4.19-stable patches

added patches:
	crypto-aead-cipher-zeroize-key-buffer-after-use.patch

diff --git a/queue-4.19/crypto-aead-cipher-zeroize-key-buffer-after-use.patch b/queue-4.19/crypto-aead-cipher-zeroize-key-buffer-after-use.patch
new file mode 100644 (file)
index 0000000..af34fb2
--- /dev/null
+++ b/queue-4.19/crypto-aead-cipher-zeroize-key-buffer-after-use.patch
@@ -0,0 +1,47 @@
+From 23e4099bdc3c8381992f9eb975c79196d6755210 Mon Sep 17 00:00:00 2001
+From: Hailey Mothershead <hailmo@amazon.com>
+Date: Mon, 15 Apr 2024 22:19:15 +0000
+Subject: crypto: aead,cipher - zeroize key buffer after use
+
+From: Hailey Mothershead <hailmo@amazon.com>
+
+commit 23e4099bdc3c8381992f9eb975c79196d6755210 upstream.
+
+I.G 9.7.B for FIPS 140-3 specifies that variables temporarily holding
+cryptographic information should be zeroized once they are no longer
+needed. Accomplish this by using kfree_sensitive for buffers that
+previously held the private key.
+
+Signed-off-by: Hailey Mothershead <hailmo@amazon.com>
+Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
+Signed-off-by: Hugo SIMELIERE <hsimeliere.opensource@witekio.com>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+---
+ crypto/aead.c   |    3 +--
+ crypto/cipher.c |    3 +--
+ 2 files changed, 2 insertions(+), 4 deletions(-)
+
+--- a/crypto/aead.c
++++ b/crypto/aead.c
+@@ -45,8 +45,7 @@ static int setkey_unaligned(struct crypt
+       alignbuffer = (u8 *)ALIGN((unsigned long)buffer, alignmask + 1);
+       memcpy(alignbuffer, key, keylen);
+       ret = crypto_aead_alg(tfm)->setkey(tfm, alignbuffer, keylen);
+-      memset(alignbuffer, 0, keylen);
+-      kfree(buffer);
++      kzfree(buffer);
+       return ret;
+ }
+ 
+--- a/crypto/cipher.c
++++ b/crypto/cipher.c
+@@ -38,8 +38,7 @@ static int setkey_unaligned(struct crypt
+       alignbuffer = (u8 *)ALIGN((unsigned long)buffer, alignmask + 1);
+       memcpy(alignbuffer, key, keylen);
+       ret = cia->cia_setkey(tfm, alignbuffer, keylen);
+-      memset(alignbuffer, 0, keylen);
+-      kfree(buffer);
++      kzfree(buffer);
+       return ret;
+ 
+ }

diff --git a/queue-4.19/netfilter-ctnetlink-compile-ctnetlink_label_size-wit.patch b/queue-4.19/netfilter-ctnetlink-compile-ctnetlink_label_size-wit.patch
index 0f3c32a1a114bdd4fa3cc5bdbc490a1a9bc9688d..1d37aebe26b5ec90e7e4d8cca45569091e3ccfe2 100644 (file)
--- a/queue-4.19/netfilter-ctnetlink-compile-ctnetlink_label_size-wit.patch
+++ b/queue-4.19/netfilter-ctnetlink-compile-ctnetlink_label_size-wit.patch
@@ -46,14 +46,12 @@ Signed-off-by: Simon Horman <horms@kernel.org>
 Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
 Signed-off-by: Sasha Levin <sashal@kernel.org>
 ---
- net/netfilter/nf_conntrack_netlink.c | 7 ++-----
+ net/netfilter/nf_conntrack_netlink.c |    7 ++-----
  1 file changed, 2 insertions(+), 5 deletions(-)
 
-diff --git a/net/netfilter/nf_conntrack_netlink.c b/net/netfilter/nf_conntrack_netlink.c
-index bcb72ad2c1786..4101a3ce2e309 100644
 --- a/net/netfilter/nf_conntrack_netlink.c
 +++ b/net/netfilter/nf_conntrack_netlink.c
-@@ -359,7 +359,7 @@ static int ctnetlink_dump_secctx(struct sk_buff *skb, const struct nf_conn *ct)
+@@ -359,7 +359,7 @@ nla_put_failure:
  #define ctnetlink_dump_secctx(a, b) (0)
  #endif
  
