| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Tue, 6 May 2014 15:42:17 -0700 From: "gregkh@...uxfoundation.org" <gregkh@...uxfoundation.org> To: Ard Biesheuvel <ard.biesheuvel@...aro.org> Cc: Herbert Xu <herbert@...dor.apana.org.au>, "linux-crypto@...r.kernel.org" <linux-crypto@...r.kernel.org>, "linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org> Subject: Re: Fwd: [crypto:master 60/60] arch/x86/crypto/ghash-clmulni-intel_glue.c:71:25: sparse: cast to restricted __be64 On Fri, Apr 11, 2014 at 09:48:42PM +0200, Ard Biesheuvel wrote: > On 11 April 2014 18:03, gregkh@...uxfoundation.org > <gregkh@...uxfoundation.org> wrote: > > On Fri, Apr 04, 2014 at 10:11:19AM +0200, Ard Biesheuvel wrote: > >> Greg, > >> > >> This pertains to commit 8ceee72808d1 (crypto: ghash-clmulni-intel - > >> use C implementation for setkey()) that has been pulled by Linus > >> during the current merge window. > >> > >> It is missing two things: > >> - a cc to stable annotation > >> - a fix for the sparse warning below (change cast from __be64 to __force __be64) > >> > >> The reason for cc'ing stable on this patch is that it fixes a > >> potential data corruption issue where the ghash setkey() method uses > >> SSE registers without calling kernel_fpu_begin() first. This issue was > >> introduced by 0e1227d356e9b (crypto: ghash - Add PCLMULQDQ accelerated > >> implementation). > >> > >> So how would you like to proceed with this? Should I propose a new > >> patch somewhere? > > > > No problem, I'll apply this as-is. But it doesn't apply to the > > 3.4-stable tree cleanly, can you send me a backported version if it's > > still needed there as well? > > > > Yes, the code was broken from the start. 3.4 version is attached, the > only difference is the missing ENDPROC() at the end of the asm file. Now applied, thanks. > In the mean time, Herbert has submitted a fix for the sparse warning, > but we settled on a different fix than I had suggested before. > https://git.kernel.org/cgit/linux/kernel/git/herbert/cryptodev-2.6.git/commit/?id=0ea481466d1c > > Note that this code has not been tested (not by me, at least), so I > wouldn't suggest you take it straight away, but if you care about the > sparse warning, we could add a cc stable to it as well, I suppose. If it's a real bugfix that people can hit, then yse, I'll take it. Just let me know when it hits Linus's tree. greg k-h -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists