Patch Detail
get:
Show a patch.
patch:
Update a patch.
put:
Update a patch.
GET /api/patches/2231259/?format=api
{ "id": 2231259, "url": "http://patchwork.ozlabs.org/api/patches/2231259/?format=api", "web_url": "http://patchwork.ozlabs.org/project/ubuntu-kernel/patch/c12f3ec23511933ca93c008a6c2c8f47af20b66a.1777550836.git.massimiliano.pellizzer@canonical.com/", "project": { "id": 15, "url": "http://patchwork.ozlabs.org/api/projects/15/?format=api", "name": "Ubuntu Kernel", "link_name": "ubuntu-kernel", "list_id": "kernel-team.lists.ubuntu.com", "list_email": "kernel-team@lists.ubuntu.com", "web_url": null, "scm_url": null, "webscm_url": null, "list_archive_url": "", "list_archive_url_format": "", "commit_url_format": "" }, "msgid": "<c12f3ec23511933ca93c008a6c2c8f47af20b66a.1777550836.git.massimiliano.pellizzer@canonical.com>", "list_archive_url": null, "date": "2026-04-30T12:30:25", "name": "[SRU,N,6/8] crypto: authencesn - Do not place hiseq at end of dst for out-of-place decryption", "commit_ref": null, "pull_url": null, "state": "new", "archived": false, "hash": "c4c03c697c00b4effa3b90aac8d78ccc077ac248", "submitter": { "id": 89057, "url": "http://patchwork.ozlabs.org/api/people/89057/?format=api", "name": "Massimiliano Pellizzer", "email": "massimiliano.pellizzer@canonical.com" }, "delegate": null, "mbox": "http://patchwork.ozlabs.org/project/ubuntu-kernel/patch/c12f3ec23511933ca93c008a6c2c8f47af20b66a.1777550836.git.massimiliano.pellizzer@canonical.com/mbox/", "series": [ { "id": 502299, "url": "http://patchwork.ozlabs.org/api/series/502299/?format=api", "web_url": "http://patchwork.ozlabs.org/project/ubuntu-kernel/list/?series=502299", "date": "2026-04-30T12:30:20", "name": "CVE-2026-31431", "version": 1, "mbox": "http://patchwork.ozlabs.org/series/502299/mbox/" } ], "comments": "http://patchwork.ozlabs.org/api/patches/2231259/comments/", "check": "pending", "checks": "http://patchwork.ozlabs.org/api/patches/2231259/checks/", "tags": {}, "related": [], "headers": { "Return-Path": "<kernel-team-bounces@lists.ubuntu.com>", "X-Original-To": "incoming@patchwork.ozlabs.org", "Delivered-To": "patchwork-incoming@legolas.ozlabs.org", "Authentication-Results": [ "legolas.ozlabs.org;\n\tdkim=fail reason=\"signature verification failed\" (4096-bit key;\n unprotected) header.d=canonical.com header.i=@canonical.com\n header.a=rsa-sha256 header.s=20251003 header.b=byErhLw5;\n\tdkim-atps=neutral", "legolas.ozlabs.org;\n spf=pass (sender SPF authorized) smtp.mailfrom=lists.ubuntu.com\n (client-ip=185.125.189.65; helo=lists.ubuntu.com;\n envelope-from=kernel-team-bounces@lists.ubuntu.com;\n receiver=patchwork.ozlabs.org)" ], "Received": [ "from lists.ubuntu.com (lists.ubuntu.com [185.125.189.65])\n\t(using TLSv1.2 with cipher ECDHE-ECDSA-AES256-GCM-SHA384 (256/256 bits))\n\t(No client certificate requested)\n\tby legolas.ozlabs.org (Postfix) with ESMTPS id 4g5tp62cwvz23h6\n\tfor <incoming@patchwork.ozlabs.org>; Thu, 30 Apr 2026 22:31:39 +1000 (AEST)", "from localhost ([127.0.0.1] helo=lists.ubuntu.com)\n\tby lists.ubuntu.com with esmtp (Exim 4.86_2)\n\t(envelope-from <kernel-team-bounces@lists.ubuntu.com>)\n\tid 1wIQYF-0004nX-Kg; Thu, 30 Apr 2026 12:31:31 +0000", "from smtp-relay-internal-1.internal ([10.131.114.114]\n helo=smtp-relay-internal-1.canonical.com)\n by lists.ubuntu.com with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128)\n (Exim 4.86_2) (envelope-from <massimiliano.pellizzer@canonical.com>)\n id 1wIQYC-0004dx-Qg\n for kernel-team@lists.ubuntu.com; Thu, 30 Apr 2026 12:31:28 +0000", "from mail-wm1-f69.google.com (mail-wm1-f69.google.com\n [209.85.128.69])\n (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)\n key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest\n SHA256)\n (No client certificate requested)\n by smtp-relay-internal-1.canonical.com (Postfix) with ESMTPS id 8FFE73F9CC\n for <kernel-team@lists.ubuntu.com>; Thu, 30 Apr 2026 12:31:28 +0000 (UTC)", "by mail-wm1-f69.google.com with SMTP id\n 5b1f17b1804b1-48a548b585cso5550555e9.2\n for <kernel-team@lists.ubuntu.com>; Thu, 30 Apr 2026 05:31:28 -0700 (PDT)", "from tuxedo-infinitybook.ts.net\n (net-93-71-66-38.cust.vodafonedsl.it. [93.71.66.38])\n by smtp.gmail.com with ESMTPSA id\n 5b1f17b1804b1-48a81ed6bafsm103695005e9.2.2026.04.30.05.31.26\n for <kernel-team@lists.ubuntu.com>\n (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);\n Thu, 30 Apr 2026 05:31:26 -0700 (PDT)" ], "DKIM-Signature": "v=1; a=rsa-sha256; c=relaxed/relaxed; d=canonical.com;\n s=20251003; t=1777552288;\n bh=1rdjmEgePE1QOmVw7gwoM5e2s07Hse6lOgwfjG9Eh+c=;\n h=From:To:Subject:Date:Message-ID:In-Reply-To:References:\n MIME-Version;\n b=byErhLw5SfBjoUMG1/7Qe3qhsiioVpPu1uKrzB3M2sYp9dfh/kTw/xXMwlqqY9XqR\n 7YmC9qdgCvhBR2I/3EO0kYjcIvb20R2ZREqqoEPjqAfz5MXBKcQN2aQtIR3Dkc3C9l\n YjKbRqTgNyoDf9HQB+1i+nx+0cKH3FABlweyvh4Ia7qbrsTRnxpZGjaurKq9bVF8a7\n DwF88ZVzg/6nbLYN4841dklKxck4ZjFHwbw0vFHPN8g8YJDW8lKPI0hfZ5U/6ppMC4\n vEW05ayiCh90IFKZGS/IVtg7HptF0axHGVp6O9jC3o5SKDVVtEBnIjiz7spxzf1KJz\n J84MXG3ePzM4po5AcZw2kFyvGNQr2Eg3Z4vrOfd/e4NmJdVYnWFxO8vDJZQDp/L0iS\n 7qOWIXP3lKYdPPfwInOIM1XdqZ+6XVzezHl6ic0SlmNJc8F0oDeEgsDG+/T/ag3MPh\n hx0Omq0go7WNUA/KlzXP4JWvwnL1FRa+nJRnB24Nqj1ADuyxN2CyuGH9axsH2Z+uWl\n kp5S2W+9i0kJ6qgS/cvSdkOHdIV0pRiCGaYrn4Ck5NUXolQbI7BYP/GaLaFNYHxx1b\n rAX3ZK/sMIvbpjDRd2ulT/M/5fsrLxieNVUJHlSuZ+UJMq00i+JyxJQK+w9YvWKSJA\n