On Thu, 24 Oct 2019 10:23:53 -0700, Eric Biggers wrote:
> [+TLS maintainers]
>
> This is a net/tls bug, and probably a duplicate of:
>
> KMSAN: uninit-value in gf128mul_4k_lle (3)
> https://lkml.kernel.org/linux-crypto/[email protected]/T/#u
>
> KMSAN: uninit-value in aesti_encrypt
> https://lkml.kernel.org/linux-crypto/[email protected]/T/#u
>
> See analysis from Alexander Potapenko here which shows that uninitialized memory
> is being passed from TLS subsystem into crypto subsystem:
>
> https://lkml.kernel.org/linux-crypto/CAG_fn=UGCoDk04tL2vB981JmXgo6+-RUPmrTa3dSsK5UbZaTjA@mail.gmail.com/
>
> That was a year ago, with C reproducer, and I've sent several reminders for this
> already. What's the ETA on a fix? Or is TLS subsystem de facto unmaintained?
Re: maintainers it may actually be that the bug is so old the people
who pay attention weren't in the MAINTAINERS yet ;) That'd explain why
Alexander didn't CC us.
Fix posted now:
net/tls: fix sk_msg trim on fallback to copy mode
????