linux/crypto
David Howells cdfbabfb2f net: Work around lockdep limitation in sockets that use sockets
Lockdep issues a circular dependency warning when AFS issues an operation
through AF_RXRPC from a context in which the VFS/VM holds the mmap_sem.

The theory lockdep comes up with is as follows:

 (1) If the pagefault handler decides it needs to read pages from AFS, it
     calls AFS with mmap_sem held and AFS begins an AF_RXRPC call, but
     creating a call requires the socket lock:

	mmap_sem must be taken before sk_lock-AF_RXRPC

 (2) afs_open_socket() opens an AF_RXRPC socket and binds it.  rxrpc_bind()
     binds the underlying UDP socket whilst holding its socket lock.
     inet_bind() takes its own socket lock:

	sk_lock-AF_RXRPC must be taken before sk_lock-AF_INET

 (3) Reading from a TCP socket into a userspace buffer might cause a fault
     and thus cause the kernel to take the mmap_sem, but the TCP socket is
     locked whilst doing this:

	sk_lock-AF_INET must be taken before mmap_sem

However, lockdep's theory is wrong in this instance because it deals only
with lock classes and not individual locks.  The AF_INET lock in (2) isn't
really equivalent to the AF_INET lock in (3) as the former deals with a
socket entirely internal to the kernel that never sees userspace.  This is
a limitation in the design of lockdep.

Fix the general case by:

 (1) Double up all the locking keys used in sockets so that one set are
     used if the socket is created by userspace and the other set is used
     if the socket is created by the kernel.

 (2) Store the kern parameter passed to sk_alloc() in a variable in the
     sock struct (sk_kern_sock).  This informs sock_lock_init(),
     sock_init_data() and sk_clone_lock() as to the lock keys to be used.

     Note that the child created by sk_clone_lock() inherits the parent's
     kern setting.

 (3) Add a 'kern' parameter to ->accept() that is analogous to the one
     passed in to ->create() that distinguishes whether kernel_accept() or
     sys_accept4() was the caller and can be passed to sk_alloc().

     Note that a lot of accept functions merely dequeue an already
     allocated socket.  I haven't touched these as the new socket already
     exists before we get the parameter.

     Note also that there are a couple of places where I've made the accepted
     socket unconditionally kernel-based:

	irda_accept()
	rds_rcp_accept_one()
	tcp_accept_from_sock()

     because they follow a sock_create_kern() and accept off of that.

Whilst creating this, I noticed that lustre and ocfs don't create sockets
through sock_create_kern() and thus they aren't marked as for-kernel,
though they appear to be internal.  I wonder if these should do that so
that they use the new set of lock keys.