Z1528zfLTplwFCu1iNKA+MDE=", "X-Google-DKIM-Signature": "v=1; a=rsa-sha256; c=relaxed/relaxed;\n d=1e100.net; s=20251104; t=1777552288; x=1778157088;\n h=content-transfer-encoding:mime-version:references:in-reply-to\n :message-id:date:subject:to:from:x-gm-gg:x-gm-message-state:from:to\n :cc:subject:date:message-id:reply-to;\n bh=1rdjmEgePE1QOmVw7gwoM5e2s07Hse6lOgwfjG9Eh+c=;\n b=la71PPSIFSjAPqE+OM+gsY8DoWNNe0Cgy+d/upzdvNJBAKwYUbU+yplXJVRqcq0gL4\n 7gjR9Yv+qfUkFR69H2V/FfEfHEXVogcVQkBRcu9TAbw+dttiHqIvJL+lmpGzIhxckCNQ\n WmCHrKXo9wdWojn7UoBMG5y5R1VqHvK2E08dhqHsiyPjvtFoapPheLcoICYmuqxWavlQ\n jKWV9UFilNrgxchx7RR1VXekeJDYH7n8WhnOcQ5IeXH6ohBYAdKlbpAAxo8MD69I4K6K\n FK3B5Xchz1uSacB/kOxIF4g9tEGUtB5uUZCL9SlI/ORRcnvzgIMgEzzsJmmtd77twQaJ\n 6L9w==", "X-Gm-Message-State": "AOJu0Yw676cbqkvCirfq2RaFsmY6l/LhUmfWdTnakNv3fZPXm56IVikV\n 3JTWds8Zriu9PJWZbq6v8YWHNVZt+IXY9/ymNDIhwVw7FJaNGuey3AemLxvVehA9L6GFGxfd80N\n LmTruOS+CGfG9fm00YUsi7MNQs60WWDrAymaBrDF9VXPaVoJ/e147OctXsjSldauLBB4KwJ1nCz\n sDuO7qaIWYFrtXlw==", "X-Gm-Gg": "AeBDiesvlDJ4Yu+ydfBJjdxQ/KD5QZe3GaFnYouQNVwZ9wrSEl6AikZMMBP8jSisZtC\n RpqIG6Xq66TCaTUIb1ubt2WcIBZBcZFoSw6Mc2Jr1ley9qOrwbg4PIYZLcFBKDybH+aPNE3pAx+\n dumclSIPNQo3rnX1ynec4Jm0PWWKxg2v9L+6XyBFIc+vneuQ1qcHTCtO2ZKWPstExxFyAR5COzl\n gPzOnndxaco2753WSh9l3vAYtw/lZyHxIN07ORjM43k6va5kJHEV/ziHRb0QoB6FDs5la8hvzwV\n IZv40pgvLTaxCcTaPFsJkYIe88r4A/WPcNTpxmOaEy/RdQi0kGvGBoZDzGg9wdvfEfrEjyCpXys\n 6M0asWo+NA1U5srgZo65y9iDANezN79OT4VBnRHnK2UQbFNmyxe1rjHSWR8R/at4La3AQrGOaRk\n gzRdKQOqUao8YninXnZnpKmYa1rZMOsoo2BpImea8D5v+a4XFjwl7aj9xjV87ttIkBQt/MysYs4\n dSfXwRM2p+atM9VqTG4xH0=", "X-Received": [ "by 2002:a05:600c:3e8d:b0:48a:53ea:140b with SMTP id\n 5b1f17b1804b1-48a844a4728mr46264285e9.28.1777552287631;\n Thu, 30 Apr 2026 05:31:27 -0700 (PDT)", "by 2002:a05:600c:3e8d:b0:48a:53ea:140b with SMTP id\n 5b1f17b1804b1-48a844a4728mr46263695e9.28.1777552287103;\n Thu, 30 Apr 2026 05:31:27 -0700 (PDT)" ], "From": "Massimiliano Pellizzer <massimiliano.pellizzer@canonical.com>", "To": "kernel-team@lists.ubuntu.com", "Subject": "[SRU][N][PATCH 6/8] crypto: authencesn - Do not place hiseq at end of\n dst for out-of-place decryption", "Date": "Thu, 30 Apr 2026 14:30:25 +0200", "Message-ID": "\n <c12f3ec23511933ca93c008a6c2c8f47af20b66a.1777550836.git.massimiliano.pellizzer@canonical.com>", "X-Mailer": "git-send-email 2.53.0", "In-Reply-To": "<cover.1777550836.git.massimiliano.pellizzer@canonical.com>", "References": "\n <177754965576.503496.12142658280614619991@tuxedo-infinitybook.public>\n <cover.1777550836.git.massimiliano.pellizzer@canonical.com>", "MIME-Version": "1.0", "X-BeenThere": "kernel-team@lists.ubuntu.com", "X-Mailman-Version": "2.1.20", "Precedence": "list", "List-Id": "Kernel