Patch Detail
get:
Show a patch.
patch:
Update a patch.
put:
Update a patch.
GET /api/patches/2231268/?format=api
{ "id": 2231268, "url": "http://patchwork.ozlabs.org/api/patches/2231268/?format=api", "web_url": "http://patchwork.ozlabs.org/project/ubuntu-kernel/patch/be411f8bd28434fa0eab9d8383cf659439ea197c.1777552173.git.massimiliano.pellizzer@canonical.com/", "project": { "id": 15, "url": "http://patchwork.ozlabs.org/api/projects/15/?format=api", "name": "Ubuntu Kernel", "link_name": "ubuntu-kernel", "list_id": "kernel-team.lists.ubuntu.com", "list_email": "kernel-team@lists.ubuntu.com", "web_url": null, "scm_url": null, "webscm_url": null, "list_archive_url": "", "list_archive_url_format": "", "commit_url_format": "" }, "msgid": "<be411f8bd28434fa0eab9d8383cf659439ea197c.1777552173.git.massimiliano.pellizzer@canonical.com>", "list_archive_url": null, "date": "2026-04-30T12:30:33", "name": "[SRU,J,5/9] crypto: authenc - use memcpy_sglist() instead of null skcipher", "commit_ref": null, "pull_url": null, "state": "new", "archived": false, "hash": "b841f4dedb9365aba97b467c0c6dfc37d76420e0", "submitter": { "id": 89057, "url": "http://patchwork.ozlabs.org/api/people/89057/?format=api", "name": "Massimiliano Pellizzer", "email": "massimiliano.pellizzer@canonical.com" }, "delegate": null, "mbox": "http://patchwork.ozlabs.org/project/ubuntu-kernel/patch/be411f8bd28434fa0eab9d8383cf659439ea197c.1777552173.git.massimiliano.pellizzer@canonical.com/mbox/", "series": [ { "id": 502300, "url": "http://patchwork.ozlabs.org/api/series/502300/?format=api", "web_url": "http://patchwork.ozlabs.org/project/ubuntu-kernel/list/?series=502300", "date": "2026-04-30T12:30:28", "name": "CVE-2026-31431", "version": 1, "mbox": "http://patchwork.ozlabs.org/series/502300/mbox/" } ], "comments": "http://patchwork.ozlabs.org/api/patches/2231268/comments/", "check": "pending", "checks": "http://patchwork.ozlabs.org/api/patches/2231268/checks/", "tags": {}, "related": [], "headers": { "Return-Path": "<kernel-team-bounces@lists.ubuntu.com>", "X-Original-To": "incoming@patchwork.ozlabs.org", "Delivered-To": "patchwork-incoming@legolas.ozlabs.org", "Authentication-Results": [ "legolas.ozlabs.org;\n\tdkim=fail reason=\"signature verification failed\" (4096-bit key;\n unprotected) header.d=canonical.com header.i=@canonical.com\n header.a=rsa-sha256 header.s=20251003 header.b=pODplTAG;\n\tdkim-atps=neutral", "legolas.ozlabs.org;\n spf=pass (sender SPF authorized) smtp.mailfrom=lists.ubuntu.com\n (client-ip=185.125.189.65; helo=lists.ubuntu.com;\n envelope-from=kernel-team-bounces@lists.ubuntu.com;\n receiver=patchwork.ozlabs.org)" ], "Received": [ "from lists.ubuntu.com (lists.ubuntu.com [185.125.189.65])\n\t(using TLSv1.2 with