NAK: [Bionic][PATCH 0/1] Revert "crypto: hash - prevent using keyed hashes without setting key"
Seth Forshee
seth.forshee at canonical.com
Tue Apr 10 15:25:01 UTC 2018
On Tue, Apr 10, 2018 at 11:10:36AM -0400, Joseph Salisbury wrote:
> On 04/03/2018 02:45 PM, Seth Forshee wrote:
> > On Tue, Apr 03, 2018 at 01:47:23PM -0400, Joseph Salisbury wrote:
> >> BugLink: http://bugs.launchpad.net/bugs/1759791
> >>
> >> == Bionic Justification ==
> >> Mainline commit 9fa68f620041 introduced a regression in Bionic. Bionic
> >> got this commit with the 4.15.4 updates as commit 46e8d06.
> >>
> >> This bug causes the NFS mounts with kerberos set up to stopped working.
> >>
> >> A proper patch is being discussed upstream, but it has not landed in mainline
> >> as of yet:
> >> https://patchwork.kernel.org/patch/10311831/
> >>
> >>
> >> == Fix ==
> >> A revert of commit:
> >> 9fa68f620041 ("crypto: hash - prevent using keyed hashes without setting key")
> > The patch being reverted is a security fix, so I'd prefer to not revert
> > it. It looks like there's a fix in linux-next already:
> >
> > commit 190b22eedd032c14cbc2b9e13d112f039460522c
> > Author: Eric Biggers <ebiggers at google.com>
> > Date: Wed Mar 28 10:57:22 2018 -0700
> >
> > sunrpc: remove incorrect HMAC request initialization
> >
> > Can we try using this patch instead?
> >
> > Thanks,
> > Seth
>
> Testing of that commit is confirmed to resolve the bug by two separate
> users that were affected. Can we pull that commit into Bionic instead
> of the revert?
Done, thanks!
More information about the kernel-team
mailing list