<feed xmlns='http://www.w3.org/2005/Atom'>
<title>linux-stable.git/crypto, branch linux-6.7.y</title>
<subtitle>Linux kernel stable tree</subtitle>
<link rel='alternate' type='text/html' href='https://git.tavy.me/linux-stable.git/'/>
<entry>
<title>Revert "crypto: pkcs7 - remove sha1 support"</title>
<updated>2024-04-03T13:11:35+00:00</updated>
<author>
<name>Eric Biggers</name>
<email>ebiggers@google.com</email>
</author>
<published>2024-03-13T23:32:27+00:00</published>
<link rel='alternate' type='text/html' href='https://git.tavy.me/linux-stable.git/commit/?id=dc0b79feb27d9957de7157232c0ad677f7f97fc2'/>
<id>dc0b79feb27d9957de7157232c0ad677f7f97fc2</id>
<content type='text'>
commit 203a6763ab699da0568fd2b76303d03bb121abd4 upstream.

This reverts commit 16ab7cb5825fc3425c16ad2c6e53d827f382d7c6 because it
broke iwd.  iwd uses the KEYCTL_PKEY_* UAPIs via its dependency libell,
and apparently it is relying on SHA-1 signature support.  These UAPIs
are fairly obscure, and their documentation does not mention which
algorithms they support.  iwd really should be using a properly
supported userspace crypto library instead.  Regardless, since something
broke we have to revert the change.

It may be possible that some parts of this commit can be reinstated
without breaking iwd (e.g. probably the removal of MODULE_SIG_SHA1), but
for now this just does a full revert to get things working again.

Reported-by: Karel Balej &lt;balejk@matfyz.cz&gt;
Closes: https://lore.kernel.org/r/CZSHRUIJ4RKL.34T4EASV5DNJM@matfyz.cz
Cc: Dimitri John Ledkov &lt;dimitri.ledkov@canonical.com&gt;
Signed-off-by: Eric Biggers &lt;ebiggers@google.com&gt;
Tested-by: Karel Balej &lt;balejk@matfyz.cz&gt;
Signed-off-by: Herbert Xu &lt;herbert@gondor.apana.org.au&gt;
Signed-off-by: Greg Kroah-Hartman &lt;gregkh@linuxfoundation.org&gt;
</content>
<content type='xhtml'>
<div xmlns='http://www.w3.org/1999/xhtml'>
<pre>
commit 203a6763ab699da0568fd2b76303d03bb121abd4 upstream.

This reverts commit 16ab7cb5825fc3425c16ad2c6e53d827f382d7c6 because it
broke iwd.  iwd uses the KEYCTL_PKEY_* UAPIs via its dependency libell,
and apparently it is relying on SHA-1 signature support.  These UAPIs
are fairly obscure, and their documentation does not mention which
algorithms they support.  iwd really should be using a properly
supported userspace crypto library instead.  Regardless, since something
broke we have to revert the change.

It may be possible that some parts of this commit can be reinstated
without breaking iwd (e.g. probably the removal of MODULE_SIG_SHA1), but
for now this just does a full revert to get things working again.

Reported-by: Karel Balej &lt;balejk@matfyz.cz&gt;
Closes: https://lore.kernel.org/r/CZSHRUIJ4RKL.34T4EASV5DNJM@matfyz.cz
Cc: Dimitri John Ledkov &lt;dimitri.ledkov@canonical.com&gt;
Signed-off-by: Eric Biggers &lt;ebiggers@google.com&gt;
Tested-by: Karel Balej &lt;balejk@matfyz.cz&gt;
Signed-off-by: Herbert Xu &lt;herbert@gondor.apana.org.au&gt;
Signed-off-by: Greg Kroah-Hartman &lt;gregkh@linuxfoundation.org&gt;
</pre>
</div>
</content>
</entry>
<entry>
<title>crypto: jitter - fix CRYPTO_JITTERENTROPY help text</title>
<updated>2024-03-26T22:18:39+00:00</updated>
<author>
<name>Randy Dunlap</name>
<email>rdunlap@infradead.org</email>
</author>
<published>2024-02-17T16:55:13+00:00</published>
<link rel='alternate' type='text/html' href='https://git.tavy.me/linux-stable.git/commit/?id=a1842917cc8ceabc33e31ecc0a667b6cb830de8f'/>
<id>a1842917cc8ceabc33e31ecc0a667b6cb830de8f</id>
<content type='text'>
[ Upstream commit e63df1ec9a16dd9e13e9068243e64876de06f795 ]