cipher ECDHE-ECDSA-AES256-GCM-SHA384 (256/256 bits))\n\t(No client certificate requested)\n\tby legolas.ozlabs.org (Postfix) with ESMTPS id 4g5tpW0XRBz1yGq\n\tfor <incoming@patchwork.ozlabs.org>; Thu, 30 Apr 2026 22:32:03 +1000 (AEST)", "from localhost ([127.0.0.1] helo=lists.ubuntu.com)\n\tby lists.ubuntu.com with esmtp (Exim 4.86_2)\n\t(envelope-from <kernel-team-bounces@lists.ubuntu.com>)\n\tid 1wIQYc-0006ED-9r; Thu, 30 Apr 2026 12:31:54 +0000", "from smtp-relay-internal-1.internal ([10.131.114.114]\n helo=smtp-relay-internal-1.canonical.com)\n by lists.ubuntu.com with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128)\n (Exim 4.86_2) (envelope-from <massimiliano.pellizzer@canonical.com>)\n id 1wIQYL-00057F-52\n for kernel-team@lists.ubuntu.com; Thu, 30 Apr 2026 12:31:37 +0000", "from mail-wm1-f71.google.com (mail-wm1-f71.google.com\n [209.85.128.71])\n (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)\n key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest\n SHA256)\n (No client certificate requested)\n by smtp-relay-internal-1.canonical.com (Postfix) with ESMTPS id 4C3CA3F9CB\n for <kernel-team@lists.ubuntu.com>; Thu, 30 Apr 2026 12:31:36 +0000 (UTC)", "by mail-wm1-f71.google.com with SMTP id\n 5b1f17b1804b1-488bd1ee9e7so10024215e9.1\n for <kernel-team@lists.ubuntu.com>; Thu, 30 Apr 2026 05:31:36 -0700 (PDT)", "from tuxedo-infinitybook.ts.net\n (net-93-71-66-38.cust.vodafonedsl.it. [93.71.66.38])\n by smtp.gmail.com with ESMTPSA id\n 5b1f17b1804b1-48a81ed6bafsm103695005e9.2.2026.04.30.05.31.33\n for <kernel-team@lists.ubuntu.com>\n (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);\n Thu, 30 Apr 2026 05:31:34 -0700 (PDT)" ], "DKIM-Signature": "v=1; a=rsa-sha256; c=relaxed/relaxed; d=canonical.com;\n s=20251003; t=1777552296;\n bh=e19DymqV+cZHrndhsmaLiiqE+kJH7qBP6OdpT3k85O8=;\n h=From:To:Subject:Date:Message-ID:In-Reply-To:References:\n MIME-Version;\n b=pODplTAGVajff6eAXv50tCLB3NFpXBFiYzOmGSP2ArDnR2yBA/xtqs543Oqgz0Hg4\n WK/Ppe4e5ecKdEJmoAmiZ92nwNqwiYObIDWGCa+aumyK9VCH91Bydjn6+H0bTINNTC\n wXDEb6IkQ07hIsAsEBB54hiEEN2sUglk9KsR88RmHpX8jIBR4ObrB0Xq46MxD6Sdji\n 6sSVt/ckTfzAB3g7M1lNyTCVN6AJIRyeOjpDfju38Yo/VsI5SAjU3lEkinJ+h5DxMd\n 0QD6ajWNNxpzyBTHvpo3p7fWp6sd+Oqji/6foiKbqA3Zr2q1YDJitUPMfMiWfC66il\n N+xS50kKPbV3o+mb+TH8ZaeReO7GWj5VI2dmGfgk9NlSCyfT9C++fYgD+8dRNmid1+\n QAJuCXdCDLg1eSFYsV8cYfNpCrjjyT5yves6BWWtRdUZtfOgxUIdV8OsAn2nZUrUKL\n vAjfsvEzWDxSvhaXw2n2Y6fn366NFrTz8EXC7Gy7w1DW3iyU5zda5fy8H63uM6oJkx\n zTnwMGskm2q8IIcC3d0wG4LSmHCoqbBwJ/wZW4HWUVv13CNRw2ody3oJ57OvTPyJdZ\n kiOtwpkgkSXbhBrdQY6znpdhmu0wyOcfbvpOD6gUKqP66eRuLtJCnQjlQ9dQVrMA7y\n PHLvFeUXgeqwwquVy7RWyn3w=", "X-Google-DKIM-Signature": "v=1; a=rsa-sha256; c=relaxed/relaxed;\n d=1e100.net; s=20251104; t=1777552295; x=1778157095;\n h=content-transfer-encoding:mime-version:references:in-reply-to\n :message-id:date:subject:to:from:x-gm-gg:x-gm-message-state:from:to\n :cc:subject:date:message-id:reply-to;\n bh=e19DymqV+cZHrndhsmaLiiqE+kJH7qBP6OdpT3k85O8=;\n b=Fm8rzJ+qE+S3z45JAnEeTy0u1Lu0sebg5sf7WLnFek9YwhllLW7M717XeVCjcBNsd0\n ClDJ+xRgaqcjolSWbKDxoIgOpybEvYCJsyNG2lMHl5bBGBjI2HtqUFNbSeMk081e6Iwb\n PboC1Z9cx9Ol4fuJ3iX6sSWbfRyslKuWlpUOtejAVWeiY5Es9UjkIWjh/bnO4exndXbp\n VT/cQ3o+JDuYNMdxzPzW3iGEeug663Z/hdJqCnUWkbyWigq0OmAJ5vw8Ns9LDoTD/GuT\n yBGmW4qGsWCVBsQAM1K0gJICpaPua6YabJdCK9fMvVKvHOQB2Ngw4i1IEYYIFE9QzvFd\n jCOA==", "X-Gm-Message-State": "AOJu0YzGxglECJ9Hz2ddWPD2oQLx9WNEPemRILC2OEdA87KCsSRF7Cq8\n Tb2YrglqNbbypGY8Cwp8ZD5xxAryaUIl5qkEcJUVz/JUbaxa5Qqk7eJuHEXgDBCOK26jz+8jvwI\n C8HKC6aQtidWfDygb4NQebo/qAOw0w0lmym5WTU9esLMz42PdF4RkmBDE+0eSwvs1al7enP3q3p\n CkGoKrJLyZL6AEkg==", "X-Gm-Gg": "AeBDievhYzMLRSysRd1IrIzq7vi4ZhuBsGjVzBFhmWMQ3xuYPaxGWVlq4Qz+2vdHWAX\n za8tvUtTmsVgrKc2qJNHw0sSEyY3M1V171PzQT6f8CWyfKJYMV+2I/NBNYukSPZgn/MbUD6f7uj\n H14SxeLOVGPW0yJA5Dr1edicMwv6kP8yQ9y97t1nFg1wLec3tNptxxDaug7gHmWApG7vcI2bA5r\n 9lOKCnch/PDTYY8lCoFTeSrGm7+8ry5YBuX7EYvE6zVzEcYdzIkRlC1qL3qCpRQugWf9inyO/xM\n awS0QQuUP2uiWAnjSRPI3zx2ofGs2OL7ASOHa8blgAnAR96Mwc6Fn8W3r2qW62udqdbTj9O63C1\n tScd9gt7nqbV5S3lMDkYrYF5GNmxjICn5hvZtQsK7ox3zmmj8Twkda/rxw2gCuYJiwBlaTFyPSO\n GPahK1eIEDP0rPMOpWf02uGB9dC6I3YJjNZo7IpDLvoWF1DmsX8Jj0DeKYslhejZbkfEc2Wc532\n cLDdW0eZgbv2RT8ARPCEzc=", "X-Received": [ "by 2002:a05:600c:3398:b0:489:1c5f:3a9e with SMTP id\n 5b1f17b1804b1-48a84467620mr23737865e9.13.1777552295249;\n Thu, 30 Apr 2026 05:31:35 -0700 (PDT)", "by 2002:a05:600c:3398:b0:489:1c5f:3a9e with SMTP id\n 5b1f17b1804b1-48a84467620mr23737545e9.13.1777552294658;\n Thu, 30 Apr 2026 05:31:34 -0700 (PDT)" ], "From": "Massimiliano Pellizzer <massimiliano.pellizzer@canonical.com>", "To": "kernel-team@lists.ubuntu.com", "Subject": "[SRU][J][PATCH 5/9] crypto: authenc - use memcpy_sglist() instead of\n null skcipher", "Date": "Thu, 30 Apr 2026 14:30:33 +0200", "Message-ID": "\n <be411f8bd28434fa0eab9d8383cf659439ea197c.1777552173.git.massimiliano.pellizzer@canonical.com>", "X-Mailer": "git-send-email 2.53.0", "In-Reply-To": "<cover.1777552173.git.massimiliano.pellizzer@canonical.com>", "References": "\n <177754965576.503496.12142658280614619991@tuxedo-infinitybook.public>\n <cover.1777552173.git.massimiliano.pellizzer@canonical.com>", "MIME-Version": "1.0", "X-BeenThere": "kernel-team@lists.ubuntu.com", "X-Mailman-Version": "2.1.20", "Precedence": "list", "List-Id": "Kernel team discussions <kernel-team.lists.ubuntu.com>", "List-Unsubscribe": "<https://lists.ubuntu.com/mailman/options/kernel-team>,\n <mailto:kernel-team-request@lists.ubuntu.com?subject=unsubscribe>", "List-Archive": "<https://lists.ubuntu.com/archives/kernel-team>", "List-Post": "<mailto:kernel-team@lists.ubuntu.com>", "List-Help": "<mailto:kernel-team-request@lists.ubuntu.com?subject=help>", "List-Subscribe": "<https://lists.ubuntu.com/mailman/listinfo/kernel-team>,\n <mailto:kernel-team-request@lists.ubuntu.com?subject=subscribe>", "Content-Type": "text/plain; charset=\"utf-8\"", "Content-Transfer-Encoding": "base64", "Errors-To": "kernel-team-bounces@lists.ubuntu.com", "Sender": "\"kernel-team\" <kernel-team-bounces@lists.ubuntu.com>" }, "content": "From: Eric Biggers <ebiggers@google.com>\n\ncommit dbc4b1458e931e47198c3165ff5853bc1ad6bd7a upstream.\n\nFor copying data between two scatterlists, just use memcpy_sglist()\ninstead of the so-called \"null skcipher\". This is much simpler.\n\nSigned-off-by: Eric Biggers <ebiggers@google.com>\nSigned-off-by: Herbert Xu <herbert@gondor.apana.org.au>\nSigned-off-by: Eric Biggers <ebiggers@kernel.org>\nSigned-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>\n(cherry picked from commit e416c41a96c85ce12f608c30eb72fd9dfb75184b linux-5.15.y)\nCVE-2026-31431\nSigned-off-by: Massimiliano Pellizzer <massimiliano.pellizzer@canonical.com>\n---\n crypto/Kconfig | 1 -\n crypto/authenc.c | 32 +-------------------------------\n crypto/authencesn.c | 38 +++-----------------------------------\n 3 files changed, 4 insertions(+), 67 deletions(-)", "diff": "diff --git a/crypto/Kconfig b/crypto/Kconfig\nindex 15994570627bf..126d4699f06f7 100644\n--- a/crypto/Kconfig\n+++ b/crypto/Kconfig\n@@ -195,7 +195,6 @@ config CRYPTO_AUTHENC\n \tselect CRYPTO_SKCIPHER\n \tselect CRYPTO_MANAGER\n \tselect CRYPTO_HASH\n-\tselect CRYPTO_NULL\n \thelp\n \t Authenc: Combined mode wrapper for IPsec.\n \t This is required for IPSec.\ndiff --git a/crypto/authenc.c b/crypto/authenc.c\nindex 17f674a7cdff5..2b402e764529c 100644\n--- a/crypto/authenc.c\n+++ b/crypto/authenc.c\n@@ -9,7 +9,6 @@\n #include <crypto/internal/hash.h>\n #include <crypto/internal/skcipher.h>\n #include <crypto/authenc.h>\n-#include <crypto/null.h>\n #include <crypto/scatterwalk.h>\n #include <linux/err.h>\n #include <linux/init.h>\n@@ -28,7 +27,6 @@ struct authenc_instance_ctx {\n struct crypto_authenc_ctx {\n \tstruct crypto_ahash *auth;\n \tstruct crypto_skcipher *enc;\n-\tstruct crypto_sync_skcipher *null;\n };\n \n struct authenc_request_ctx {\n@@ -174,21 +172,6 @@ static void crypto_authenc_encrypt_done(struct crypto_async_request *req,\n \tauthenc_request_complete(areq, err);\n }\n \n-static int crypto_authenc_copy_assoc(struct aead_request *req)\n-{\n-\tstruct crypto_aead *authenc = crypto_aead_reqtfm(req);\n-\tstruct crypto_authenc_ctx *ctx = crypto_aead_ctx(authenc);\n-\tSYNC_SKCIPHER_REQUEST_ON_STACK(skreq, ctx->null);\n-\n-\tskcipher_request_set_sync_tfm(skreq, ctx->null);\n-\tskcipher_request_set_callback(skreq, aead_request_flags(req),\n-\t\t\t\t NULL, NULL);\n-\tskcipher_request_set_crypt(skreq, req->src, req->dst, req->assoclen,\n-\t\t\t\t NULL);\n-\n-\treturn crypto_skcipher_encrypt(skreq);\n-}\n-\n static int crypto_authenc_encrypt(struct aead_request *req)\n {\n \tstruct crypto_aead *authenc = crypto_aead_reqtfm(req);\n@@ -207,10 +190,7 @@ static int crypto_authenc_encrypt(struct aead_request *req)\n \tdst = src;\n \n \tif (req->src != req->dst) {\n-\t\terr = crypto_authenc_copy_assoc(req);\n-\t\tif (err)\n-\t\t\treturn err;\n-\n+\t\tmemcpy_sglist(req->dst, req->src, req->assoclen);\n \t\tdst = scatterwalk_ffwd(areq_ctx->dst, req->dst, req->assoclen);\n \t}\n \n@@ -311,7 +291,6 @@ static int crypto_authenc_init_tfm(struct crypto_aead *tfm)\n \tstruct crypto_authenc_ctx *ctx = crypto_aead_ctx(tfm);\n \tstruct crypto_ahash *auth;\n \tstruct crypto_skcipher *enc;\n-\tstruct crypto_sync_skcipher *null;\n \tint err;\n \n \tauth = crypto_spawn_ahash(&ictx->auth);\n@@ -323,14 +302,8 @@ static int crypto_authenc_init_tfm(struct crypto_aead *tfm)\n \tif (IS_ERR(enc))\n \t\tgoto err_free_ahash;\n \n-\tnull = crypto_get_default_null_skcipher();\n-\terr = PTR_ERR(null);\n-\tif (IS_ERR(null))\n-\t\tgoto err_free_skcipher;\n-\n \tctx->auth = auth;\n \tctx->enc = enc;\n-\tctx->null = null;\n \n \tcrypto_aead_set_reqsize(\n \t\ttfm,\n@@ -344,8 +317,6 @@ static int crypto_authenc_init_tfm(struct crypto_aead *tfm)\n \n \treturn 0;\n \n-err_free_skcipher:\n-\tcrypto_free_skcipher(enc);\n err_free_ahash:\n \tcrypto_free_ahash(auth);\n \treturn err;\n@@ -357,7 +328,6 @@ static void crypto_authenc_exit_tfm(struct crypto_aead *tfm)\n \n \tcrypto_free_ahash(ctx->auth);\n \tcrypto_free_skcipher(ctx->enc);\n-\tcrypto_put_default_null_skcipher();\n }\n \n static void crypto_authenc_free(struct aead_instance *inst)\ndiff --git a/crypto/authencesn.c b/crypto/authencesn.c\nindex 6487b35851d54..fceee6d67d34c 100644\n--- a/crypto/authencesn.c\n+++ b/crypto/authencesn.c\n@@ -12,7 +12,6 @@\n #include <crypto/internal/hash.h>\n #include <crypto/internal/skcipher.h>\n #include <crypto/authenc.h>\n-#include <crypto/null.h>\n #include <crypto/scatterwalk.h>\n #include <linux/err.h>\n #include <linux/init.h>\n@@ -31,7 +30,6 @@ struct crypto_authenc_esn_ctx {\n \tunsigned int reqoff;\n \tstruct crypto_ahash *auth;\n \tstruct crypto_skcipher *enc;\n-\tstruct crypto_sync_skcipher *null;\n };\n \n struct authenc_esn_request_ctx {\n@@ -164,20 +162,6 @@ static void crypto_authenc_esn_encrypt_done(struct crypto_async_request *req,\n \tauthenc_esn_request_complete(areq, err);\n }\n \n-static int