Signed-off-by: David Howells <dhowells@redhat.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2017-03-09 18:23:27 -08:00
..
asymmetric_keys Merge branch 'linus' of git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6 2016-12-15 11:41:37 -08:00
async_tx async_pq_val: fix DMA memory leak 2016-10-05 06:18:09 +05:30
.gitignore
842.c crypto: acomp - add support for 842 via scomp 2016-10-25 11:08:33 +08:00
ablk_helper.c crypto: ablk_helper - Fix cryptd reordering 2016-06-23 18:29:53 +08:00
ablkcipher.c crypto: Replaced gcc specific attributes with macros from compiler.h 2017-01-13 00:24:39 +08:00
acompress.c crypto: Replaced gcc specific attributes with macros from compiler.h 2017-01-13 00:24:39 +08:00
aead.c crypto: Replaced gcc specific attributes with macros from compiler.h 2017-01-13 00:24:39 +08:00
aes_generic.c crypto: aes-generic - drop alignment requirement 2017-02-11 17:50:43 +08:00
aes_ti.c crypto: aes - add generic time invariant AES cipher 2017-02-11 17:50:43 +08:00
af_alg.c net: Work around lockdep limitation in sockets that use sockets 2017-03-09 18:23:27 -08:00
ahash.c crypto: Replaced gcc specific attributes with macros from compiler.h 2017-01-13 00:24:39 +08:00
akcipher.c crypto: Replaced gcc specific attributes with macros from compiler.h 2017-01-13 00:24:39 +08:00
algapi.c crypto: algapi - make crypto_xor() and crypto_inc() alignment agnostic 2017-02-11 17:52:28 +08:00
algboss.c sched/headers: Prepare to move signal wakeup & sigpending methods from <linux/sched.h> into <linux/sched/signal.h> 2017-03-02 08:42:32 +01:00
algif_aead.c sched/headers: Prepare to move signal wakeup & sigpending methods from <linux/sched.h> into <linux/sched/signal.h> 2017-03-02 08:42:32 +01:00
algif_hash.c net: Work around lockdep limitation in sockets that use sockets 2017-03-09 18:23:27 -08:00
algif_rng.c
algif_skcipher.c sched/headers: Prepare to move signal wakeup & sigpending methods from <linux/sched.h> into <linux/sched/signal.h> 2017-03-02 08:42:32 +01:00
ansi_cprng.c
anubis.c
api.c sched/headers: Prepare to move signal wakeup & sigpending methods from <linux/sched.h> into <linux/sched/signal.h> 2017-03-02 08:42:32 +01:00
arc4.c
authenc.c crypto: skcipher - Get rid of crypto_spawn_skcipher2() 2016-11-01 08:37:17 +08:00
authencesn.c crypto: skcipher - Get rid of crypto_spawn_skcipher2() 2016-11-01 08:37:17 +08:00
blkcipher.c crypto: Replaced gcc specific attributes with macros from compiler.h 2017-01-13 00:24:39 +08:00
blowfish_common.c
blowfish_generic.c
camellia_generic.c
cast5_generic.c
cast6_generic.c
cast_common.c
cbc.c crypto: algapi - make crypto_xor() and crypto_inc() alignment agnostic 2017-02-11 17:52:28 +08:00
ccm.c crypto: ccm - move cbcmac input off the stack 2017-02-28 17:29:17 +08:00
chacha20_generic.c crypto: chacha20 - convert generic and x86 versions to skcipher 2016-12-27 17:47:31 +08:00
chacha20poly1305.c crypto: skcipher - Get rid of crypto_spawn_skcipher2() 2016-11-01 08:37:17 +08:00
cipher.c crypto: api - Remove no-op exit_ops code 2016-10-21 11:03:42 +08:00
cmac.c crypto: algapi - make crypto_xor() and crypto_inc() alignment agnostic 2017-02-11 17:52:28 +08:00
compress.c crypto: api - Remove no-op exit_ops code 2016-10-21 11:03:42 +08:00
crc32_generic.c crypto: crc32 - Rename generic implementation 2016-01-30 22:11:22 +08:00
crc32c_generic.c crypto: crc32c - Fix crc32c soft dependency 2016-01-19 15:52:10 +08:00
crct10dif_common.c
crct10dif_generic.c crypto: squash lines for simple wrapper functions 2016-09-13 20:27:26 +08:00
cryptd.c crypto: cryptd - Add support for skcipher 2016-11-28 21:23:18 +08:00
crypto_engine.c sched/headers: Prepare for new header dependencies before moving code to <uapi/linux/sched/types.h> 2017-03-02 08:42:27 +01:00
crypto_null.c crypto: null - Remove default null blkcipher 2016-07-18 17:35:44 +08:00
crypto_user.c crypto: acomp - add asynchronous compression api 2016-10-25 11:08:30 +08:00
crypto_wq.c
ctr.c crypto: algapi - make crypto_xor() and crypto_inc() alignment agnostic 2017-02-11 17:52:28 +08:00
cts.c crypto: algapi - make crypto_xor() and crypto_inc() alignment agnostic 2017-02-11 17:52:28 +08:00
deflate.c crypto: acomp - add support for deflate via scomp 2016-10-25 11:08:36 +08:00
des_generic.c
dh_helper.c crypto: dh - Add DH software implementation 2016-06-23 18:29:56 +08:00
dh.c crypto: dh - Consistenly return negative error codes 2016-11-13 17:45:04 +08:00