Correct various small problems in the help text:
a. change 2 spaces to ", "
b. finish an incomplete sentence
c. change non-working URL to working URL

Fixes: a9a98d49da52 ("crypto: Kconfig - simplify compression/RNG entries")
Closes: https://bugzilla.kernel.org/show_bug.cgi?id=218458
Signed-off-by: Randy Dunlap &lt;rdunlap@infradead.org&gt;
Cc: Bagas Sanjaya &lt;bagasdotme@gmail.com&gt;
Cc: Robert Elliott &lt;elliott@hpe.com&gt;
Cc: Christoph Biedl &lt;bugzilla.kernel.bpeb@manchmal.in-ulm.de&gt;
Cc: Herbert Xu &lt;herbert@gondor.apana.org.au&gt;
Cc: "David S. Miller" &lt;davem@davemloft.net&gt;
Cc: linux-crypto@vger.kernel.org
Acked-by: Bagas Sanjaya &lt;bagasdotme@gmail.com&gt;
Signed-off-by: Herbert Xu &lt;herbert@gondor.apana.org.au&gt;
Signed-off-by: Sasha Levin &lt;sashal@kernel.org&gt;
</content>
<content type='xhtml'>
<div xmlns='http://www.w3.org/1999/xhtml'>
<pre>
[ Upstream commit e63df1ec9a16dd9e13e9068243e64876de06f795 ]

Correct various small problems in the help text:
a. change 2 spaces to ", "
b. finish an incomplete sentence
c. change non-working URL to working URL

Fixes: a9a98d49da52 ("crypto: Kconfig - simplify compression/RNG entries")
Closes: https://bugzilla.kernel.org/show_bug.cgi?id=218458
Signed-off-by: Randy Dunlap &lt;rdunlap@infradead.org&gt;
Cc: Bagas Sanjaya &lt;bagasdotme@gmail.com&gt;
Cc: Robert Elliott &lt;elliott@hpe.com&gt;
Cc: Christoph Biedl &lt;bugzilla.kernel.bpeb@manchmal.in-ulm.de&gt;
Cc: Herbert Xu &lt;herbert@gondor.apana.org.au&gt;
Cc: "David S. Miller" &lt;davem@davemloft.net&gt;
Cc: linux-crypto@vger.kernel.org
Acked-by: Bagas Sanjaya &lt;bagasdotme@gmail.com&gt;
Signed-off-by: Herbert Xu &lt;herbert@gondor.apana.org.au&gt;
Signed-off-by: Sasha Levin &lt;sashal@kernel.org&gt;
</pre>
</div>
</content>
</entry>
<entry>
<title>crypto: algif_hash - Remove bogus SGL free on zero-length error path</title>
<updated>2024-02-23T08:51:51+00:00</updated>
<author>
<name>Herbert Xu</name>
<email>herbert@gondor.apana.org.au</email>
</author>
<published>2024-02-01T05:49:09+00:00</published>
<link rel='alternate' type='text/html' href='https://git.tavy.me/linux-stable.git/commit/?id=775f3c1882a493168e08fdb8cde0865c8f3a8a29'/>
<id>775f3c1882a493168e08fdb8cde0865c8f3a8a29</id>
<content type='text'>
commit 24c890dd712f6345e382256cae8c97abb0406b70 upstream.

When a zero-length message is hashed by algif_hash, and an error
is triggered, it tries to free an SG list that was never allocated
in the first place.  Fix this by not freeing the SG list on the
zero-length error path.

