2007-05-24 22:24:49

by Chris Wright

[permalink] [raw]
Subject: Linux 2.6.20.12

We (the -stable team) are announcing the release of the 2.6.20.12 kernel.
This release has a single security fix in it for the geode-aes driver.
Users with this driver are definitely recommended to upgrade, without
the fix there is risk of leaking confidential data.

f66e4a94: GEODE-AES: Allow in-place operations [CVE-2007-2451]

I'll also be replying to this message with a copy of the patch between
2.6.20.11 and 2.6.20.12

The updated 2.6.20.y git tree can be found at:
git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-2.6.20.y.git
and can be browsed at the normal kernel.org git web browser:
http://git.kernel.org/?p=linux/kernel/git/stable/linux-2.6.20.y.git;a=summary

thanks,
-chris

--------

Makefile | 2 +-
drivers/crypto/geode-aes.c | 12 +++++++++---
drivers/crypto/geode-aes.h | 3 +--
3 files changed, 11 insertions(+), 6 deletions(-)

Summary of changes from v2.6.20.11 to v2.6.20.12
============================================

Chris Wright (1):
Linux 2.6.20.12

Jordan Crouse (1):
GEODE-AES: Allow in-place operations [CVE-2007-2451]


2007-05-24 22:25:23

by Chris Wright

[permalink] [raw]
Subject: Re: Linux 2.6.20.12

diff --git a/Makefile b/Makefile
index f585e79..87f5956 100644
--- a/Makefile
+++ b/Makefile
@@ -1,7 +1,7 @@
VERSION = 2
PATCHLEVEL = 6
SUBLEVEL = 20
-EXTRAVERSION = .11
+EXTRAVERSION = .12
NAME = Homicidal Dwarf Hamster

# *DOCUMENTATION*
diff --git a/drivers/crypto/geode-aes.c b/drivers/crypto/geode-aes.c
index 43a6839..9dbb218 100644
--- a/drivers/crypto/geode-aes.c
+++ b/drivers/crypto/geode-aes.c
@@ -104,10 +104,15 @@ geode_aes_crypt(struct geode_aes_op *op)
u32 flags = 0;
int iflags;

- if (op->len == 0 || op->src == op->dst)
+ if (op->len == 0)
return 0;

- if (op->flags & AES_FLAGS_COHERENT)
+ /* If the source and destination is the same, then
+ * we need to turn on the coherent flags, otherwise
+ * we don't need to worry
+ */
+
+ if (op->src == op->dst)
flags |= (AES_CTRL_DCA | AES_CTRL_SCA);

if (op->dir == AES_DIR_ENCRYPT)
@@ -122,7 +127,7 @@ geode_aes_crypt(struct geode_aes_op *op)
_writefield(AES_WRITEIV0_REG, op->iv);
}

- if (op->flags & AES_FLAGS_USRKEY) {
+ if (!(op->flags & AES_FLAGS_HIDDENKEY)) {
flags |= AES_CTRL_WRKEY;
_writefield(AES_WRITEKEY0_REG, op->key);
}
@@ -291,6 +296,7 @@ static struct crypto_alg geode_cbc_alg = {
.setkey = geode_setkey,
.encrypt = geode_cbc_encrypt,
.decrypt = geode_cbc_decrypt,
+ .ivsize = AES_IV_LENGTH,
}
}
};
diff --git a/drivers/crypto/geode-aes.h b/drivers/crypto/geode-aes.h
index 8003a36..f479686 100644
--- a/drivers/crypto/geode-aes.h
+++ b/drivers/crypto/geode-aes.h
@@ -20,8 +20,7 @@
#define AES_DIR_DECRYPT 0
#define AES_DIR_ENCRYPT 1

-#define AES_FLAGS_USRKEY (1 << 0)
-#define AES_FLAGS_COHERENT (1 << 1)
+#define AES_FLAGS_HIDDENKEY (1 << 0)

struct geode_aes_op {