_KERNEL. > > So perhaps the answer is to adjust our API to allow the drivers to pre-allocate > memory. I'll look into this. > > Thanks, > -- > Email: Herbert Xu <herbert@gondor.apana.org.au> Home Page: > http://gondor.ap/ > ana.org.au%2F~herbert%2F&data=05%7C01%7Cmeenakshi.aggarwal%40nxp.co > m%7C59d63c0b42d5423abb1108db7da2e431%7C686ea1d3bc2b4c6fa92cd99c5 > c301635%7C0%7C0%7C638241910806938399%7CUnknown%7CTWFpbGZsb3d8 > eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D% > 7C3000%7C%7C%7C&sdata=vdLCyhQOSTEhIK1%2FkAO7Z%2Fu6ejrLbRHwM88N > DmsqaP0%3D&reserved=0 > PGP Key: > http://gondor.ap/ > ana.org.au%2F~herbert%2Fpubkey.txt&data=05%7C01%7Cmeenakshi.aggarwal > %40nxp.com%7C59d63c0b42d5423abb1108db7da2e431%7C686ea1d3bc2b4c6f > a92cd99c5c301635%7C0%7C0%7C638241910806938399%7CUnknown%7CTWF > pbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6 > Mn0%3D%7C3000%7C%7C%7C&sdata=eAkggsD8FaJzb9OO2p1bcaPYs8xt47Eav > UdVVssGM7o%3D&reserved=0
diff --git a/drivers/md/dm-integrity.c b/drivers/md/dm-integrity.c index 31838b13ea54..a1013eff01b4 100644 --- a/drivers/md/dm-integrity.c +++ b/drivers/md/dm-integrity.c @@ -3785,7 +3785,7 @@ static int create_journal(struct dm_integrity_c *ic, char **error) struct journal_completion comp; comp.ic = ic; - ic->journal_crypt = crypto_alloc_skcipher(ic->journal_crypt_alg.alg_string, 0, CRYPTO_ALG_ALLOCATES_MEMORY); + ic->journal_crypt = crypto_alloc_skcipher(ic->journal_crypt_alg.alg_string, 0, 0); if (IS_ERR(ic->journal_crypt)) { *error = "Invalid journal cipher"; r = PTR_ERR(ic->journal_crypt);