team discussions <kernel-team.lists.ubuntu.com>", "List-Unsubscribe": "<https://lists.ubuntu.com/mailman/options/kernel-team>,\n <mailto:kernel-team-request@lists.ubuntu.com?subject=unsubscribe>", "List-Archive": "<https://lists.ubuntu.com/archives/kernel-team>", "List-Post": "<mailto:kernel-team@lists.ubuntu.com>", "List-Help": "<mailto:kernel-team-request@lists.ubuntu.com?subject=help>", "List-Subscribe": "<https://lists.ubuntu.com/mailman/listinfo/kernel-team>,\n <mailto:kernel-team-request@lists.ubuntu.com?subject=subscribe>", "Content-Type": "text/plain; charset=\"utf-8\"", "Content-Transfer-Encoding": "base64", "Errors-To": "kernel-team-bounces@lists.ubuntu.com", "Sender": "\"kernel-team\" <kernel-team-bounces@lists.ubuntu.com>" }, "content": "From: Herbert Xu <herbert@gondor.apana.org.au>\n\ncommit e02494114ebf7c8b42777c6cd6982f113bfdbec7 upstream.\n\nWhen decrypting data that is not in-place (src != dst), there is\nno need to save the high-order sequence bits in dst as it could\nsimply be re-copied from the source.\n\nHowever, the data to be hashed need to be rearranged accordingly.\n\nReported-by: Taeyang Lee <0wn@theori.io>\nFixes: 104880a6b470 (\"crypto: authencesn - Convert to new AEAD interface\")\nSigned-off-by: Herbert Xu <herbert@gondor.apana.org.au>\nSigned-off-by: Eric Biggers <ebiggers@kernel.org>\nSigned-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>\n(cherry picked from commit 89fe118b6470119b20c04afc36e45b81a69ea11f linux-6.12.y)\nCVE-2026-31431\nSigned-off-by: Massimiliano Pellizzer <massimiliano.pellizzer@canonical.com>\n---\n crypto/authencesn.c | 48 +++++++++++++++++++++++++++------------------\n 1 file changed, 29 insertions(+), 19 deletions(-)", "diff": "diff --git a/crypto/authencesn.c b/crypto/authencesn.c\nindex a5fbb638d9d7..257af38ac4de 100644\n--- a/crypto/authencesn.c\n+++ b/crypto/authencesn.c\n@@ -207,6 +207,7 @@ static int crypto_authenc_esn_decrypt_tail(struct aead_request *req,\n \tu8 *ohash = areq_ctx->tail;\n \tunsigned int cryptlen = req->cryptlen - authsize;\n \tunsigned int assoclen = req->assoclen;\n+\tstruct scatterlist *src = req->src;\n \tstruct scatterlist *dst = req->dst;\n \tu8 *ihash = ohash + crypto_ahash_digestsize(auth);\n \tu32 tmp[2];\n@@ -214,23 +215,27 @@ static int crypto_authenc_esn_decrypt_tail(struct aead_request *req,\n \tif (!authsize)\n \t\tgoto decrypt;\n \n-\t/* Move high-order bits of sequence number back. */\n-\tscatterwalk_map_and_copy(tmp, dst, 4, 4, 0);\n-\tscatterwalk_map_and_copy(tmp + 1, dst, assoclen + cryptlen, 4, 0);\n-\tscatterwalk_map_and_copy(tmp, dst, 0, 8, 1);\n+\tif (src == dst) {\n+\t\t/* Move high-order bits of