NAK: [Bionic][PATCH 0/1] Revert "crypto: hash - prevent using keyed hashes without setting key"
Joseph Salisbury
joseph.salisbury at canonical.com
Tue Apr 3 18:48:48 UTC 2018
On 04/03/2018 02:45 PM, Seth Forshee wrote:
> On Tue, Apr 03, 2018 at 01:47:23PM -0400, Joseph Salisbury wrote:
>> BugLink: http://bugs.launchpad.net/bugs/1759791
>>
>> == Bionic Justification ==
>> Mainline commit 9fa68f620041 introduced a regression in Bionic. Bionic
>> got this commit with the 4.15.4 updates as commit 46e8d06.
>>
>> This bug causes the NFS mounts with kerberos set up to stopped working.
>>
>> A proper patch is being discussed upstream, but it has not landed in mainline
>> as of yet:
>> https://patchwork.kernel.org/patch/10311831/
>>
>>
>> == Fix ==
>> A revert of commit:
>> 9fa68f620041 ("crypto: hash - prevent using keyed hashes without setting key")
> The patch being reverted is a security fix, so I'd prefer to not revert
> it. It looks like there's a fix in linux-next already:
>
> commit 190b22eedd032c14cbc2b9e13d112f039460522c
> Author: Eric Biggers <ebiggers at google.com>
> Date: Wed Mar 28 10:57:22 2018 -0700
>
> sunrpc: remove incorrect HMAC request initialization
>
> Can we try using this patch instead?
>
> Thanks,
> Seth
I'll have that patch tested. Thanks, Seth.
More information about the kernel-team
mailing list