From: Greg Kroah-Hartman Date: Fri, 3 Oct 2025 12:57:08 +0000 (+0200) Subject: drop queue-6.16/stable-crypto-sha256-fix-crash-at-kexec.patch X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=7f5d3f2fe6282e14260191c4e6a9a069d3e35f63;p=thirdparty%2Fkernel%2Fstable-queue.git drop queue-6.16/stable-crypto-sha256-fix-crash-at-kexec.patch not needed --- diff --git a/queue-6.16/series b/queue-6.16/series index 5b147611e9..c47cccf3e3 100644 --- a/queue-6.16/series +++ b/queue-6.16/series @@ -1,2 +1 @@ blk-mq-fix-blk_mq_tags-double-free-while-nr_requests-grown.patch -stable-crypto-sha256-fix-crash-at-kexec.patch diff --git a/queue-6.16/stable-crypto-sha256-fix-crash-at-kexec.patch b/queue-6.16/stable-crypto-sha256-fix-crash-at-kexec.patch deleted file mode 100644 index 227ce59600..0000000000 --- a/queue-6.16/stable-crypto-sha256-fix-crash-at-kexec.patch +++ /dev/null @@ -1,76 +0,0 @@ -From leitao@debian.org Fri Oct 3 14:51:49 2025 -From: Breno Leitao -Date: Thu, 02 Oct 2025 04:26:20 -0700 -Subject: crypto: sha256 - fix crash at kexec -To: gregkh@linuxfoundation.org, sashal@kernel.org -Cc: stable@vger.kernel.org, Herbert Xu , "David S. Miller" , Ard Biesheuvel , linux-crypto@vger.kernel.org, linux-kernel@vger.kernel.org, kernel-team@meta.com, Breno Leitao , Michael van der Westhuizen , Tobias Fleig -Message-ID: <20251002-stable_crash-v2-1-836adf233521@debian.org> - -From: Breno Leitao - -Loading a large (~2.1G) files with kexec crashes the host with when -running: - - # kexec --load kernel --initrd initrd_with_2G_or_more - - UBSAN: signed-integer-overflow in ./include/crypto/sha256_base.h:64:19 - 34152083 * 64 cannot be represented in type 'int' - ... - BUG: unable to handle page fault for address: ff9fffff83b624c0 - sha256_update (lib/crypto/sha256.c:137) - crypto_sha256_update (crypto/sha256_generic.c:40) - kexec_calculate_store_digests (kernel/kexec_file.c:769) - __se_sys_kexec_file_load (kernel/kexec_file.c:397 kernel/kexec_file.c:332) - ... - -(Line numbers based on commit da274362a7bd9 ("Linux 6.12.49") - -This started happening after commit f4da7afe07523f -("kexec_file: increase maximum file size to 4G") that landed in v6.0, -which increased the file size for kexec. - -This is not happening upstream (v6.16+), given that `block` type was -upgraded from "int" to "size_t" in commit 74a43a2cf5e8 ("crypto: -lib/sha256 - Move partial block handling out") - -Upgrade the block type similar to the commit above, avoiding hitting the -overflow. - -This patch is only suitable for the stable tree, and before 6.16, which -got commit 74a43a2cf5e8 ("crypto: lib/sha256 - Move partial block -handling out"). This is not required before f4da7afe07523f ("kexec_file: -increase maximum file size to 4G"). In other words, this fix is required -between versions v6.0 and v6.16. - -Signed-off-by: Breno Leitao -Fixes: f4da7afe07523f ("kexec_file: increase maximum file size to 4G") # Before v6.16 -Reported-by: Michael van der Westhuizen -Reported-by: Tobias Fleig -Reviewed-by: Eric Biggers -Signed-off-by: Greg Kroah-Hartman ---- - include/crypto/sha256_base.h | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/include/crypto/sha256_base.h b/include/crypto/sha256_base.h -index e0418818d63c8..e3e610cfe8d30 100644 ---- a/include/crypto/sha256_base.h -+++ b/include/crypto/sha256_base.h -@@ -44,7 +44,7 @@ static inline int lib_sha256_base_do_update(struct sha256_state *sctx, - sctx->count += len; - - if (unlikely((partial + len) >= SHA256_BLOCK_SIZE)) { -- int blocks; -+ unsigned int blocks; - - if (partial) { - int p = SHA256_BLOCK_SIZE - partial; - ---- -base-commit: da274362a7bd9ab3a6e46d15945029145ebce672 -change-id: 20251001-stable_crash-f2151baf043b - -Best regards, --- -Breno Leitao -