Add patch to fix crypto allocation issues on PAGE_SIZE > 4k
This commit is contained in:
Josh Boyer
parent
df525da578
commit
fda0a919df
|
|
@ -0,0 +1,34 @@
|
|||
From 5af4aca31445b5c0a05ef7bf707493c1bff73db5 Mon Sep 17 00:00:00 2001
|
||||
From: Ondrej Kozina <okozina@redhat.com>
|
||||
Date: Mon, 25 Aug 2014 11:49:54 +0200
|
||||
Subject: [PATCH] crypto: algif - avoid excessive use of socket buffer in
|
||||
skcipher
|
||||
|
||||
On archs with PAGE_SIZE >= 64 KiB the function skcipher_alloc_sgl()
|
||||
fails with -ENOMEM no matter what user space actually requested.
|
||||
This is caused by the fact sock_kmalloc call inside the function tried
|
||||
to allocate more memory than allowed by the default kernel socket buffer
|
||||
size (kernel param net.core.optmem_max).
|
||||
|
||||
Signed-off-by: Ondrej Kozina <okozina@redhat.com>
|
||||
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
||||
---
|
||||
crypto/algif_skcipher.c | 2 +-
|
||||
1 file changed, 1 insertion(+), 1 deletion(-)
|
||||
|
||||
diff --git a/crypto/algif_skcipher.c b/crypto/algif_skcipher.c
|
||||
index a19c027b29bd..83187f497c7c 100644
|
||||
--- a/crypto/algif_skcipher.c
|
||||
+++ b/crypto/algif_skcipher.c
|
||||
@@ -49,7 +49,7 @@ struct skcipher_ctx {
|
||||
struct ablkcipher_request req;
|
||||
};
|
||||
|
||||
-#define MAX_SGL_ENTS ((PAGE_SIZE - sizeof(struct skcipher_sg_list)) / \
|
||||
+#define MAX_SGL_ENTS ((4096 - sizeof(struct skcipher_sg_list)) / \
|
||||
sizeof(struct scatterlist) - 1)
|
||||
|
||||
static inline int skcipher_sndbuf(struct sock *sk)
|
||||
--
|
||||
1.9.3
|
||||
|
||||
|
|
@ -684,6 +684,8 @@ Patch26085: tracing-syscalls-Ignore-numbers-outside-NR_syscalls-.patch
|
|||
#rhbz 1151836
|
||||
Patch26086: Revert-iwlwifi-mvm-treat-EAPOLs-like-mgmt-frames-wrt.patch
|
||||
|
||||
Patch26087: crypto-algif-avoid-excessive-use-of-socket-buffer-in.patch
|
||||
|
||||
# git clone ssh://git.fedorahosted.org/git/kernel-arm64.git, git diff master...devel
|
||||
Patch30000: kernel-arm64.patch
|
||||
|
||||
|
|
@ -1481,6 +1483,8 @@ ApplyPatch tracing-syscalls-Ignore-numbers-outside-NR_syscalls-.patch
|
|||
#rhbz 1151836
|
||||
ApplyPatch Revert-iwlwifi-mvm-treat-EAPOLs-like-mgmt-frames-wrt.patch
|
||||
|
||||
ApplyPatch crypto-algif-avoid-excessive-use-of-socket-buffer-in.patch
|
||||
|
||||
%if 0%{?aarch64patches}
|
||||
ApplyPatch kernel-arm64.patch
|
||||
%ifnarch aarch64 # this is stupid, but i want to notice before secondary koji does.
|
||||
|
|
@ -2349,6 +2353,9 @@ fi
|
|||
# ||----w |
|
||||
# || ||
|
||||
%changelog
|
||||
* Mon Nov 10 2014 Josh Boyer <jwboyer@fedoraproject.org>
|
||||
- Add patch to fix crypto allocation issues on PAGE_SIZE > 4k
|
||||
|
||||
* Fri Nov 07 2014 Josh Boyer <jwboyer@fedoraproject.org>
|
||||
- Fix iwlwifi oops (rhbz 1151836)
|
||||
- CVE-2014-7826 CVE-2014-7825 insufficient syscall number validation in perf and ftrace subsystems (rhbz 1161565 1161572)
|
||||
|
|
|
|||
Loading…
Reference in New Issue