@@ -62,7 +60,7 @@ index bcb72ad2c1786..4101a3ce2e309 100644
  static inline int ctnetlink_label_size(const struct nf_conn *ct)
  {
        struct nf_conn_labels *labels = nf_ct_labels_find(ct);
-@@ -368,6 +368,7 @@ static inline int ctnetlink_label_size(const struct nf_conn *ct)
+@@ -368,6 +368,7 @@ static inline int ctnetlink_label_size(c
                return 0;
        return nla_total_size(sizeof(labels->bits));
  }
@@ -70,7 +68,7 @@ index bcb72ad2c1786..4101a3ce2e309 100644
  
  static int
  ctnetlink_dump_labels(struct sk_buff *skb, const struct nf_conn *ct)
-@@ -388,10 +389,6 @@ ctnetlink_dump_labels(struct sk_buff *skb, const struct nf_conn *ct)
+@@ -388,10 +389,6 @@ ctnetlink_dump_labels(struct sk_buff *sk
  
        return 0;
  }
@@ -81,6 +79,3 @@ index bcb72ad2c1786..4101a3ce2e309 100644
  
  #define master_tuple(ct) &(ct->master->tuplehash[IP_CT_DIR_ORIGINAL].tuple)
  
--- 
-2.43.0
-

diff --git a/queue-4.19/series b/queue-4.19/series
index 78e0d81fa0b1e8c198ba0534c79e08bb79644a8f..e7f392b21cce0789dfe3073bc7e3ce44dd8704ef 100644 (file)
--- a/queue-4.19/series
+++ b/queue-4.19/series
@@ -67,7 +67,6 @@ minmax-avoid-overly-complex-min-max-macro-arguments-.patch
 xen-introduce-generic-helper-checking-for-memory-map.patch
 xen-move-max_pfn-in-xen_memory_setup-out-of-function.patch
 xen-add-capability-to-remap-non-ram-pages-to-differe.patch
-xen-tolerate-acpi-nvs-memory-overlapping-with-xen-al.patch
 xen-swiotlb-simplify-range_straddles_page_boundary.patch
 xen-swiotlb-add-alignment-check-for-dma-buffers.patch
 selftests-bpf-fix-error-compiling-test_lru_map.c.patch
@@ -110,3 +109,4 @@ tcp-introduce-tcp_skb_timestamp_us-helper.patch
 tcp-check-skb-is-non-null-in-tcp_rto_delta_us.patch
 net-qrtr-update-packets-cloning-when-broadcasting.patch
 netfilter-ctnetlink-compile-ctnetlink_label_size-wit.patch
+crypto-aead-cipher-zeroize-key-buffer-after-use.patch

diff --git a/queue-4.19/xen-tolerate-acpi-nvs-memory-overlapping-with-xen-al.patch b/queue-4.19/xen-tolerate-acpi-nvs-memory-overlapping-with-xen-al.patch
deleted file mode 100644 (file)
index d611d0e..0000000
--- a/queue-4.19/xen-tolerate-acpi-nvs-memory-overlapping-with-xen-al.patch
+++ /dev/null
@@ -1,161 +0,0 @@
-From 346cd48c6e5bc1bc92addabfaa569a19a1923f41 Mon Sep 17 00:00:00 2001
-From: Sasha Levin <sashal@kernel.org>
-Date: Fri, 2 Aug 2024 20:14:22 +0200
-Subject: xen: tolerate ACPI NVS memory overlapping with Xen allocated memory
-MIME-Version: 1.0
-Content-Type: text/plain; charset=UTF-8
-Content-Transfer-Encoding: 8bit
-
-From: Juergen Gross <jgross@suse.com>
-
-[ Upstream commit be35d91c8880650404f3bf813573222dfb106935 ]
-
-In order to minimize required special handling for running as Xen PV
-dom0, the memory layout is modified to match that of the host. This
-requires to have only RAM at the locations where Xen allocated memory
-is living. Unfortunately there seem to be some machines, where ACPI
-NVS is located at 64 MB, resulting in a conflict with the loaded
-kernel or the initial page tables built by Xen.
-
-Avoid this conflict by swapping the ACPI NVS area in the memory map
-with unused RAM. This is possible via modification of the dom0 P2M map.
-Accesses to the ACPI NVS area are done either for saving and restoring
-it across suspend operations (this will work the same way as before),
-or by ACPI code when NVS memory is referenced from other ACPI tables.
-The latter case is handled by a Xen specific indirection of
-acpi_os_ioremap().
-
-While the E820 map can (and should) be modified right away, the P2M
-map can be updated only after memory allocation is working, as the P2M
-map might need to be extended.
-
-Fixes: 808fdb71936c ("xen: check for kernel memory conflicting with memory layout")
-Signed-off-by: Juergen Gross <jgross@suse.com>
-Tested-by: Marek Marczykowski-Górecki <marmarek@invisiblethingslab.com>
-Reviewed-by: Jan Beulich <jbeulich@suse.com>
-Signed-off-by: Juergen Gross <jgross@suse.com>
-Signed-off-by: Sasha Levin <sashal@kernel.org>
----
- arch/x86/xen/setup.c | 92 +++++++++++++++++++++++++++++++++++++++++++-
- 1 file changed, 91 insertions(+), 1 deletion(-)
-
-diff --git a/arch/x86/xen/setup.c b/arch/x86/xen/setup.c
-index 64824e922c6ca..70c6f4507de56 100644
---- a/arch/x86/xen/setup.c
-+++ b/arch/x86/xen/setup.c
-@@ -538,6 +538,8 @@ void __init xen_remap_memory(void)
-       set_pte_mfn(buf, mfn_save, PAGE_KERNEL);
- 
-       pr_info("Remapped %ld page(s)\n", remapped);
-+
-+      xen_do_remap_nonram();
- }
- 
- static unsigned long __init xen_get_pages_limit(void)
-@@ -663,14 +665,102 @@ phys_addr_t __init xen_find_free_area(phys_addr_t size)
-       return 0;
- }
- 
-+/*
-+ * Swap a non-RAM E820 map entry with RAM above ini_nr_pages.
-+ * Note that the E820 map is modified accordingly, but the P2M map isn't yet.
-+ * The adaption of the P2M must be deferred until page allocation is possible.
-+ */
-+static void __init xen_e820_swap_entry_with_ram(struct e820_entry *swap_entry)
-+{
-+      struct e820_entry *entry;
-+      unsigned int mapcnt;
-+      phys_addr_t mem_end = PFN_PHYS(ini_nr_pages);
-+      phys_addr_t swap_addr, swap_size, entry_end;
-+
-+      swap_addr = PAGE_ALIGN_DOWN(swap_entry->addr);
-+      swap_size = PAGE_ALIGN(swap_entry->addr - swap_addr + swap_entry->size);
-+      entry = xen_e820_table.entries;
-+
-+      for (mapcnt = 0; mapcnt < xen_e820_table.nr_entries; mapcnt++) {
-+              entry_end = entry->addr + entry->size;
-+              if (entry->type == E820_TYPE_RAM && entry->size >= swap_size &&
-+                  entry_end - swap_size >= mem_end) {
-+                      /* Reduce RAM entry by needed space (whole pages). */
-+                      entry->size -= swap_size;
-+
-+                      /* Add new entry at the end of E820 map. */
-+                      entry = xen_e820_table.entries +
-+                              xen_e820_table.nr_entries;
-+                      xen_e820_table.nr_entries++;
-+
-+                      /* Fill new entry (keep size and page offset). */
-+                      entry->type = swap_entry->type;
-+                      entry->addr = entry_end - swap_size +
-+                                    swap_addr - swap_entry->addr;
-+                      entry->size = swap_entry->size;
-+
-+                      /* Convert old entry to RAM, align to pages. */
-+                      swap_entry->type = E820_TYPE_RAM;
-+                      swap_entry->addr = swap_addr;
-+                      swap_entry->size = swap_size;
-+
-+                      /* Remember PFN<->MFN relation for P2M update. */
-+                      xen_add_remap_nonram(swap_addr, entry_end - swap_size,
-+                                           swap_size);
-+
-+                      /* Order E820 table and merge entries. */
-+                      e820__update_table(&xen_e820_table);
-+
-+                      return;
-+              }
-+
-+              entry++;
-+      }
-+
-+      xen_raw_console_write("No suitable area found for required E820 entry remapping action\n");
-+      BUG();
-+}
-+
-+/*
-+ * Look for non-RAM memory types in a specific guest physical area and move
-+ * those away if possible (ACPI NVS only for now).
-+ */
-+static void __init xen_e820_resolve_conflicts(phys_addr_t start,
-+                                            phys_addr_t size)
-+{
-+      struct e820_entry *entry;
-+      unsigned int mapcnt;
-+      phys_addr_t end;
-+
-+      if (!size)
-+              return;
-+
-+      end = start + size;
-+      entry = xen_e820_table.entries;
-+
-+      for (mapcnt = 0; mapcnt < xen_e820_table.nr_entries; mapcnt++) {
-+              if (entry->addr >= end)
-+                      return;
-+
-+              if (entry->addr + entry->size > start &&
-+                  entry->type == E820_TYPE_NVS)
-+                      xen_e820_swap_entry_with_ram(entry);
-+
-+              entry++;
-+      }
-+}
-+
- /*
-  * Check for an area in physical memory to be usable for non-movable purposes.
-- * An area is considered to usable if the used E820 map lists it to be RAM.
-+ * An area is considered to usable if the used E820 map lists it to be RAM or
-+ * some other type which can be moved to higher PFNs while keeping the MFNs.
-  * In case the area is not usable, crash the system with an error message.
-  */
- void __init xen_chk_is_e820_usable(phys_addr_t start, phys_addr_t size,
-                                  const char *component)
- {
-+      xen_e820_resolve_conflicts(start, size);
-+
-       if (!xen_is_e820_reserved(start, size))
-               return;
- 
--- 
-2.43.0
-