sequence number back. */\n+\t\tscatterwalk_map_and_copy(tmp, dst, 4, 4, 0);\n+\t\tscatterwalk_map_and_copy(tmp + 1, dst, assoclen + cryptlen, 4, 0);\n+\t\tscatterwalk_map_and_copy(tmp, dst, 0, 8, 1);\n+\t} else\n+\t\tmemcpy_sglist(dst, src, assoclen);\n \n \tif (crypto_memneq(ihash, ohash, authsize))\n \t\treturn -EBADMSG;\n \n decrypt:\n \n-\tsg_init_table(areq_ctx->dst, 2);\n+\tif (src != dst)\n+\t\tsrc = scatterwalk_ffwd(areq_ctx->src, src, assoclen);\n \tdst = scatterwalk_ffwd(areq_ctx->dst, dst, assoclen);\n \n \tskcipher_request_set_tfm(skreq, ctx->enc);\n \tskcipher_request_set_callback(skreq, flags,\n \t\t\t\t req->base.complete, req->base.data);\n-\tskcipher_request_set_crypt(skreq, dst, dst, cryptlen, req->iv);\n+\tskcipher_request_set_crypt(skreq, src, dst, cryptlen, req->iv);\n \n \treturn crypto_skcipher_decrypt(skreq);\n }\n@@ -255,6 +260,7 @@ static int crypto_authenc_esn_decrypt(struct aead_request *req)\n \tunsigned int assoclen = req->assoclen;\n \tunsigned int cryptlen = req->cryptlen;\n \tu8 *ihash = ohash + crypto_ahash_digestsize(auth);\n+\tstruct scatterlist *src = req->src;\n \tstruct scatterlist *dst = req->dst;\n \tu32 tmp[2];\n \tint err;\n@@ -262,24 +268,28 @@ static int crypto_authenc_esn_decrypt(struct aead_request *req)\n \tif (assoclen < 8)\n \t\treturn -EINVAL;\n \n-\tcryptlen -= authsize;\n-\n-\tif (req->src != dst)\n-\t\tmemcpy_sglist(dst, req->src, assoclen + cryptlen);\n+\tif (!authsize)\n+\t\tgoto tail;\n \n+\tcryptlen -= authsize;\n \tscatterwalk_map_and_copy(ihash, req->src, assoclen + cryptlen,\n \t\t\t\t authsize, 0);\n \n-\tif (!authsize)\n-\t\tgoto tail;\n-\n \t/* Move high-order bits of sequence number to the end. */\n-\tscatterwalk_map_and_copy(tmp, dst, 0, 8, 0);\n-\tscatterwalk_map_and_copy(tmp, dst, 4, 4, 1);\n-\tscatterwalk_map_and_copy(tmp + 1, dst, assoclen + cryptlen, 4, 1);\n-\n-\tsg_init_table(areq_ctx->dst, 2);\n-\tdst = scatterwalk_ffwd(areq_ctx->dst, dst, 4);\n+\tscatterwalk_map_and_copy(tmp, src, 0, 8, 0);\n+\tif (src == dst) {\n+\t\tscatterwalk_map_and_copy(tmp, dst, 4, 4, 1);\n+\t\tscatterwalk_map_and_copy(tmp + 1, dst, assoclen + cryptlen, 4, 1);\n+\t\tdst = scatterwalk_ffwd(areq_ctx->dst, dst, 4);\n+\t} else {\n+\t\tscatterwalk_map_and_copy(tmp, dst, 0, 4, 1);\n+\t\tscatterwalk_map_and_copy(tmp + 1, dst, assoclen + cryptlen - 4, 4, 1);\n+\n+\t\tsrc = scatterwalk_ffwd(areq_ctx->src, src, 8);\n+\t\tdst = scatterwalk_ffwd(areq_ctx->dst, dst, 4);\n+\t\tmemcpy_sglist(dst, src, assoclen + cryptlen - 8);\n+\t\tdst = req->dst;\n+\t}\n \n \tahash_request_set_tfm(ahreq, auth);\n \tahash_request_set_crypt(ahreq, dst, ohash, assoclen + cryptlen);\n", "prefixes": [ "SRU", "N", "6/8" ] }