3.4-stable patches

added patches:
	crypto-aesni-intel-fix-unaligned-cbc-decrypt-for-x86-32.patch
	hwrng-atmel-rng-fix-race-condition-leading-to-repeated-bits.patch

diff --git a/queue-3.4/crypto-aesni-intel-fix-unaligned-cbc-decrypt-for-x86-32.patch b/queue-3.4/crypto-aesni-intel-fix-unaligned-cbc-decrypt-for-x86-32.patch
new file mode 100644 (file)
index 0000000..5509c5d
--- /dev/null
+++ b/queue-3.4/crypto-aesni-intel-fix-unaligned-cbc-decrypt-for-x86-32.patch
@@ -0,0 +1,43 @@
+From 7c8d51848a88aafdb68f42b6b650c83485ea2f84 Mon Sep 17 00:00:00 2001
+From: Mathias Krause <minipli@googlemail.com>
+Date: Wed, 30 May 2012 01:43:08 +0200
+Subject: crypto: aesni-intel - fix unaligned cbc decrypt for x86-32
+
+From: Mathias Krause <minipli@googlemail.com>
+
+commit 7c8d51848a88aafdb68f42b6b650c83485ea2f84 upstream.
+
+The 32 bit variant of cbc(aes) decrypt is using instructions requiring
+128 bit aligned memory locations but fails to ensure this constraint in
+the code. Fix this by loading the data into intermediate registers with
+load unaligned instructions.
+
+This fixes reported general protection faults related to aesni.
+
+References: https://bugzilla.kernel.org/show_bug.cgi?id=43223
+Reported-by: Daniel <garkein@mailueberfall.de>
+Signed-off-by: Mathias Krause <minipli@googlemail.com>
+Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
+---
+ arch/x86/crypto/aesni-intel_asm.S |    6 ++++--
+ 1 file changed, 4 insertions(+), 2 deletions(-)
+
+--- a/arch/x86/crypto/aesni-intel_asm.S
++++ b/arch/x86/crypto/aesni-intel_asm.S
+@@ -2460,10 +2460,12 @@ ENTRY(aesni_cbc_dec)
+       pxor IN3, STATE4
+       movaps IN4, IV
+ #else
+-      pxor (INP), STATE2
+-      pxor 0x10(INP), STATE3
+       pxor IN1, STATE4
+       movaps IN2, IV
++      movups (INP), IN1
++      pxor IN1, STATE2
++      movups 0x10(INP), IN2
++      pxor IN2, STATE3
+ #endif
+       movups STATE1, (OUTP)
+       movups STATE2, 0x10(OUTP)

