[Kernel-packages] [Bug 1832623] Re: [UBUNTU] kernel: Fix gcm-aes-s390 wrong scatter-gather list processing

Sun, 16 Jun 2019 23:16:57 -0700 

Commit ID got upstream accepted with kernel v5.2-rc3, so will be automatically 
part of 19.10, when target kernel 5.2 finally lands in eoan.
Kernel SRU needed for 19.04 and 18.04.

** Changed in: ubuntu-z-systems
       Status: New => Triaged

-- 
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1832623

Title:
  [UBUNTU] kernel: Fix gcm-aes-s390 wrong scatter-gather list processing

Status in Ubuntu on IBM z Systems:
  Triaged
Status in linux package in Ubuntu:
  New

Bug description:
  Description:   kernel: Fix gcm-aes-s390 wrong scatter-gather list processing
  Symptom:       gcm-aes-s390 wrong en/decryption processing
  Problem:       The current gcm aes s390 implementation does not process
                 scatter-gather input and output lists correct when list
                 entries with sizes not multiples of the blocksize of 16
                 bytes are used. Result may be wrong calculated encrypted
                 or decrypted data.
                 This can only happen on z14 (this is the only machine
                 which supports aes-gcm in hardware via CPACF). Please note
                 that applications using aes-gcm via the AF_ALG interface are
                 not affected as this API ensures scatter/gather list entries
                 with chunk sizes in multiples of 16 bytes. However, all
                 exploiters of aes-gcm within the kernel may be affected.
  Solution:      Rework of the scatter/gather walk within the aes_s390 kernel
                 module implementation with the goal to support any list
                 entry size.
  Reproduction:  With kernel 5.1 there has been an improvement on the crypto
                 selftests. There are now tests run with fragmented
                 scatter/gather lists. So:
                 1. You need at least a z14 and kernel >= 5.1.
                 2. If disabled, enable the crypto self tests.
                 3. Watch for syslog entries during modprobe of the aes_s390
                    kernel module. As this module usually gets automatically
                    inserted during system startup you may need to unload the
                    aes_s390 kernel module before re-inserting it.
                 4. Without the fix something like
                    "kernel: alg: aead: gcm-aes-s390 encryption test failed
                        (wrong result) on test vector 1,..."
                    will show up. With the fix, all selftests will pass and
                    nothing is reported in syslog.

  Component: kernel
  Upstream-ID:   bef9f0ba300a55d79a69aa172156072182176515

  This request is targeted for 19.10, but should also be applied to
  18.04 and 19.04

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu-z-systems/+bug/1832623/+subscriptions

-- 
Mailing list: https://launchpad.net/~kernel-packages
Post to     : kernel-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~kernel-packages
More help   : https://help.launchpad.net/ListHelp

Reply via email to