Date: Wed, 29 Nov 2023 17:58:53 +0000 From: bugzilla-noreply@freebsd.org To: fs@FreeBSD.org Subject: [Bug 275306] 14.0-RELEASE: ossl(4) causes data corruption on encrypted ZFS filesystems/volumes Message-ID: <bug-275306-3630-ZeH4kgmMCJ@https.bugs.freebsd.org/bugzilla/> In-Reply-To: <bug-275306-3630@https.bugs.freebsd.org/bugzilla/> References: <bug-275306-3630@https.bugs.freebsd.org/bugzilla/>
next in thread | previous in thread | raw e-mail | index | archive | help
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D275306 --- Comment #16 from commit-hook@FreeBSD.org --- A commit in branch main references this bug: URL: https://cgit.FreeBSD.org/src/commit/?id=3D5c0dac0b7a012f326edab06ad85aee5ad= 68ff120 commit 5c0dac0b7a012f326edab06ad85aee5ad68ff120 Author: Mark Johnston <markj@FreeBSD.org> AuthorDate: 2023-11-29 17:51:55 +0000 Commit: Mark Johnston <markj@FreeBSD.org> CommitDate: 2023-11-29 17:55:51 +0000 ossl: Keep mutable AES-GCM state on the stack ossl(4)'s AES-GCM implementation keeps mutable state in the session structure, together with the key schedule. This was done for convenience, as both are initialized together. However, some OCF consumers, particularly ZFS, assume that requests may be dispatched to the same session in parallel. Without serialization, this results in incorrect output. Fix the problem by explicitly copying per-session state onto the stack at the beginning of each operation. PR: 275306 Reviewed by: jhb Fixes: 9a3444d91c70 ("ossl: Add a VAES-based AES-GCM implementation for amd64") MFC after: 3 days Differential Revision: https://reviews.freebsd.org/D42783 sys/crypto/openssl/ossl_aes.c | 29 +++++++++++++++-------------- 1 file changed, 15 insertions(+), 14 deletions(-) --=20 You are receiving this mail because: You are the assignee for the bug.=
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?bug-275306-3630-ZeH4kgmMCJ>