Reported-by: Shigeru Yoshida &lt;syoshida@redhat.com&gt;
Reported-by: xingwei lee &lt;xrivendell7@gmail.com&gt;
Fixes: b6d972f68983 ("crypto: af_alg/hash: Fix recvmsg() after sendmsg(MSG_MORE)")
Cc: &lt;stable@vger.kernel.org&gt;
Signed-off-by: Herbert Xu &lt;herbert@gondor.apana.org.au&gt;
Reported-by: syzbot+3266db0c26d1fbbe3abb@syzkaller.appspotmail.com
Signed-off-by: Herbert Xu &lt;herbert@gondor.apana.org.au&gt;
Signed-off-by: Greg Kroah-Hartman &lt;gregkh@linuxfoundation.org&gt;
</content>
<content type='xhtml'>
<div xmlns='http://www.w3.org/1999/xhtml'>
<pre>
commit 24c890dd712f6345e382256cae8c97abb0406b70 upstream.

When a zero-length message is hashed by algif_hash, and an error
is triggered, it tries to free an SG list that was never allocated
in the first place.  Fix this by not freeing the SG list on the
zero-length error path.

Reported-by: Shigeru Yoshida &lt;syoshida@redhat.com&gt;
Reported-by: xingwei lee &lt;xrivendell7@gmail.com&gt;
Fixes: b6d972f68983 ("crypto: af_alg/hash: Fix recvmsg() after sendmsg(MSG_MORE)")
Cc: &lt;stable@vger.kernel.org&gt;
Signed-off-by: Herbert Xu &lt;herbert@gondor.apana.org.au&gt;
Reported-by: syzbot+3266db0c26d1fbbe3abb@syzkaller.appspotmail.com
Signed-off-by: Herbert Xu &lt;herbert@gondor.apana.org.au&gt;
Signed-off-by: Greg Kroah-Hartman &lt;gregkh@linuxfoundation.org&gt;
</pre>
</div>
</content>
</entry>
<entry>
<title>crypto: api - Disallow identical driver names</title>
<updated>2024-02-01T00:20:54+00:00</updated>
<author>
<name>Herbert Xu</name>
<email>herbert@gondor.apana.org.au</email>
</author>
<published>2023-12-07T10:36:57+00:00</published>
<link rel='alternate' type='text/html' href='https://git.tavy.me/linux-stable.git/commit/?id=7a09e2a77a8d4b133cc7e5e4f9a4ccf4c2283d58'/>
<id>7a09e2a77a8d4b133cc7e5e4f9a4ccf4c2283d58</id>
<content type='text'>
commit 27016f75f5ed47e2d8e0ca75a8ff1f40bc1a5e27 upstream.

Disallow registration of two algorithms with identical driver names.

Cc: &lt;stable@vger.kernel.org&gt;
Reported-by: Ovidiu Panait &lt;ovidiu.panait@windriver.com&gt;
Signed-off-by: Herbert Xu &lt;herbert@gondor.apana.org.au&gt;
Signed-off-by: Greg Kroah-Hartman &lt;gregkh@linuxfoundation.org&gt;
</content>
<content type='xhtml'>
<div xmlns='http://www.w3.org/1999/xhtml'>
<pre>
commit 27016f75f5ed47e2d8e0ca75a8ff1f40bc1a5e27 upstream.

Disallow registration of two algorithms with identical driver names.

