crypto/deflate.c | 7 ++++++- crypto/zstd.c | 7 ++++++- include/crypto/internal/acompress.h | 5 +---- 3 files changed, 13 insertions(+), 6 deletions(-)
To avoid a crash when control flow integrity is enabled, make the
workspace ("stream") free function use a consistent type, and call it
through a function pointer that has that same type.
Fixes: 42d9f6c77479 ("crypto: acomp - Move scomp stream allocation code into acomp")
Cc: stable@vger.kernel.org
Signed-off-by: Eric Biggers <ebiggers@kernel.org>
---
crypto/deflate.c | 7 ++++++-
crypto/zstd.c | 7 ++++++-
include/crypto/internal/acompress.h | 5 +----
3 files changed, 13 insertions(+), 6 deletions(-)
diff --git a/crypto/deflate.c b/crypto/deflate.c
index fe8e4ad0fee10..21404515dc77e 100644
--- a/crypto/deflate.c
+++ b/crypto/deflate.c
@@ -46,13 +46,18 @@ static void *deflate_alloc_stream(void)
ctx->stream.workspace = ctx->workspace;
return ctx;
}
+static void deflate_free_stream(void *ctx)
+{
+ kvfree(ctx);
+}
+
static struct crypto_acomp_streams deflate_streams = {
.alloc_ctx = deflate_alloc_stream,
- .cfree_ctx = kvfree,
+ .free_ctx = deflate_free_stream,
};
static int deflate_compress_one(struct acomp_req *req,
struct deflate_stream *ds)
{
diff --git a/crypto/zstd.c b/crypto/zstd.c
index 657e0cf7b9524..ff5f596a4ea7e 100644
--- a/crypto/zstd.c
+++ b/crypto/zstd.c
@@ -52,13 +52,18 @@ static void *zstd_alloc_stream(void)
ctx->wksp_size = wksp_size;
return ctx;
}
+static void zstd_free_stream(void *ctx)
+{
+ kvfree(ctx);
+}
+
static struct crypto_acomp_streams zstd_streams = {
.alloc_ctx = zstd_alloc_stream,
- .cfree_ctx = kvfree,
+ .free_ctx = zstd_free_stream,
};
static int zstd_init(struct crypto_acomp *acomp_tfm)
{
int ret = 0;
diff --git a/include/crypto/internal/acompress.h b/include/crypto/internal/acompress.h
index ffffd88bbbad3..2d97440028ffd 100644
--- a/include/crypto/internal/acompress.h
+++ b/include/crypto/internal/acompress.h
@@ -61,14 +61,11 @@ struct crypto_acomp_stream {
};
struct crypto_acomp_streams {
/* These must come first because of struct scomp_alg. */
void *(*alloc_ctx)(void);
- union {
- void (*free_ctx)(void *);
- void (*cfree_ctx)(const void *);
- };
+ void (*free_ctx)(void *);
struct crypto_acomp_stream __percpu *streams;
struct work_struct stream_work;
cpumask_t stream_want;
};
base-commit: 181698af38d3f93381229ad89c09b5bd0496661a
--
2.50.1Eric Biggers <ebiggers@kernel.org> wrote:
> To avoid a crash when control flow integrity is enabled, make the
> workspace ("stream") free function use a consistent type, and call it
> through a function pointer that has that same type.
>
> Fixes: 42d9f6c77479 ("crypto: acomp - Move scomp stream allocation code into acomp")
> Cc: stable@vger.kernel.org
> Signed-off-by: Eric Biggers <ebiggers@kernel.org>
> ---
> crypto/deflate.c | 7 ++++++-
> crypto/zstd.c | 7 ++++++-
> include/crypto/internal/acompress.h | 5 +----
> 3 files changed, 13 insertions(+), 6 deletions(-)
Patch applied. Thanks.
--
Email: Herbert Xu <herbert@gondor.apana.org.au>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt
On Tue, Jul 08, 2025 at 05:59:54PM -0700, Eric Biggers wrote:
> To avoid a crash when control flow integrity is enabled, make the
> workspace ("stream") free function use a consistent type, and call it
> through a function pointer that has that same type.
>
> Fixes: 42d9f6c77479 ("crypto: acomp - Move scomp stream allocation code into acomp")
> Cc: stable@vger.kernel.org
> Signed-off-by: Eric Biggers <ebiggers@kernel.org>
> ---
> crypto/deflate.c | 7 ++++++-
> crypto/zstd.c | 7 ++++++-
> include/crypto/internal/acompress.h | 5 +----
> 3 files changed, 13 insertions(+), 6 deletions(-)
>
Reviewed-by: Giovanni Cabiddu <giovanni.cabiddu@intel.com>
Regards,
--
Giovanni
© 2016 - 2025 Red Hat, Inc.