From: Greg Kroah-Hartman Date: Tue, 1 Oct 2024 08:19:57 +0000 (+0200) Subject: 4.19-stable patches X-Git-Tag: v6.6.54~120 X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=ecfb754b058a8d133a545d66f94f1c5f2bea40b8;p=thirdparty%2Fkernel%2Fstable-queue.git 4.19-stable patches added patches: crypto-aead-cipher-zeroize-key-buffer-after-use.patch --- diff --git a/queue-4.19/crypto-aead-cipher-zeroize-key-buffer-after-use.patch b/queue-4.19/crypto-aead-cipher-zeroize-key-buffer-after-use.patch new file mode 100644 index 00000000000..af34fb2c17c --- /dev/null +++ b/queue-4.19/crypto-aead-cipher-zeroize-key-buffer-after-use.patch @@ -0,0 +1,47 @@ +From 23e4099bdc3c8381992f9eb975c79196d6755210 Mon Sep 17 00:00:00 2001 +From: Hailey Mothershead +Date: Mon, 15 Apr 2024 22:19:15 +0000 +Subject: crypto: aead,cipher - zeroize key buffer after use + +From: Hailey Mothershead + +commit 23e4099bdc3c8381992f9eb975c79196d6755210 upstream. + +I.G 9.7.B for FIPS 140-3 specifies that variables temporarily holding +cryptographic information should be zeroized once they are no longer +needed. Accomplish this by using kfree_sensitive for buffers that +previously held the private key. + +Signed-off-by: Hailey Mothershead +Signed-off-by: Herbert Xu +Signed-off-by: Hugo SIMELIERE +Signed-off-by: Greg Kroah-Hartman +--- + crypto/aead.c | 3 +-- + crypto/cipher.c | 3 +-- + 2 files changed, 2 insertions(+), 4 deletions(-) + +--- a/crypto/aead.c ++++ b/crypto/aead.c +@@ -45,8 +45,7 @@ static int setkey_unaligned(struct crypt + alignbuffer = (u8 *)ALIGN((unsigned long)buffer, alignmask + 1); + memcpy(alignbuffer, key, keylen); + ret = crypto_aead_alg(tfm)->setkey(tfm, alignbuffer, keylen); +- memset(alignbuffer, 0, keylen); +- kfree(buffer); ++ kzfree(buffer); + return ret; + } + +--- a/crypto/cipher.c ++++ b/crypto/cipher.c +@@ -38,8 +38,7 @@ static int setkey_unaligned(struct crypt + alignbuffer = (u8 *)ALIGN((unsigned long)buffer, alignmask + 1); + memcpy(alignbuffer, key, keylen); + ret = cia->cia_setkey(tfm, alignbuffer, keylen); +- memset(alignbuffer, 0, keylen); +- kfree(buffer); ++ kzfree(buffer); + return ret; + + } diff --git a/queue-4.19/netfilter-ctnetlink-compile-ctnetlink_label_size-wit.patch b/queue-4.19/netfilter-ctnetlink-compile-ctnetlink_label_size-wit.patch index 0f3c32a1a11..1d37aebe26b 100644 --- a/queue-4.19/netfilter-ctnetlink-compile-ctnetlink_label_size-wit.patch +++ b/queue-4.19/netfilter-ctnetlink-compile-ctnetlink_label_size-wit.patch @@ -46,14 +46,12 @@ Signed-off-by: Simon Horman Signed-off-by: Pablo Neira Ayuso Signed-off-by: Sasha Levin --- - net/netfilter/nf_conntrack_netlink.c | 7 ++----- + net/netfilter/nf_conntrack_netlink.c | 7 ++----- 1 file changed, 2 insertions(+), 5 deletions(-) -diff --git a/net/netfilter/nf_conntrack_netlink.c b/net/netfilter/nf_conntrack_netlink.c -index bcb72ad2c1786..4101a3ce2e309 100644 --- a/net/netfilter/nf_conntrack_netlink.c +++ b/net/netfilter/nf_conntrack_netlink.c -@@ -359,7 +359,7 @@ static int ctnetlink_dump_secctx(struct sk_buff *skb, const struct nf_conn *ct) +@@ -359,7 +359,7 @@ nla_put_failure: #define ctnetlink_dump_secctx(a, b) (0) #endif @@ -62,7 +60,7 @@ index bcb72ad2c1786..4101a3ce2e309 100644 static inline int ctnetlink_label_size(const struct nf_conn *ct) { struct nf_conn_labels *labels = nf_ct_labels_find(ct); -@@ -368,6 +368,7 @@ static inline int ctnetlink_label_size(const struct nf_conn *ct) +@@ -368,6 +368,7 @@ static inline int ctnetlink_label_size(c return 0; return nla_total_size(sizeof(labels->bits)); } @@ -70,7 +68,7 @@ index bcb72ad2c1786..4101a3ce2e309 100644 static int ctnetlink_dump_labels(struct sk_buff *skb, const struct nf_conn *ct) -@@ -388,10 +389,6 @@ ctnetlink_dump_labels(struct sk_buff *skb, const struct nf_conn *ct) +@@ -388,10 +389,6 @@ ctnetlink_dump_labels(struct sk_buff *sk return 0; } @@ -81,6 +79,3 @@ index bcb72ad2c1786..4101a3ce2e309 100644 #define master_tuple(ct) &(ct->master->tuplehash[IP_CT_DIR_ORIGINAL].tuple) --- -2.43.0 - diff --git a/queue-4.19/series b/queue-4.19/series index 78e0d81fa0b..e7f392b21cc 100644 --- a/queue-4.19/series +++ b/queue-4.19/series @@ -67,7 +67,6 @@ minmax-avoid-overly-complex-min-max-macro-arguments-.patch xen-introduce-generic-helper-checking-for-memory-map.patch xen-move-max_pfn-in-xen_memory_setup-out-of-function.patch xen-add-capability-to-remap-non-ram-pages-to-differe.patch -xen-tolerate-acpi-nvs-memory-overlapping-with-xen-al.patch xen-swiotlb-simplify-range_straddles_page_boundary.patch xen-swiotlb-add-alignment-check-for-dma-buffers.patch selftests-bpf-fix-error-compiling-test_lru_map.c.patch @@ -110,3 +109,4 @@ tcp-introduce-tcp_skb_timestamp_us-helper.patch tcp-check-skb-is-non-null-in-tcp_rto_delta_us.patch net-qrtr-update-packets-cloning-when-broadcasting.patch netfilter-ctnetlink-compile-ctnetlink_label_size-wit.patch +crypto-aead-cipher-zeroize-key-buffer-after-use.patch diff --git a/queue-4.19/xen-tolerate-acpi-nvs-memory-overlapping-with-xen-al.patch b/queue-4.19/xen-tolerate-acpi-nvs-memory-overlapping-with-xen-al.patch deleted file mode 100644 index d611d0e632a..00000000000 --- a/queue-4.19/xen-tolerate-acpi-nvs-memory-overlapping-with-xen-al.patch +++ /dev/null @@ -1,161 +0,0 @@ -From 346cd48c6e5bc1bc92addabfaa569a19a1923f41 Mon Sep 17 00:00:00 2001 -From: Sasha Levin -Date: Fri, 2 Aug 2024 20:14:22 +0200 -Subject: xen: tolerate ACPI NVS memory overlapping with Xen allocated memory -MIME-Version: 1.0 -Content-Type: text/plain; charset=UTF-8 -Content-Transfer-Encoding: 8bit - -From: Juergen Gross - -[ Upstream commit be35d91c8880650404f3bf813573222dfb106935 ] - -In order to minimize required special handling for running as Xen PV -dom0, the memory layout is modified to match that of the host. This -requires to have only RAM at the locations where Xen allocated memory -is living. Unfortunately there seem to be some machines, where ACPI -NVS is located at 64 MB, resulting in a conflict with the loaded -kernel or the initial page tables built by Xen. - -Avoid this conflict by swapping the ACPI NVS area in the memory map -with unused RAM. This is possible via modification of the dom0 P2M map. -Accesses to the ACPI NVS area are done either for saving and restoring -it across suspend operations (this will work the same way as before), -or by ACPI code when NVS memory is referenced from other ACPI tables. -The latter case is handled by a Xen specific indirection of -acpi_os_ioremap(). - -While the E820 map can (and should) be modified right away, the P2M -map can be updated only after memory allocation is working, as the P2M -map might need to be extended. - -Fixes: 808fdb71936c ("xen: check for kernel memory conflicting with memory layout") -Signed-off-by: Juergen Gross -Tested-by: Marek Marczykowski-Górecki -Reviewed-by: Jan Beulich -Signed-off-by: Juergen Gross -Signed-off-by: Sasha Levin ---- - arch/x86/xen/setup.c | 92 +++++++++++++++++++++++++++++++++++++++++++- - 1 file changed, 91 insertions(+), 1 deletion(-) - -diff --git a/arch/x86/xen/setup.c b/arch/x86/xen/setup.c -index 64824e922c6ca..70c6f4507de56 100644 ---- a/arch/x86/xen/setup.c -+++ b/arch/x86/xen/setup.c -@@ -538,6 +538,8 @@ void __init xen_remap_memory(void) - set_pte_mfn(buf, mfn_save, PAGE_KERNEL); - - pr_info("Remapped %ld page(s)\n", remapped); -+ -+ xen_do_remap_nonram(); - } - - static unsigned long __init xen_get_pages_limit(void) -@@ -663,14 +665,102 @@ phys_addr_t __init xen_find_free_area(phys_addr_t size) - return 0; - } - -+/* -+ * Swap a non-RAM E820 map entry with RAM above ini_nr_pages. -+ * Note that the E820 map is modified accordingly, but the P2M map isn't yet. -+ * The adaption of the P2M must be deferred until page allocation is possible. -+ */ -+static void __init xen_e820_swap_entry_with_ram(struct e820_entry *swap_entry) -+{ -+ struct e820_entry *entry; -+ unsigned int mapcnt; -+ phys_addr_t mem_end = PFN_PHYS(ini_nr_pages); -+ phys_addr_t swap_addr, swap_size, entry_end; -+ -+ swap_addr = PAGE_ALIGN_DOWN(swap_entry->addr); -+ swap_size = PAGE_ALIGN(swap_entry->addr - swap_addr + swap_entry->size); -+ entry = xen_e820_table.entries; -+ -+ for (mapcnt = 0; mapcnt < xen_e820_table.nr_entries; mapcnt++) { -+ entry_end = entry->addr + entry->size; -+ if (entry->type == E820_TYPE_RAM && entry->size >= swap_size && -+ entry_end - swap_size >= mem_end) { -+ /* Reduce RAM entry by needed space (whole pages). */ -+ entry->size -= swap_size; -+ -+ /* Add new entry at the end of E820 map. */ -+ entry = xen_e820_table.entries + -+ xen_e820_table.nr_entries; -+ xen_e820_table.nr_entries++; -+ -+ /* Fill new entry (keep size and page offset). */ -+ entry->type = swap_entry->type; -+ entry->addr = entry_end - swap_size + -+ swap_addr - swap_entry->addr; -+ entry->size = swap_entry->size; -+ -+ /* Convert old entry to RAM, align to pages. */ -+ swap_entry->type = E820_TYPE_RAM; -+ swap_entry->addr = swap_addr; -+ swap_entry->size = swap_size; -+ -+ /* Remember PFN<->MFN relation for P2M update. */ -+ xen_add_remap_nonram(swap_addr, entry_end - swap_size, -+ swap_size); -+ -+ /* Order E820 table and merge entries. */ -+ e820__update_table(&xen_e820_table); -+ -+ return; -+ } -+ -+ entry++; -+ } -+ -+ xen_raw_console_write("No suitable area found for required E820 entry remapping action\n"); -+ BUG(); -+} -+ -+/* -+ * Look for non-RAM memory types in a specific guest physical area and move -+ * those away if possible (ACPI NVS only for now). -+ */ -+static void __init xen_e820_resolve_conflicts(phys_addr_t start, -+ phys_addr_t size) -+{ -+ struct e820_entry *entry; -+ unsigned int mapcnt; -+ phys_addr_t end; -+ -+ if (!size) -+ return; -+ -+ end = start + size; -+ entry = xen_e820_table.entries; -+ -+ for (mapcnt = 0; mapcnt < xen_e820_table.nr_entries; mapcnt++) { -+ if (entry->addr >= end) -+ return; -+ -+ if (entry->addr + entry->size > start && -+ entry->type == E820_TYPE_NVS) -+ xen_e820_swap_entry_with_ram(entry); -+ -+ entry++; -+ } -+} -+ - /* - * Check for an area in physical memory to be usable for non-movable purposes. -- * An area is considered to usable if the used E820 map lists it to be RAM. -+ * An area is considered to usable if the used E820 map lists it to be RAM or -+ * some other type which can be moved to higher PFNs while keeping the MFNs. - * In case the area is not usable, crash the system with an error message. - */ - void __init xen_chk_is_e820_usable(phys_addr_t start, phys_addr_t size, - const char *component) - { -+ xen_e820_resolve_conflicts(start, size); -+ - if (!xen_is_e820_reserved(start, size)) - return; - --- -2.43.0 -