diff --git a/queue-3.4/hwrng-atmel-rng-fix-race-condition-leading-to-repeated-bits.patch b/queue-3.4/hwrng-atmel-rng-fix-race-condition-leading-to-repeated-bits.patch
new file mode 100644 (file)
index 0000000..39ee0ef
--- /dev/null
+++ b/queue-3.4/hwrng-atmel-rng-fix-race-condition-leading-to-repeated-bits.patch
@@ -0,0 +1,82 @@
+From 121daad8fd1dce63076fa55aaedd5dc3f981b334 Mon Sep 17 00:00:00 2001
+From: Peter Korsgaard <jacmet@sunsite.dk>
+Date: Thu, 31 May 2012 20:53:08 +1000
+Subject: hwrng: atmel-rng - fix race condition leading to repeated bits
+
+From: Peter Korsgaard <jacmet@sunsite.dk>
+
+commit 121daad8fd1dce63076fa55aaedd5dc3f981b334 upstream.
+
+Data valid gets cleared by reading the ISR (status register) and NOT from
+reading ODATA (data register). A new data word can become available between
+checking ISR and reading ODATA, causing us to reuse the same data word next
+time atmel_trng_read() gets called, if that happens before the following
+data word is ready.
+
+With this fixed, rngtest no longer complains of 'Continous run' errors.
+Before:
+
+rngtest -c 1000 < /dev/hwrng
+rngtest 3
+Copyright (c) 2004 by Henrique de Moraes Holschuh
+This is free software; see the source for copying conditions.  There is NO warr.
+
+rngtest: starting FIPS tests...
+rngtest: bits received from input: 20000032
+rngtest: FIPS 140-2 successes: 923
+rngtest: FIPS 140-2 failures: 77
+rngtest: FIPS 140-2(2001-10-10) Monobit: 0
+rngtest: FIPS 140-2(2001-10-10) Poker: 0
+rngtest: FIPS 140-2(2001-10-10) Runs: 1
+rngtest: FIPS 140-2(2001-10-10) Long run: 0
+rngtest: FIPS 140-2(2001-10-10) Continuous run: 76
+rngtest: input channel speed: (min=721.402; avg=46003.510; max=49321.338)Kibitss
+rngtest: FIPS tests speed: (min=11.442; avg=12.714; max=12.801)Mibits/s
+rngtest: Program run time: 1931860 microseconds
+
+After:
+
+rngtest -c 1000 < /dev/hwrng
+rngtest 3
+Copyright (c) 2004 by Henrique de Moraes Holschuh
+This is free software; see the source for copying conditions.  There is NO warr.
+
+rngtest: starting FIPS tests...
+rngtest: bits received from input: 20000032
+rngtest: FIPS 140-2 successes: 1000
+rngtest: FIPS 140-2 failures: 0
+rngtest: FIPS 140-2(2001-10-10) Monobit: 0
+rngtest: FIPS 140-2(2001-10-10) Poker: 0
+rngtest: FIPS 140-2(2001-10-10) Runs: 0
+rngtest: FIPS 140-2(2001-10-10) Long run: 0
+rngtest: FIPS 140-2(2001-10-10) Continuous run: 0
+rngtest: input channel speed: (min=777.518; avg=36988.482; max=43115.342)Kibitss
+rngtest: FIPS tests speed: (min=11.951; avg=12.715; max=12.887)Mibits/s
+rngtest: Program run time: 2035543 microseconds
+
+Signed-off-by: Peter Korsgaard <jacmet@sunsite.dk>
+Reported-by: George Pontis <GPontis@z9.com>
+Acked-by: Nicolas Ferre <nicolas.ferre@atmel.com>
+Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
+---
+ drivers/char/hw_random/atmel-rng.c |    7 +++++++
+ 1 file changed, 7 insertions(+)
+
+--- a/drivers/char/hw_random/atmel-rng.c
++++ b/drivers/char/hw_random/atmel-rng.c
+@@ -36,6 +36,13 @@ static int atmel_trng_read(struct hwrng
+       /* data ready? */
+       if (readl(trng->base + TRNG_ODATA) & 1) {
+               *data = readl(trng->base + TRNG_ODATA);
++              /*
++                ensure data ready is only set again AFTER the next data
++                word is ready in case it got set between checking ISR
++                and reading ODATA, so we don't risk re-reading the
++                same word
++              */
++              readl(trng->base + TRNG_ISR);
+               return 4;
+       } else
+               return 0;

diff --git a/queue-3.4/series b/queue-3.4/series
index ea275bd2fcd6084b43c0254b1df7762973e8c340..372d11cb57a8b51de452e753dd0c1bc1c96a4382 100644 (file)
--- a/queue-3.4/series
+++ b/queue-3.4/series
@@ -9,3 +9,5 @@ timekeeping-fix-clock_monotonic-inconsistency-during-leapsecond.patch
 ext4-fix-the-free-blocks-calculation-for-ext3-file-systems-w-uninit_bg.patch
 x86-uv-fix-uv2-bau-legacy-mode.patch
 x86-mce-amd-make-apic-lvt-thresholding-interrupt-optional.patch
+hwrng-atmel-rng-fix-race-condition-leading-to-repeated-bits.patch
+crypto-aesni-intel-fix-unaligned-cbc-decrypt-for-x86-32.patch