Cc: &lt;stable@vger.kernel.org&gt;
Reported-by: Ovidiu Panait &lt;ovidiu.panait@windriver.com&gt;
Signed-off-by: Herbert Xu &lt;herbert@gondor.apana.org.au&gt;
Signed-off-by: Greg Kroah-Hartman &lt;gregkh@linuxfoundation.org&gt;
</pre>
</div>
</content>
</entry>
<entry>
<title>crypto: scomp - fix req-&gt;dst buffer overflow</title>
<updated>2024-01-25T23:44:43+00:00</updated>
<author>
<name>Chengming Zhou</name>
<email>zhouchengming@bytedance.com</email>
</author>
<published>2023-12-27T09:35:23+00:00</published>
<link rel='alternate' type='text/html' href='https://git.tavy.me/linux-stable.git/commit/?id=71c6670f9f032ec67d8f4e3f8db4646bf5a62883'/>
<id>71c6670f9f032ec67d8f4e3f8db4646bf5a62883</id>
<content type='text'>
[ Upstream commit 744e1885922a9943458954cfea917b31064b4131 ]

The req-&gt;dst buffer size should be checked before copying from the
scomp_scratch-&gt;dst to avoid req-&gt;dst buffer overflow problem.

Fixes: 1ab53a77b772 ("crypto: acomp - add driver-side scomp interface")
Reported-by: syzbot+3eff5e51bf1db122a16e@syzkaller.appspotmail.com
Closes: https://lore.kernel.org/all/0000000000000b05cd060d6b5511@google.com/
Signed-off-by: Chengming Zhou &lt;zhouchengming@bytedance.com&gt;
Reviewed-by: Barry Song &lt;v-songbaohua@oppo.com&gt;
Signed-off-by: Herbert Xu &lt;herbert@gondor.apana.org.au&gt;
Signed-off-by: Sasha Levin &lt;sashal@kernel.org&gt;
</content>
<content type='xhtml'>
<div xmlns='http://www.w3.org/1999/xhtml'>
<pre>
[ Upstream commit 744e1885922a9943458954cfea917b31064b4131 ]

The req-&gt;dst buffer size should be checked before copying from the
scomp_scratch-&gt;dst to avoid req-&gt;dst buffer overflow problem.

Fixes: 1ab53a77b772 ("crypto: acomp - add driver-side scomp interface")
Reported-by: syzbot+3eff5e51bf1db122a16e@syzkaller.appspotmail.com
Closes: https://lore.kernel.org/all/0000000000000b05cd060d6b5511@google.com/
Signed-off-by: Chengming Zhou &lt;zhouchengming@bytedance.com&gt;
Reviewed-by: Barry Song &lt;v-songbaohua@oppo.com&gt;
Signed-off-by: Herbert Xu &lt;herbert@gondor.apana.org.au&gt;
Signed-off-by: Sasha Levin &lt;sashal@kernel.org&gt;
</pre>
</div>
</content>
</entry>
<entry>
<title>crypto: af_alg - Disallow multiple in-flight AIO requests</title>
<updated>2024-01-25T23:44:41+00:00</updated>
<author>
<name>Herbert Xu</name>
<email>herbert@gondor.apana.org.au</email>
</author>
<published>2023-11-28T08:25:49+00:00</published>
<link rel='alternate' type='text/html' href='https://git.tavy.me/linux-stable.git/commit/?id=4767e8239e15f891d819ef3ba2b286d87ea327e1'/>
<id>4767e8239e15f891d819ef3ba2b286d87ea327e1</id>
<content type='text'>
[ Upstream commit 67b164a871af1d736f131fd6fe78a610909f06f3 ]

Having multiple in-flight AIO requests results in unpredictable
output because they all share the same IV.  Fix this by only allowing
one request at a time.

Fixes: 83094e5e9e49 ("crypto: af_alg - add async support to algif_aead")
Fixes: a596999b7ddf ("crypto: algif - change algif_skcipher to be asynchronous")
Signed-off-by: Herbert Xu &lt;herbert@gondor.apana.org.au&gt;
Signed-off-by: Sasha Levin &lt;sashal@kernel.org&gt;
</content>
<content type='xhtml'>
<div xmlns='http://www.w3.org/1999/xhtml'>
<pre>
[ Upstream commit 67b164a871af1d736f131fd6fe78a610909f06f3 ]

Having multiple in-flight AIO requests results in unpredictable
output because they all share the same IV.  Fix this by only allowing
one request at a time.

Fixes: 83094e5e9e49 ("crypto: af_alg - add async support to algif_aead")
Fixes: a596999b7ddf ("crypto: algif - change algif_skcipher to be asynchronous")
Signed-off-by: Herbert Xu &lt;herbert@gondor.apana.org.au&gt;
Signed-off-by: Sasha Levin &lt;sashal@kernel.org&gt;
</pre>
</div>
</content>
</entry>
<entry>
<title>crypto: rsa - add a check for allocation failure</title>
<updated>2024-01-25T23:44:40+00:00</updated>
<author>
<name>Dan Carpenter</name>
<email>dan.carpenter@linaro.org</email>
</author>
<published>2023-10-30T09:02:59+00:00</published>
<link rel='alternate' type='text/html' href='https://git.tavy.me/linux-stable.git/commit/?id=95ad8b6879e2e49d02e3bfc0e1fb46421633fe2a'/>
<id>95ad8b6879e2e49d02e3bfc0e1fb46421633fe2a</id>
<content type='text'>
[ Upstream commit d872ca165cb67112f2841ef9c37d51ef7e63d1e4 ]

Static checkers insist that the mpi_alloc() allocation can fail so add
a check to prevent a NULL dereference.  Small allocations like this
can't actually fail in current kernels, but adding a check is very
simple and makes the static checkers happy.

Fixes: 6637e11e4ad2 ("crypto: rsa - allow only odd e and restrict value in FIPS mode")
Signed-off-by: Dan Carpenter &lt;dan.carpenter@linaro.org&gt;
Signed-off-by: Herbert Xu &lt;herbert@gondor.apana.org.au&gt;
Signed-off-by: Sasha Levin &lt;sashal@kernel.org&gt;
</content>
<content type='xhtml'>
<div xmlns='http://www.w3.org/1999/xhtml'>
<pre>
[ Upstream commit d872ca165cb67112f2841ef9c37d51ef7e63d1e4 ]

Static checkers insist that the mpi_alloc() allocation can fail so add
a check to prevent a NULL dereference.  Small allocations like this
can't actually fail in current kernels, but adding a check is very
simple and makes the static checkers happy.

Fixes: 6637e11e4ad2 ("crypto: rsa - allow only odd e and restrict value in FIPS mode")
Signed-off-by: Dan Carpenter &lt;dan.carpenter@linaro.org&gt;
Signed-off-by: Herbert Xu &lt;herbert@gondor.apana.org.au&gt;
Signed-off-by: Sasha Levin &lt;sashal@kernel.org&gt;
</pre>
</div>
</content>
</entry>
<entry>
<title>Merge tag 'v6.7-p2' of git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6</title>
<updated>2023-11-10T01:04:58+00:00</updated>
<author>
<name>Linus Torvalds</name>
<email>torvalds@linux-foundation.org</email>
</author>
<published>2023-11-10T01:04:58+00:00</published>
<link rel='alternate' type='text/html' href='https://git.tavy.me/linux-stable.git/commit/?id=3b220413438184b352b297e7cf593fa56999b5b3'/>
<id>3b220413438184b352b297e7cf593fa56999b5b3</id>
<content type='text'>
Pull crypto fixes from Herbert Xu:
 "This fixes a regression in ahash and hides the Kconfig sub-options for
  the jitter RNG"

* tag 'v6.7-p2' of git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6:
  crypto: ahash - Set using_shash for cloned ahash wrapper over shash
  crypto: jitterentropy - Hide esoteric Kconfig options under FIPS and EXPERT
</content>
<content type='xhtml'>
<div xmlns='http://www.w3.org/1999/xhtml'>
<pre>
Pull crypto fixes from Herbert Xu:
 "This fixes a regression in ahash and hides the Kconfig sub-options for
  the jitter RNG"

* tag 'v6.7-p2' of git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6:
  crypto: ahash - Set using_shash for cloned ahash wrapper over shash
  crypto: jitterentropy - Hide esoteric Kconfig options under FIPS and EXPERT
</pre>
</div>
</content>
</entry>
<entry>
<title>crypto: ahash - Set using_shash for cloned ahash wrapper over shash</title>
<updated>2023-11-07T08:44:36+00:00</updated>
<author>
<name>Dmitry Safonov</name>
<email>dima@arista.com</email>
</author>
<published>2023-11-07T02:37:17+00:00</published>
<link rel='alternate' type='text/html' href='https://git.tavy.me/linux-stable.git/commit/?id=9aedd10fe38418319bd8ed55dc68a40ec04aaa05'/>
<id>9aedd10fe38418319bd8ed55dc68a40ec04aaa05</id>
<content type='text'>
The cloned child of ahash that uses shash under the hood should use
shash helpers (like crypto_shash_setkey()).

The following panic may be observed on TCP-AO selftests:

&gt; ==================================================================
&gt; BUG: KASAN: wild-memory-access in crypto_mod_get+0x1b/0x60
&gt; Write of size 4 at addr 5d5be0ff5c415e14 by task connect_ipv4/1397
&gt;
&gt; CPU: 0 PID: 1397 Comm: connect_ipv4 Tainted: G        W          6.6.0+ #47
&gt; Call Trace:
&gt;  &lt;TASK&gt;
&gt;  dump_stack_lvl+0x46/0x70
&gt;  kasan_report+0xc3/0xf0
&gt;  kasan_check_range+0xec/0x190
&gt;  crypto_mod_get+0x1b/0x60
&gt;  crypto_spawn_alg+0x53/0x140
&gt;  crypto_spawn_tfm2+0x13/0x60
&gt;  hmac_init_tfm+0x25/0x60
&gt;  crypto_ahash_setkey+0x8b/0x100
&gt;  tcp_ao_add_cmd+0xe7a/0x1120
&gt;  do_tcp_setsockopt+0x5ed/0x12a0
&gt;  do_sock_setsockopt+0x82/0x100
&gt;  __sys_setsockopt+0xe9/0x160
&gt;  __x64_sys_setsockopt+0x60/0x70
&gt;  do_syscall_64+0x3c/0xe0
&gt;  entry_SYSCALL_64_after_hwframe+0x46/0x4e
&gt; ==================================================================
&gt; general protection fault, probably for non-canonical address 0x5d5be0ff5c415e14: 0000 [#1] PREEMPT SMP KASAN
&gt; CPU: 0 PID: 1397 Comm: connect_ipv4 Tainted: G    B   W          6.6.0+ #47
&gt; Call Trace:
&gt;  &lt;TASK&gt;
&gt;  ? die_addr+0x3c/0xa0
&gt;  ? exc_general_protection+0x144/0x210
&gt;  ? asm_exc_general_protection+0x22/0x30
&gt;  ? add_taint+0x26/0x90
&gt;  ? crypto_mod_get+0x20/0x60
&gt;  ? crypto_mod_get+0x1b/0x60
&gt;  ? ahash_def_finup_done1+0x58/0x80
&gt;  crypto_spawn_alg+0x53/0x140
&gt;  crypto_spawn_tfm2+0x13/0x60
&gt;  hmac_init_tfm+0x25/0x60
&gt;  crypto_ahash_setkey+0x8b/0x100
&gt;  tcp_ao_add_cmd+0xe7a/0x1120
&gt;  do_tcp_setsockopt+0x5ed/0x12a0
&gt;  do_sock_setsockopt+0x82/0x100
&gt;  __sys_setsockopt+0xe9/0x160
&gt;  __x64_sys_setsockopt+0x60/0x70
&gt;  do_syscall_64+0x3c/0xe0
&gt;  entry_SYSCALL_64_after_hwframe+0x46/0x4e
&gt;  &lt;/TASK&gt;
&gt; RIP: 0010:crypto_mod_get+0x20/0x60

Make sure that the child/clone has using_shash set when parent is
an shash user.

Fixes: 2f1f34c1bf7b ("crypto: ahash - optimize performance when wrapping shash")
Cc: David Ahern &lt;dsahern@kernel.org&gt;
Cc: "David S. Miller" &lt;davem@davemloft.net&gt;
Cc: Dmitry Safonov &lt;0x7f454c46@gmail.com&gt;
Cc: Eric Biggers &lt;ebiggers@google.com&gt;
Cc: Eric Dumazet &lt;edumazet@google.com&gt;
Cc: Francesco Ruggeri &lt;fruggeri05@gmail.com&gt;
To: Herbert Xu &lt;herbert@gondor.apana.org.au&gt;
Cc: Jakub Kicinski &lt;kuba@kernel.org&gt;
Cc: Paolo Abeni &lt;pabeni@redhat.com&gt;
Cc: Salam Noureddine &lt;noureddine@arista.com&gt;
Cc: netdev@vger.kernel.org
Cc: linux-crypto@vger.kernel.org
Cc: linux-kernel@vger.kernel.org
Signed-off-by: Dmitry Safonov &lt;dima@arista.com&gt;
Reviewed-by: Eric Biggers &lt;ebiggers@google.com&gt;
Signed-off-by: Herbert Xu &lt;herbert@gondor.apana.org.au&gt;
</content>
<content type='xhtml'>
<div xmlns='http://www.w3.org/1999/xhtml'>
<pre>
The cloned child of ahash that uses shash under the hood should use
shash helpers (like crypto_shash_setkey()).

The following panic may be observed on TCP-AO selftests:

&gt; ==================================================================
&gt; BUG: KASAN: wild-memory-access in crypto_mod_get+0x1b/0x60
&gt; Write of size 4 at addr 5d5be0ff5c415e14 by task connect_ipv4/1397
&gt;
&gt; CPU: 0 PID: 1397 Comm: connect_ipv4 Tainted: G        W          6.6.0+ #47
&gt; Call Trace:
&gt;  &lt;TASK&gt;
&gt;  dump_stack_lvl+0x46/0x70
&gt;  kasan_report+0xc3/0xf0
&gt;  kasan_check_range+0xec/0x190
&gt;  crypto_mod_get+0x1b/0x60
&gt;  crypto_spawn_alg+0x53/0x140
&gt;  crypto_spawn_tfm2+0x13/0x60
&gt;  hmac_init_tfm+0x25/0x60
&gt;  crypto_ahash_setkey+0x8b/0x100
&gt;  tcp_ao_add_cmd+0xe7a/0x1120
&gt;  do_tcp_setsockopt+0x5ed/0x12a0
&gt;  do_sock_setsockopt+0x82/0x100
&gt;  __sys_setsockopt+0xe9/0x160
&gt;  __x64_sys_setsockopt+0x60/0x70
&gt;  do_syscall_64+0x3c/0xe0
&gt;  entry_SYSCALL_64_after_hwframe+0x46/0x4e
&gt; ==================================================================
&gt; general protection fault, probably for non-canonical address 0x5d5be0ff5c415e14: 0000 [#1] PREEMPT SMP KASAN
&gt; CPU: 0 PID: 1397 Comm: connect_ipv4 Tainted: G    B   W          6.6.0+ #47
&gt; Call Trace:
&gt;  &lt;TASK&gt;
&gt;  ? die_addr+0x3c/0xa0
&gt;  ? exc_general_protection+0x144/0x210
&gt;  ? asm_exc_general_protection+0x22/0x30
&gt;  ? add_taint+0x26/0x90
&gt;  ? crypto_mod_get+0x20/0x60
&gt;  ? crypto_mod_get+0x1b/0x60
&gt;  ? ahash_def_finup_done1+0x58/0x80
&gt;  crypto_spawn_alg+0x53/0x140
&gt;  crypto_spawn_tfm2+0x13/0x60
&gt;  hmac_init_tfm+0x25/0x60
&gt;  crypto_ahash_setkey+0x8b/0x100
&gt;  tcp_ao_add_cmd+0xe7a/0x1120
&gt;  do_tcp_setsockopt+0x5ed/0x12a0
&gt;  do_sock_setsockopt+0x82/0x100
&gt;  __sys_setsockopt+0xe9/0x160
&gt;  __x64_sys_setsockopt+0x60/0x70
&gt;  do_syscall_64+0x3c/0xe0
&gt;  entry_SYSCALL_64_after_hwframe+0x46/0x4e
&gt;  &lt;/TASK&gt;
&gt; RIP: 0010:crypto_mod_get+0x20/0x60

