From nobody Mon Jan 17 21:30:05 2022 X-Original-To: dev-commits-src-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 97FE6195B709; Mon, 17 Jan 2022 21:30:08 +0000 (UTC) (envelope-from madpilot@FreeBSD.org) Received: from smtp.freebsd.org (smtp.freebsd.org [IPv6:2610:1c1:1:606c::24b:4]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "smtp.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4Jd4nD3s9yz3QDH; Mon, 17 Jan 2022 21:30:08 +0000 (UTC) (envelope-from madpilot@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1642455008; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=m5JCjxsjRen60dPvAZH2xOrzmbhgouUlu9r7q7vPw4o=; b=vymrHduWtvGcIjtUsryZ2MTmNLrzsfUMPIiNvsPbkmOgvST0aKJMFil55C4Lj4ylyr73GF ROa54Knqn/xq8atltolFqekMh/pPLAvrdPxMQwkKRUQ9tXS3EDSiiQY7qKIxVk2Gxew06M dY9q01ZyToVj0FagdQ0RqnUdAjMLhTeiXFZ+FuoYnfkdF6jG/bwNcbrsD5Jnp2sVq902vo CH7VJiDIL6ZNLwckwJ2WitfGX3Gms4vWNFf72NXO5YbkVD5fpE1oVPChVVX627N5FrD5MH Gzk7cqtKZtC7k8pQbQQbp1qQSrDonxxvJd5rLTP6qimBN3K7TOwFpl+mr9ydCg== Received: from [172.24.42.21] (host-79-18-132-211.retail.telecomitalia.it [79.18.132.211]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client did not present a certificate) (Authenticated sender: madpilot/mail) by smtp.freebsd.org (Postfix) with ESMTPSA id C0194FD57; Mon, 17 Jan 2022 21:30:07 +0000 (UTC) (envelope-from madpilot@FreeBSD.org) Message-ID: Date: Mon, 17 Jan 2022 22:30:05 +0100 List-Id: Commit messages for all branches of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-dev-commits-src-all@freebsd.org X-BeenThere: dev-commits-src-all@freebsd.org MIME-Version: 1.0 User-Agent: Mozilla/5.0 (X11; FreeBSD amd64; rv:91.0) Gecko/20100101 Thunderbird/91.5.0 Subject: Re: git: cfb7b942bed7 - main - cryptosoft: Use multi-block encrypt/decrypt for non-AEAD ciphers. Content-Language: en-US To: Mark Johnston Cc: John Baldwin , src-committers@freebsd.org, dev-commits-src-all@freebsd.org, dev-commits-src-main@freebsd.org References: <202201112238.20BMcBgx075881@gitrepo.freebsd.org> From: Guido Falsi In-Reply-To: Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 7bit ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1642455008; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=m5JCjxsjRen60dPvAZH2xOrzmbhgouUlu9r7q7vPw4o=; b=BKNvCrBNXuqViFblFjU+C2EP7lNMShbGDKQ4YgHtMGBZ0UdKgeKzMmIR1uHHWN8iStrnv7 ppKT7Zn9aZF/tgSNcDQJPgk5eil/DGo22vYSLVErhTW5w5aKPRFTpV5xVbMxtmlXkoRQYi NswoO3NqWYyVbzjQK8XaFDmi0ENlPHWbM8VDvWPvwmJPpmyml98JZ/gaz2eM5tt4OjBgk9 fplaSuPMJstwUysBNFK2bAMWJUMnZSJdsZigOErGRmUNnz+NABteQK4Riouw5RB/pc8wqM 18wZNQdccoS0dy20tzP7K4lLuRd7tF7D+bPhrMJooEeKVidPO8PxFPGZLMTPpQ== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1642455008; a=rsa-sha256; cv=none; b=YV01MqTctPUX28K3o755e7x0262ABSlMWpgcdSb4BQrrCY+2mgZmL+CAqLFC6COFc1av9v DYGIG+B/ASNnPrDj4rfMkYWiqq6JyZRrV6BosCaSxM1VdYx309MGWzN/zKNEl6APS3WPFY Nnj5mvl5yev0Vrb6Z98injULgPNYFL0EuwJPrli4tWRgBu58yUf+ZHVZ4uSGnoxg/99kiW H+bYemKISh8c0Po7RqyCsNvspnT3eB9MGgxPJrh7IaVKzSVwvxhzPrnkzT0oIvwSfs9HtC kdxyMZfwoF2b3i14iM9szX7r14gfEv2qgUZSvV+PH3zxQXApbRncx8xsgW+MIw== ARC-Authentication-Results: i=1; mx1.freebsd.org; none X-ThisMailContainsUnwantedMimeParts: N On 15/01/22 01:26, Mark Johnston wrote: > On Fri, Jan 14, 2022 at 10:27:12PM +0100, Guido Falsi wrote: >> On 11/01/22 23:38, John Baldwin wrote: >>> The branch main has been updated by jhb: >>> >>> URL: https://cgit.FreeBSD.org/src/commit/?id=cfb7b942bed72cb798b869d2e36e0097dbd243b2 >>> >>> commit cfb7b942bed72cb798b869d2e36e0097dbd243b2 >>> Author: John Baldwin >>> AuthorDate: 2022-01-11 22:18:57 +0000 >>> Commit: John Baldwin >>> CommitDate: 2022-01-11 22:18:57 +0000 >>> >>> cryptosoft: Use multi-block encrypt/decrypt for non-AEAD ciphers. >>> >>> Reviewed by: markj >>> Sponsored by: The FreeBSD Foundation >>> Differential Revision: https://reviews.freebsd.org/D33531 >> >> Hi, >> >> I've just updated to recent head. I have a laptop using ZFS on geli >> setup and now it's unable to boot. >> >> I've seen the failure starting with git revision >> 3284f4925f697ad7cc2aa4761ff5cf6ce98fd623 (LRO: Don't merge ACK and >> non-ACK packets together - 01/13/22, 17:18) >> >> it's still there with revision fe453891d7ccc8e173d9293b67f5b4608c5378dd >> (01/14/22 11:00:08) >> >> While a kernel from the binary snapshot downloaded from mirrors compiled >> from revision ac413189f53524e489c900b3cfaa80a1552875ca (vfslist.c: >> initialize skipvfs variable 01/05/2022) is able to boot correctly. >> >> The machine panics as soon as it tries to work with geli, this is why I >> am replying to this commit message. I'm not completely sure this is the >> commit to blame, but it sure is related. >> >> I have not been able to save the backtrace to file, but the last two >> calls are to: >> >> crypto_cursor_segment() >> swcr_encdec() >> >> so it points to the last part of this patch. > > I think the problem is that crypto_cursor_segment() doesn't expect to be > called once the cursor is at the end of a buffer. It may or may not > perform an invalid memory access in that case, depending on the > underlying buffer type. > > Fixing it would complicate the cursor code, maybe it's better to just > change cryptosoft to avoid this scenario: Is this being followed up? Ads I said this patch works for me and I'm using it locally. While I'm unable to review it, as a user and contributor I'm interested in the issue being fixed for good in the official tree. If discussion is already ongoing in a publicly accessible can you point me to it? Thanks! -- Guido Falsi