On Mon, Dec 3, 2018 at 4:26 PM Sasha Levin <sashal@xxxxxxxxxx> wrote: > > + Ben > > On Mon, Dec 03, 2018 at 12:09:25PM +0100, Ilya Dryomov wrote: > >On Sun, Dec 2, 2018 at 4:51 PM Sasha Levin <sashal@xxxxxxxxxx> wrote: > >> > >> This is a note to let you know that I've just added the patch titled > >> > >> libceph: implement CEPHX_V2 calculation mode > >> > >> to the 4.14-stable tree which can be found at: > >> http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=summary > >> > >> The filename of the patch is: > >> libceph-implement-cephx_v2-calculation-mode.patch > >> and it can be found in the queue-4.14 subdirectory. > >> > >> If you, or anyone else, feels it should not be added to the stable tree, > >> please let <stable@xxxxxxxxxxxxxxx> know about it. > >> > >> > >> > >> commit 14735e0afb6ed378becd0dedf37d1e5ddfa12084 > >> Author: Ilya Dryomov <idryomov@xxxxxxxxx> > >> Date: Fri Jul 27 19:25:32 2018 +0200 > >> > >> libceph: implement CEPHX_V2 calculation mode > >> > >> commit cc255c76c70f7a87d97939621eae04b600d9f4a1 upstream. > >> > >> Derive the signature from the entire buffer (both AES cipher blocks) > >> instead of using just the first half of the first block, leaving out > >> data_crc entirely. > >> > >> This addresses CVE-2018-1129. > >> > >> Link: http://tracker.ceph.com/issues/24837 > >> Signed-off-by: Ilya Dryomov <idryomov@xxxxxxxxx> > >> Reviewed-by: Sage Weil <sage@xxxxxxxxxx> > >> Signed-off-by: Ben Hutchings <ben.hutchings@xxxxxxxxxxxxxxx> > >> Signed-off-by: Sasha Levin <sashal@xxxxxxxxxx> > > > >Hi Sasha, > > > >The CVEs mentioned in this series are server side and CEPHX_V2 is > >probably more of a new feature than a security fix. That said, I don't > >object to including it in 4.14.z. If you do, please pick up the > >remaining two patches for interoperability: > > > >f1d10e046379 libceph: weaken sizeof check in ceph_x_verify_authorizer_reply() > >130f52f2b203 libceph: check authorizer reply/challenge length before reading > > Would I be pulling this patch if it didn't have the string > "CVE-2018-1129" in the commit message? Well, I didn't mark this series for stable, so probably not. Thanks, Ilya