crypto_authenc_esn_copy(struct aead_request *req, unsigned int len)\n-{\n-\tstruct crypto_aead *authenc_esn = crypto_aead_reqtfm(req);\n-\tstruct crypto_authenc_esn_ctx *ctx = crypto_aead_ctx(authenc_esn);\n-\tSYNC_SKCIPHER_REQUEST_ON_STACK(skreq, ctx->null);\n-\n-\tskcipher_request_set_sync_tfm(skreq, ctx->null);\n-\tskcipher_request_set_callback(skreq, aead_request_flags(req),\n-\t\t\t\t NULL, NULL);\n-\tskcipher_request_set_crypt(skreq, req->src, req->dst, len, NULL);\n-\n-\treturn crypto_skcipher_encrypt(skreq);\n-}\n-\n static int crypto_authenc_esn_encrypt(struct aead_request *req)\n {\n \tstruct crypto_aead *authenc_esn = crypto_aead_reqtfm(req);\n@@ -199,10 +183,7 @@ static int crypto_authenc_esn_encrypt(struct aead_request *req)\n \tdst = src;\n \n \tif (req->src != req->dst) {\n-\t\terr = crypto_authenc_esn_copy(req, assoclen);\n-\t\tif (err)\n-\t\t\treturn err;\n-\n+\t\tmemcpy_sglist(req->dst, req->src, assoclen);\n \t\tsg_init_table(areq_ctx->dst, 2);\n \t\tdst = scatterwalk_ffwd(areq_ctx->dst, req->dst, assoclen);\n \t}\n@@ -292,11 +273,8 @@ static int crypto_authenc_esn_decrypt(struct aead_request *req)\n \n \tcryptlen -= authsize;\n \n-\tif (req->src != dst) {\n-\t\terr = crypto_authenc_esn_copy(req, assoclen + cryptlen);\n-\t\tif (err)\n-\t\t\treturn err;\n-\t}\n+\tif (req->src != dst)\n+\t\tmemcpy_sglist(dst, req->src, assoclen + cryptlen);\n \n \tscatterwalk_map_and_copy(ihash, req->src, assoclen + cryptlen,\n \t\t\t\t authsize, 0);\n@@ -332,7 +310,6 @@ static int crypto_authenc_esn_init_tfm(struct crypto_aead *tfm)\n \tstruct crypto_authenc_esn_ctx *ctx = crypto_aead_ctx(tfm);\n \tstruct crypto_ahash *auth;\n \tstruct crypto_skcipher *enc;\n-\tstruct crypto_sync_skcipher *null;\n \tint err;\n \n \tauth = crypto_spawn_ahash(&ictx->auth);\n@@ -344,14 +321,8 @@ static int crypto_authenc_esn_init_tfm(struct crypto_aead *tfm)\n \tif (IS_ERR(enc))\n \t\tgoto err_free_ahash;\n \n-\tnull = crypto_get_default_null_skcipher();\n-\terr = PTR_ERR(null);\n-\tif (IS_ERR(null))\n-\t\tgoto err_free_skcipher;\n-\n \tctx->auth = auth;\n \tctx->enc = enc;\n-\tctx->null = null;\n \n \tctx->reqoff = ALIGN(2 * crypto_ahash_digestsize(auth),\n \t\t\t crypto_ahash_alignmask(auth) + 1);\n@@ -368,8 +339,6 @@ static int crypto_authenc_esn_init_tfm(struct crypto_aead *tfm)\n \n \treturn 0;\n \n-err_free_skcipher:\n-\tcrypto_free_skcipher(enc);\n err_free_ahash:\n \tcrypto_free_ahash(auth);\n \treturn err;\n@@ -381,7 +350,6 @@ static void crypto_authenc_esn_exit_tfm(struct crypto_aead *tfm)\n \n \tcrypto_free_ahash(ctx->auth);\n \tcrypto_free_skcipher(ctx->enc);\n-\tcrypto_put_default_null_skcipher();\n }\n \n static void crypto_authenc_esn_free(struct aead_instance *inst)\n", "prefixes": [ "SRU", "J", "5/9" ] }