I have found a regression in userspace behaviour after commit 67b164a871a got backported into 4.19.306 as commit 19af0310c8767. The regression can be fixed by backporting two additional commits, detailed below.
The regression can be reproduced with the following sequence:
echo some text > plain.txt openssl enc -k mysecret -aes-256-cbc -in plain.txt -out cipher.txt -engine afalg
It fails intermittently with the message "error writing to file", but this error is a bit misleading, the actual problem is that the kernel returns -16 (EBUSY) on the encoding operation.
The EBUSY comes from the newly added in-flight check. This check is correct, however it fails on 4.19 kernel, because it is missing two earlier commits:
f3c802a1f3001 crypto: algif_aead - Only wake up when ctx->more is zero 21dfbcd1f5cbf crypto: algif_aead - fix uninitialized ctx->init
I was able to cherry-pick those into 4.19.y, with just a minor conflict in one case. With those applied, the openssl command no longer fails.
Similar fixes are likely needed in 5.4.y, however I did not test this.
No change is needed in 5.10 or newer, as the two commits are present.
Please add the two commits to 4.19.y (and probably also 5.4.y).
Thanks, -Ralph
On Wed, Mar 20, 2024 at 10:31:43AM -0400, Ralph Siemsen wrote:
I have found a regression in userspace behaviour after commit 67b164a871a got backported into 4.19.306 as commit 19af0310c8767. The regression can be fixed by backporting two additional commits, detailed below.
The regression can be reproduced with the following sequence:
echo some text > plain.txt openssl enc -k mysecret -aes-256-cbc -in plain.txt -out cipher.txt -engine afalg
It fails intermittently with the message "error writing to file", but this error is a bit misleading, the actual problem is that the kernel returns -16 (EBUSY) on the encoding operation.
The EBUSY comes from the newly added in-flight check. This check is correct, however it fails on 4.19 kernel, because it is missing two earlier commits:
f3c802a1f3001 crypto: algif_aead - Only wake up when ctx->more is zero 21dfbcd1f5cbf crypto: algif_aead - fix uninitialized ctx->init
I was able to cherry-pick those into 4.19.y, with just a minor conflict in one case. With those applied, the openssl command no longer fails.
Similar fixes are likely needed in 5.4.y, however I did not test this.
No change is needed in 5.10 or newer, as the two commits are present.
Please add the two commits to 4.19.y (and probably also 5.4.y).
I'll add both to 4.19. They already exist in 5.4. Thanks!
linux-stable-mirror@lists.linaro.org