Commit ID got upstream accepted with kernel v5.2-rc3, so will be automatically part of 19.10, when target kernel 5.2 finally lands in eoan. Kernel SRU needed for 19.04 and 18.04.
** Changed in: ubuntu-z-systems Status: New => Triaged -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1832623 Title: [UBUNTU] kernel: Fix gcm-aes-s390 wrong scatter-gather list processing Status in Ubuntu on IBM z Systems: Triaged Status in linux package in Ubuntu: New Bug description: Description: kernel: Fix gcm-aes-s390 wrong scatter-gather list processing Symptom: gcm-aes-s390 wrong en/decryption processing Problem: The current gcm aes s390 implementation does not process scatter-gather input and output lists correct when list entries with sizes not multiples of the blocksize of 16 bytes are used. Result may be wrong calculated encrypted or decrypted data. This can only happen on z14 (this is the only machine which supports aes-gcm in hardware via CPACF). Please note that applications using aes-gcm via the AF_ALG interface are not affected as this API ensures scatter/gather list entries with chunk sizes in multiples of 16 bytes. However, all exploiters of aes-gcm within the kernel may be affected. Solution: Rework of the scatter/gather walk within the aes_s390 kernel module implementation with the goal to support any list entry size. Reproduction: With kernel 5.1 there has been an improvement on the crypto selftests. There are now tests run with fragmented scatter/gather lists. So: 1. You need at least a z14 and kernel >= 5.1. 2. If disabled, enable the crypto self tests. 3. Watch for syslog entries during modprobe of the aes_s390 kernel module. As this module usually gets automatically inserted during system startup you may need to unload the aes_s390 kernel module before re-inserting it. 4. Without the fix something like "kernel: alg: aead: gcm-aes-s390 encryption test failed (wrong result) on test vector 1,..." will show up. With the fix, all selftests will pass and nothing is reported in syslog. Component: kernel Upstream-ID: bef9f0ba300a55d79a69aa172156072182176515 This request is targeted for 19.10, but should also be applied to 18.04 and 19.04 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu-z-systems/+bug/1832623/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp