This bug is awaiting verification that the kernel in -proposed solves
the problem. Please test the kernel and update this bug with the
results. If the problem is solved, change the tag 'verification-needed-
yakkety' to 'verification-done-yakkety'.
If verification is not done by 5 working days from today, this fix will
be dropped from the source code, and this bug will be closed.
See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how
to enable and use -proposed. Thank you!
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
crypto/vmx/p8_ghash memory corruption
Status in linux package in Ubuntu:
Status in linux source package in Xenial:
Status in linux source package in Yakkety:
That bug was reported on the linux-crypto mailing list by Jan Stancek.
The bug is not easily reproduced on Xenial because the crypto API test
manager is not enabled and the hash test that exorcises this bug is
not present on the Xenial kernel.
I'm chasing a memory corruption with 4.8-rc7 as I'm observing random Oopses
on ppc BE/LE systems (lpars, KVM guests). About 30% of issues is that
module list gets corrupted, and "cat /proc/modules" or "lsmod" triggers
an Oops, for example:
[ 88.486041] Unable to handle kernel paging request for data at address
[ 88.487658] NIP [c00000000020f820] m_show+0xa0/0x240
[ 88.487689] LR [c00000000020f834] m_show+0xb4/0x240
[ 88.487719] Call Trace:
[ 88.487736] [c0000004b605bbb0] [c00000000020f834] m_show+0xb4/0x240
[ 88.487796] [c0000004b605bc50] [c00000000045e73c] seq_read+0x36c/0x520
[ 88.487843] [c0000004b605bcf0] [c0000000004e1014] proc_reg_read+0x84/0x120
[ 88.487889] [c0000004b605bd30] [c00000000040df88] vfs_read+0xf8/0x380
[ 88.487934] [c0000004b605bde0] [c00000000040fd40] SyS_read+0x60/0x110
[ 88.487981] [c0000004b605be30] [c000000000009590] system_call+0x38/0xec
0x20 offset is module_use->source, module_use is NULL because
The source of corruption appears to originate from a 'ahash' test for
With some extra traces , I'm seeing that ahash_partial_update() allocates
for 'state', and then crypto_ahash_export() writes 76 bytes into it:
[ 5.970887] __test_hash alg name p8_ghash, result: c000000004333ac0, key:
c0000004b860a500, req: c0000004b860a380
[ 5.970963] state: c000000004333f00, statesize: 56
[ 5.970995] shash_default_export memcpy c000000004333f00 c0000004b860a3e0,
This seems to directly correspond with:
p8_ghash_alg.descsize = sizeof(struct p8_ghash_desc_ctx) == 56
shash_tfm->descsize = sizeof(struct p8_ghash_desc_ctx) +
crypto_shash_descsize(fallback) == 56 + 20
where 20 is presumably coming from "ghash_alg.descsize".
My gut feeling was that these 2 should match, but I'd love to hear
what crypto people think.
To manage notifications about this bug go to:
Mailing list: https://launchpad.net/~kernel-packages
Post to : email@example.com
Unsubscribe : https://launchpad.net/~kernel-packages
More help : https://help.launchpad.net/ListHelp