From nobody Tue Dec 05 18:28:42 2023 X-Original-To: fs@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4Sl8Dq1T2bz53JPy for ; Tue, 5 Dec 2023 18:28:43 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4Sl8Dq0NJdz3cdd for ; Tue, 5 Dec 2023 18:28:43 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1701800923; a=rsa-sha256; cv=none; b=M1GdIDcT7dIxJT09rUsT/VnkQWP51aHbfS4gjHLtoJbM4rnPopS4LZ3SJFq37iqZIvC1QE Hj5fpc80BviUpTFxsXZ4y5iH6CQR/pCIaTmveXBwBuIwNRNG0dV7LTU7JcKAUwZ2xLW6jG sISEN1ykvH6vA6mfh+XP912h7r/NpLY0Ekv+aNYyz+Y0XPCuLfwtKATxKwdv+eEIFsZsSH tCcs1ZHP+ZN/VFTa+lHsPNK9S9Vtav9i8zYkJfPFxrNA++SZogGB+RQSk89HonwtpVaxSM aTWIWTjUNyoDtWtU8NCUZkY5wzGHrKMa39YNbBwoBxK7yh/rYyDMjvEugI78Ew== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1701800923; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=VpAhq1/4EVXeYjXikKBH+eoxHXfg4XZx/svwye7TlI0=; b=EllhdecvlnaLTKHQDAd1zQJ9RsccYuP/IVthfur2q3DNAQ6H2YLV4yoPwPohPGzhdyDYwi T5uVinZmaCJ93COlT5YVKxdSwBNvDSxhV6Kx4CBiJwHMhWFQ8Qcv7KV9YuIT1vvrCjD2Gs oGu212o8kpkHATieg50hvYNVIns1GPa7PO8JfBRwPBxP00Rzc/IktYzFua0c2OCAiEzwHC FNcEL5CEHJGo5ryZ80mtR87IGbvLkj7vVzU3Cw3m3zxeZfedggsGjF1atoFALjSj1udQQy xjnKXXLEncxYSveOW0VqGvKmdu3Q/ziphybcoiath/LmplZhCAhqSK3bWp7C8Q== Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2610:1c1:1:606c::50:1d]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4Sl8Dp6VNvz5R3 for ; Tue, 5 Dec 2023 18:28:42 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org ([127.0.1.5]) by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id 3B5ISgbW097626 for ; Tue, 5 Dec 2023 18:28:42 GMT (envelope-from bugzilla-noreply@freebsd.org) Received: (from bugzilla@localhost) by kenobi.freebsd.org (8.15.2/8.15.2/Submit) id 3B5ISg3o097625 for fs@FreeBSD.org; Tue, 5 Dec 2023 18:28:42 GMT (envelope-from bugzilla-noreply@freebsd.org) X-Authentication-Warning: kenobi.freebsd.org: bugzilla set sender to bugzilla-noreply@freebsd.org using -f From: bugzilla-noreply@freebsd.org To: fs@FreeBSD.org Subject: [Bug 275306] 14.0-RELEASE: ossl(4) causes data corruption on encrypted ZFS filesystems/volumes Date: Tue, 05 Dec 2023 18:28:42 +0000 X-Bugzilla-Reason: AssignedTo X-Bugzilla-Type: changed X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: Base System X-Bugzilla-Component: kern X-Bugzilla-Version: 14.0-RELEASE X-Bugzilla-Keywords: X-Bugzilla-Severity: Affects Only Me X-Bugzilla-Who: commit-hook@FreeBSD.org X-Bugzilla-Status: Open X-Bugzilla-Resolution: X-Bugzilla-Priority: --- X-Bugzilla-Assigned-To: fs@FreeBSD.org X-Bugzilla-Flags: X-Bugzilla-Changed-Fields: Message-ID: In-Reply-To: References: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/ Auto-Submitted: auto-generated List-Id: Filesystems List-Archive: https://lists.freebsd.org/archives/freebsd-fs List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-fs@freebsd.org MIME-Version: 1.0 https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D275306 --- Comment #19 from commit-hook@FreeBSD.org --- A commit in branch releng/14.0 references this bug: URL: https://cgit.FreeBSD.org/src/commit/?id=3D9fd62386ad6e6f5c5298cda66c5c18943= 73e4379 commit 9fd62386ad6e6f5c5298cda66c5c1894373e4379 Author: Mark Johnston AuthorDate: 2023-11-29 17:51:55 +0000 Commit: Mark Johnston CommitDate: 2023-12-04 14:02:05 +0000 ossl: Keep mutable AES-GCM state on the stack ossl(4)'s AES-GCM implementation keeps mutable state in the session structure, together with the key schedule. This was done for convenience, as both are initialized together. However, some OCF consumers, particularly ZFS, assume that requests may be dispatched to the same session in parallel. Without serialization, this results in incorrect output. Fix the problem by explicitly copying per-session state onto the stack at the beginning of each operation. PR: 275306 Reviewed by: jhb Fixes: 9a3444d91c70 ("ossl: Add a VAES-based AES-GCM implementation for amd64") MFC after: 3 days Differential Revision: https://reviews.freebsd.org/D42783 Approved by: so Security: FreeBSD-EN-23:17.ossl (cherry picked from commit 5c0dac0b7a012f326edab06ad85aee5ad68ff120) (cherry picked from commit 84ef0a84ecaa4f5d9bcfed3ce10c288953491e7e) sys/crypto/openssl/ossl_aes.c | 29 +++++++++++++++-------------- 1 file changed, 15 insertions(+), 14 deletions(-) --=20 You are receiving this mail because: You are the assignee for the bug.=