Make sure that the child/clone has using_shash set when parent is
an shash user.

Fixes: 2f1f34c1bf7b ("crypto: ahash - optimize performance when wrapping shash")
Cc: David Ahern &lt;dsahern@kernel.org&gt;
Cc: "David S. Miller" &lt;davem@davemloft.net&gt;
Cc: Dmitry Safonov &lt;0x7f454c46@gmail.com&gt;
Cc: Eric Biggers &lt;ebiggers@google.com&gt;
Cc: Eric Dumazet &lt;edumazet@google.com&gt;
Cc: Francesco Ruggeri &lt;fruggeri05@gmail.com&gt;
To: Herbert Xu &lt;herbert@gondor.apana.org.au&gt;
Cc: Jakub Kicinski &lt;kuba@kernel.org&gt;
Cc: Paolo Abeni &lt;pabeni@redhat.com&gt;
Cc: Salam Noureddine &lt;noureddine@arista.com&gt;
Cc: netdev@vger.kernel.org
Cc: linux-crypto@vger.kernel.org
Cc: linux-kernel@vger.kernel.org
Signed-off-by: Dmitry Safonov &lt;dima@arista.com&gt;
Reviewed-by: Eric Biggers &lt;ebiggers@google.com&gt;
Signed-off-by: Herbert Xu &lt;herbert@gondor.apana.org.au&gt;
</pre>
</div>
</content>
</entry>
<entry>
<title>crypto: jitterentropy - Hide esoteric Kconfig options under FIPS and EXPERT</title>
<updated>2023-11-07T08:44:35+00:00</updated>
<author>
<name>Herbert Xu</name>
<email>herbert@gondor.apana.org.au</email>
</author>
<published>2023-11-06T10:00:08+00:00</published>
<link rel='alternate' type='text/html' href='https://git.tavy.me/linux-stable.git/commit/?id=e7ed6473c2c8c4e45dd861bfa06e96189b11d8db'/>
<id>e7ed6473c2c8c4e45dd861bfa06e96189b11d8db</id>
<content type='text'>
As JITTERENTROPY is selected by default if you enable the CRYPTO
API, any Kconfig options added there will show up for every single
user.  Hide the esoteric options under EXPERT as well as FIPS so
that only distro makers will see them.

Reported-by: Linus Torvalds &lt;torvalds@linux-foundation.org&gt;
Signed-off-by: Herbert Xu &lt;herbert@gondor.apana.org.au&gt;
Reviewed-by: Stephan Mueller &lt;smueller@chronox.de&gt;
Signed-off-by: Herbert Xu &lt;herbert@gondor.apana.org.au&gt;
</content>
<content type='xhtml'>
<div xmlns='http://www.w3.org/1999/xhtml'>
<pre>
As JITTERENTROPY is selected by default if you enable the CRYPTO
API, any Kconfig options added there will show up for every single
user.  Hide the esoteric options under EXPERT as well as FIPS so
that only distro makers will see them.

Reported-by: Linus Torvalds &lt;torvalds@linux-foundation.org&gt;
Signed-off-by: Herbert Xu &lt;herbert@gondor.apana.org.au&gt;
Reviewed-by: Stephan Mueller &lt;smueller@chronox.de&gt;
Signed-off-by: Herbert Xu &lt;herbert@gondor.apana.org.au&gt;
</pre>
</div>
</content>
</entry>
</feed>
