From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mail.linuxfoundation.org ([140.211.169.12]:36312 "EHLO mail.linuxfoundation.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1752279AbdIRGmu (ORCPT ); Mon, 18 Sep 2017 02:42:50 -0400 Date: Mon, 18 Sep 2017 08:42:58 +0200 From: Greg KH To: Megha Dey Cc: stable@vger.kernel.org Subject: Re: [PATCH] crypto: x86/sha1 : Fix reads beyond the number of blocks passed Message-ID: <20170918064258.GB20041@kroah.com> References: <1503448863-30149-1-git-send-email-megha.dey@linux.intel.com> <20170823004743.GA7033@kroah.com> <1504026511.29723.5.camel@megha-Z97X-UD7-TH> <20170831060359.GC7325@kroah.com> <20170831060635.GD7325@kroah.com> <1504200931.29723.9.camel@megha-Z97X-UD7-TH> <20170904093424.GA14508@kroah.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20170904093424.GA14508@kroah.com> Sender: stable-owner@vger.kernel.org List-ID: On Mon, Sep 04, 2017 at 11:34:24AM +0200, Greg KH wrote: > On Thu, Aug 31, 2017 at 10:35:31AM -0700, Megha Dey wrote: > > On Thu, 2017-08-31 at 08:06 +0200, Greg KH wrote: > > > On Thu, Aug 31, 2017 at 08:03:59AM +0200, Greg KH wrote: > > > > On Tue, Aug 29, 2017 at 10:08:31AM -0700, Megha Dey wrote: > > > > > On Tue, 2017-08-22 at 17:47 -0700, Greg KH wrote: > > > > > > On Tue, Aug 22, 2017 at 05:41:03PM -0700, Megha Dey wrote: > > > > > > > It was reported that the sha1 AVX2 function(sha1_transform_avx2) is > > > > > > > reading ahead beyond its intended data, and causing a crash if the next > > > > > > > block is beyond page boundary: > > > > > > > http://marc.info/?l=linux-crypto-vger&m=149373371023377 > > > > > > > > > > > > > > This patch makes sure that there is no overflow for any buffer length. > > > > > > > > > > > > > > It passes the tests written by Jan Stancek that revealed this problem: > > > > > > > https://github.com/jstancek/sha1-avx2-crash > > > > > > > > > > > > > > This patch fixes reads beyond the number of blocks in the same way it > > > > > > > was done in commit 8861249c740fc4af9ddc5aee321eafefb960d7c6 > > > > > > > ("crypto: x86/sha1 : Fix reads beyond the number of blocks passed"). > > > > > > > > > > > > So all you really want is that specific commit added to the stable > > > > > > kernels? If so, what kernel tree(s)? > > > > > > > > > > Hi Greg, > > > > > The commit 8861249c740fc4af9ddc5aee321eafefb960d7c6 present in the > > > > > mainline kernel does not apply cleanly to the stable kernel tree. Hence, > > > > > I have submitted this patch with some minor changes for the stable tree. > > > > > > > > > > I am not sure what you mean by which kernel trees. > > > > > > > > There are lots of stable kernel trees being maintained at the moment, > > > > see: > > > > https://www.kernel.org/category/releases.html > > > > > > > > I was asking if any of those are applicable for this patch as well. > > > > > > Even more confusing, commit 8861249c740fc4af9ddc5aee321eafefb960d7c6 is > > > already in the stable kernel releases. It showed up in 4.4.84, 4.9.45, > > > and 4.12.9. You should have gotten notifications about all of these. > > > > > > So I don't really understand what needs to be done here. > > > > > > totally confused, > > Hi Greg, > > > > Sorry for the confusion. > > > > I had got an email from you: > > "The patch below does not apply to the 3.18-stable tree. > > If someone wants it applied there, or to any other stable or longterm > > tree, then please email the backport, including the original git commit > > id to ." > > > > This new patch applies cleanly on the 3.18 stable kernel unlike commit > > 8861249. So to answer your question, this patch needs to be added to the > > 3.18 stable kernel. > > Ok, but commit 8861249 modifies a lot of files, while your "backport" > does not do that at all. > > Again, I still do not know what is going on here, or what exactly you > want. How about a backport of the original patch, to the 3.18-stable > kernel tree, that is what I think is needed, correct? Dropping this email thread from my "todo" stable queue due to a lack of response, if you still want this applied, please fix up and make it obvious what I need to do here. thanks, greg k-h