drbg.c Merge git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6 2016-11-30 19:53:12 +08:00
ecb.c
ecc_curve_defs.h crypto: ecdh - Add ECDH software support 2016-06-23 18:29:57 +08:00
ecc.c crypto: ecdh - make ecdh_shared_secret unique 2016-06-24 21:24:59 +08:00
ecc.h crypto: ecdh - make ecdh_shared_secret unique 2016-06-24 21:24:59 +08:00
ecdh_helper.c crypto: ecdh - Add ECDH software support 2016-06-23 18:29:57 +08:00
ecdh.c crypto: ecdh - make ecdh_shared_secret unique 2016-06-24 21:24:59 +08:00
echainiv.c crypto: echainiv - Replace chaining with multiplication 2016-09-13 18:44:57 +08:00
fcrypt.c
fips.c
gcm.c crypto: skcipher - Get rid of crypto_spawn_skcipher2() 2016-11-01 08:37:17 +08:00
gf128mul.c crypto: gf128mul - Zero memory when freeing multiplication table 2016-11-17 23:34:59 +08:00
ghash-generic.c crypto: ghash-generic - move common definitions to a new header file 2016-10-02 22:26:40 +08:00
hash_info.c keys, trusted: select hash algorithm for TPM2 chips 2015-12-20 15:27:12 +02:00
hmac.c
internal.h crypto: api - Remove no-op exit_ops code 2016-10-21 11:03:42 +08:00
jitterentropy-kcapi.c crypto: jitterentropy - drop duplicate header module.h 2016-11-17 23:34:52 +08:00
jitterentropy.c
Kconfig crypto: xts - Add ECB dependency 2017-02-23 20:11:06 +08:00
keywrap.c crypto: keywrap - memzero the correct memory 2016-02-01 22:27:05 +08:00
khazad.c
kpp.c crypto: Replaced gcc specific attributes with macros from compiler.h 2017-01-13 00:24:39 +08:00
lrw.c crypto: lrw - Convert to skcipher 2016-11-28 21:23:17 +08:00
lz4.c crypto: change LZ4 modules to work with new LZ4 module version 2017-02-24 17:46:57 -08:00
lz4hc.c crypto: change LZ4 modules to work with new LZ4 module version 2017-02-24 17:46:57 -08:00
lzo.c crypto: acomp - add support for lzo via scomp 2016-10-25 11:08:31 +08:00
Makefile crypto: improve gcc optimization flags for serpent and wp512 2017-02-11 17:52:26 +08:00
mcryptd.c sched/headers: Prepare for new header dependencies before moving code to <linux/sched/stat.h> 2017-03-02 08:42:34 +01:00
md4.c
md5.c crypto: hash - add zero length message hash for shax and md5 2015-12-22 20:43:35 +08:00
memneq.c
michael_mic.c
pcbc.c crypto: algapi - make crypto_xor() and crypto_inc() alignment agnostic 2017-02-11 17:52:28 +08:00
pcrypt.c
poly1305_generic.c crypto: poly1305 - Use unaligned access where required 2016-11-13 17:45:03 +08:00
proc.c
ripemd.h
rmd128.c
rmd160.c
rmd256.c
rmd320.c
rng.c crypto: Replaced gcc specific attributes with macros from compiler.h 2017-01-13 00:24:39 +08:00
rsa_helper.c crypto: rsa - allow keys >= 2048 bits in FIPS mode 2016-08-24 21:07:10 +08:00
rsa-pkcs1pad.c crypto: rsa-pkcs1pad - Handle leading zero for decryption 2016-09-22 17:42:08 +08:00
rsa.c crypto: rsa - Generate fixed-length output 2016-07-01 23:45:18 +08:00
rsaprivkey.asn1 crypto: rsa - Store rest of the private key components 2016-07-05 23:05:26 +08:00
rsapubkey.asn1 crypto: akcipher - Changes to asymmetric key API 2015-10-14 22:23:16 +08:00
salsa20_generic.c
scatterwalk.c crypto: scatterwalk - Remove unnecessary aliasing check in map_and_copy 2016-11-22 15:02:25 +08:00
scompress.c crypto: Replaced gcc specific attributes with macros from compiler.h 2017-01-13 00:24:39 +08:00
seed.c
seqiv.c crypto: algapi - make crypto_xor() and crypto_inc() alignment agnostic 2017-02-11 17:52:28 +08:00
serpent_generic.c
sha1_generic.c crypto: hash - add zero length message hash for shax and md5 2015-12-22 20:43:35 +08:00
sha3_generic.c crypto: sha3 - Add missing ULL suffixes for 64-bit constants 2016-08-08 23:43:46 +08:00
sha256_generic.c crypto: hash - add zero length message hash for shax and md5 2015-12-22 20:43:35 +08:00
sha512_generic.c
shash.c crypto: Replaced gcc specific attributes with macros from compiler.h 2017-01-13 00:24:39 +08:00
simd.c crypto: simd - Add simd skcipher helper 2016-11-28 21:23:18 +08:00
skcipher.c crypto: Replaced gcc specific attributes with macros from compiler.h 2017-01-13 00:24:39 +08:00
tcrypt.c crypto: tcrypt - Add debug prints 2017-01-23 22:50:24 +08:00
tcrypt.h
tea.c
testmgr.c crypto: testmgr - add test cases for cbcmac(aes) 2017-02-11 17:50:44 +08:00
testmgr.h Merge branch 'linus' of git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6 2017-03-04 10:42:53 -08:00
tgr192.c
twofish_common.c
twofish_generic.c
vmac.c
wp512.c
xcbc.c
xor.c crypto: xor - Fix warning when XOR_SELECT_TEMPLATE is unset 2016-08-31 23:00:48 +08:00
xts.c crypto: xts - Propagate NEED_FALLBACK bit 2017-02-27 18:09:41 +08:00