On Mon, Apr 28, 2025 at 11:22:06AM +0100, David Howells wrote:
> [Note: Nothing in linus/master uses the krb5lib, though the bug is there,
> but it is used by AF_RXRPC's RxGK implementation in net-next, so can it go
> through the net-next tree rather than directly to Linus or through
> crypto?]
Sure I'm happy for this to go through net-next.
> The recent patch to make the rfc3961 simplified code use sg_miter rather
> than manually walking the scatterlist to hash the contents of a buffer
> described by that scatterlist failed to take the starting offset into
> account.
>
> This is indicated by the selftests reporting:
>
> krb5: Running aes128-cts-hmac-sha256-128 mic
> krb5: !!! TESTFAIL crypto/krb5/selftest.c:446
> krb5: MIC mismatch
>
> Fix this by calling sg_miter_skip() before doing the loop to advance by the
> offset.
>
> This only affects packet signing modes and not full encryption in RxGK
> because, for full encryption, the message digest is handled inside the
> authenc and krb5enc drivers.
>
> Fixes: da6f9bf40ac2 ("crypto: krb5 - Use SG miter instead of doing it by hand")
> Reported-by: Marc Dionne <marc.dionne@xxxxxxxxxxxx>
> Signed-off-by: David Howells <dhowells@xxxxxxxxxx>
> cc: Herbert Xu <herbert@xxxxxxxxxxxxxxxxxxx>
> cc: "David S. Miller" <davem@xxxxxxxxxxxxx>
> cc: Chuck Lever <chuck.lever@xxxxxxxxxx>
> cc: Eric Dumazet <edumazet@xxxxxxxxxx>
> cc: Jakub Kicinski <kuba@xxxxxxxxxx>
> cc: Paolo Abeni <pabeni@xxxxxxxxxx>
> cc: Simon Horman <horms@xxxxxxxxxx>
> cc: linux-afs@xxxxxxxxxxxxxxxxxxx
> cc: linux-nfs@xxxxxxxxxxxxxxx
> cc: linux-crypto@xxxxxxxxxxxxxxx
> cc: netdev@xxxxxxxxxxxxxxx
> ---
> crypto/krb5/rfc3961_simplified.c | 1 +
> 1 file changed, 1 insertion(+)
Acked-by: Herbert Xu <herbert@xxxxxxxxxxxxxxxxxxx>
Thanks,
--
Email: Herbert Xu <herbert@xxxxxxxxxxxxxxxxxxx>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt
