| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <CAKv+Gu_LwiU-WvXeJjOSPJh53g+nKz9x-ZtUP3E02d8UEEyshw@mail.gmail.com> Date: Wed, 7 May 2014 08:49:59 +0200 From: Ard Biesheuvel <ard.biesheuvel@...aro.org> To: "gregkh@...uxfoundation.org" <gregkh@...uxfoundation.org> Cc: Herbert Xu <herbert@...dor.apana.org.au>, "linux-crypto@...r.kernel.org" <linux-crypto@...r.kernel.org>, "linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org> Subject: Re: Fwd: [crypto:master 60/60] arch/x86/crypto/ghash-clmulni-intel_glue.c:71:25: sparse: cast to restricted __be64 On 7 May 2014 00:42, gregkh@...uxfoundation.org <gregkh@...uxfoundation.org> wrote: > On Fri, Apr 11, 2014 at 09:48:42PM +0200, Ard Biesheuvel wrote: >> On 11 April 2014 18:03, gregkh@...uxfoundation.org >> <gregkh@...uxfoundation.org> wrote: >> > On Fri, Apr 04, 2014 at 10:11:19AM +0200, Ard Biesheuvel wrote: >> >> Greg, >> >> >> >> This pertains to commit 8ceee72808d1 (crypto: ghash-clmulni-intel - >> >> use C implementation for setkey()) that has been pulled by Linus >> >> during the current merge window. >> >> >> >> It is missing two things: >> >> - a cc to stable annotation >> >> - a fix for the sparse warning below (change cast from __be64 to __force __be64) >> >> >> >> The reason for cc'ing stable on this patch is that it fixes a >> >> potential data corruption issue where the ghash setkey() method uses >> >> SSE registers without calling kernel_fpu_begin() first. This issue was >> >> introduced by 0e1227d356e9b (crypto: ghash - Add PCLMULQDQ accelerated >> >> implementation). >> >> >> >> So how would you like to proceed with this? Should I propose a new >> >> patch somewhere? >> > >> > No problem, I'll apply this as-is. But it doesn't apply to the >> > 3.4-stable tree cleanly, can you send me a backported version if it's >> > still needed there as well? >> > >> >> Yes, the code was broken from the start. 3.4 version is attached, the >> only difference is the missing ENDPROC() at the end of the asm file. > > Now applied, thanks. > >> In the mean time, Herbert has submitted a fix for the sparse warning, >> but we settled on a different fix than I had suggested before. >> https://git.kernel.org/cgit/linux/kernel/git/herbert/cryptodev-2.6.git/commit/?id=0ea481466d1c >> >> Note that this code has not been tested (not by me, at least), so I >> wouldn't suggest you take it straight away, but if you care about the >> sparse warning, we could add a cc stable to it as well, I suppose. > > If it's a real bugfix that people can hit, then yse, I'll take it. Just > let me know when it hits Linus's tree. > Hardly. The only thing it fixes is a diagnostic related to the use of be128 where u128 is more appropriate, only this time, it changes the type throughout the file rather than using a __force cast when accessing the variable, as I did in my original fix. -- Ard. -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists