Re: [PATCH] crypto: x86/sha1 : Fix reads beyond the number of blocks passed

From: Megha Dey <megha.dey@linux.intel.com>
To: Greg KH <gregkh@linuxfoundation.org>
Cc: stable@vger.kernel.org
Subject: Re: [PATCH] crypto: x86/sha1 : Fix reads beyond the number of blocks passed
Date: Thu, 31 Aug 2017 10:35:31 -0700	[thread overview]
Message-ID: <1504200931.29723.9.camel@megha-Z97X-UD7-TH> (raw)
In-Reply-To: <20170831060635.GD7325@kroah.com>

On Thu, 2017-08-31 at 08:06 +0200, Greg KH wrote:
> On Thu, Aug 31, 2017 at 08:03:59AM +0200, Greg KH wrote:
> > On Tue, Aug 29, 2017 at 10:08:31AM -0700, Megha Dey wrote:
> > > On Tue, 2017-08-22 at 17:47 -0700, Greg KH wrote:
> > > > On Tue, Aug 22, 2017 at 05:41:03PM -0700, Megha Dey wrote:
> > > > > It was reported that the sha1 AVX2 function(sha1_transform_avx2) is
> > > > > reading ahead beyond its intended data, and causing a crash if the next
> > > > > block is beyond page boundary:
> > > > > http://marc.info/?l=linux-crypto-vger&m=149373371023377
> > > > > 
> > > > > This patch makes sure that there is no overflow for any buffer length.
> > > > > 
> > > > > It passes the tests written by Jan Stancek that revealed this problem:
> > > > > https://github.com/jstancek/sha1-avx2-crash
> > > > > 
> > > > > This patch fixes reads beyond the number of blocks in the same way it
> > > > > was done in commit 8861249c740fc4af9ddc5aee321eafefb960d7c6
> > > > > ("crypto: x86/sha1 : Fix reads beyond the number of blocks passed").
> > > > 
> > > > So all you really want is that specific commit added to the stable
> > > > kernels?  If so, what kernel tree(s)?
> > > 
> > > Hi Greg,
> > > The commit 8861249c740fc4af9ddc5aee321eafefb960d7c6 present in the
> > > mainline kernel does not apply cleanly to the stable kernel tree. Hence,
> > > I have submitted this patch with some minor changes for the stable tree.
> > > 
> > > I am not sure what you mean by which kernel trees.
> > 
> > There are lots of stable kernel trees being maintained at the moment,
> > see:
> > 	https://www.kernel.org/category/releases.html
> > 
> > I was asking if any of those are applicable for this patch as well.
> 
> Even more confusing, commit 8861249c740fc4af9ddc5aee321eafefb960d7c6 is
> already in the stable kernel releases.  It showed up in 4.4.84, 4.9.45,
> and 4.12.9.  You should have gotten notifications about all of these.
> 
> So I don't really understand what needs to be done here.
> 
> totally confused,
Hi Greg,

Sorry for the confusion. 

I had got an email from you: 
"The patch below does not apply to the 3.18-stable tree.
If someone wants it applied there, or to any other stable or longterm
tree, then please email the backport, including the original git commit
id to <stable@vger.kernel.org>."

This new patch applies cleanly on the 3.18 stable kernel unlike commit
8861249. So to answer your question, this patch needs to be added to the
3.18 stable kernel. 

-Megha
> 
> greg k-h