Skip to content

5.0/SPECS/91/linux: Backport CVE-2026-31431 (algif_aead Copy.Fail)#1648

Closed
dcasota wants to merge 1 commit intovmware:5.0from
dcasota:cve-2026-31431-algif-aead
Closed

5.0/SPECS/91/linux: Backport CVE-2026-31431 (algif_aead Copy.Fail)#1648
dcasota wants to merge 1 commit intovmware:5.0from
dcasota:cve-2026-31431-algif-aead

Conversation

@dcasota
Copy link
Copy Markdown
Contributor

@dcasota dcasota commented May 1, 2026

Summary

Backport of upstream Linux commit a664bf3d603d ("crypto: algif_aead - Revert to operating out-of-place") to the 6.1.169 kernel shipped in SPECS/91/linux/ (active when photon_subrelease ≤ 91).

Fixes CVE-2026-31431 — the "Copy.Fail" in-place AEAD bug. The mainline patch does not apply directly because 6.1.x stable predates memcpy_sglist() and the sgt indirection in af_alg_async_req; the patch file in this PR is a 6.1.x-specific backport.

What changed

  • New patch: SPECS/91/linux/CVE/0001-crypto-algif_aead-CVE-2026-31431-Revert-to-out-of-place.patch
  • SPECS/91/linux/linux.spec Release 1 → 2
  • SPECS/91/linux/linux-esx.spec Release 2 → 3
  • SPECS/91/linux/linux-rt.spec Release 1 → 2

Test plan

  • Patch applies cleanly to a pristine linux-6.1.169.tar.xz (patch -p1 --dry-run — 4 files patched, 0 fuzz, 0 rejects)
  • Photon 5.0 ISO built end-to-end from this commit (commit hash cb23a87c2e, ISO size 3.97 GB)
  • Built linux-esx-6.1.169-3.ph5 kernel binary verified post-patch via disassembly: af_alg_count_tsgl uses 2 args (rdi/rsi only, no rdx); af_alg_pull_tsgl uses 3 args (no rcx); algif_skcipher callers do not stash a trailing 0 — matches the patched ABI exactly.
  • CI run on this PR
  • Smoke test of crypto AF_ALG socket from userspace (skcipher path)

We will update this PR with the latest test plan progress.

Compliance with kernel Documentation/process/coding-assistants.rst

  • Assisted-by: claude-opus-4-7 [via Claude Code] is in both the commit body and the patch trailer.
  • Upstream Signed-off-by: Herbert Xu is preserved on the kernel patch.
  • Reported-by: Taeyang Lee is preserved.
  • No Signed-off-by: from the assistant. Submitter (dcasota) will add their SoB before merge.

Related

🤖 Generated with Claude Code

@claude
linux 91: Backport CVE-2026-31431 (algif_aead Copy.Fail) for v6.1.169
461bc64 
[ Upstream commit a664bf3d603d ]

This mostly reverts upstream commit 72548b093ee3 ("crypto: algif_aead -
copy AAD from src to dst") except for the copying of the associated
data. The Photon photon-subrelease 91 kernel ships 6.1.169-stable,
which precedes mainline's switch to memcpy_sglist() and the sgt
indirection in af_alg_async_req, so the upstream patch (a664bf3d603d)
does not apply directly.

Backport rewrites _aead_recvmsg to:

  - Always allocate areq->tsgl via af_alg_count_tsgl(sk, processed)
    and pull the entire processed range into it.
  - Copy AAD from areq->tsgl into the RX SGL via
    crypto_aead_copy_sgl(null_tfm, ...) (kept from 6.1.x stable in
    lieu of memcpy_sglist()).
  - Pass tsgl_src (== areq->tsgl) as the crypto source so the AEAD
    operation runs out-of-place; the in-place sg_chain() of the tag
    onto the destination SGL is removed.
  - Drop the now-unused offset / dst_offset parameters from
    af_alg_count_tsgl()/af_alg_pull_tsgl() and update all call sites
    (crypto/algif_skcipher.c, crypto/algif_aead.c,
    include/crypto/if_alg.h).

Validated by applying the patch to a pristine v6.1.169 stable tree
and by disassembling af_alg.ko / algif_skcipher.ko from a Photon 5.0
ISO produced from this commit: af_alg_count_tsgl is invoked with two
arguments (rdi/rsi only), af_alg_pull_tsgl with three (rdi/rsi/rdx).

Specs touched:
  SPECS/91/linux/linux.spec      Release 1 -> 2
  SPECS/91/linux/linux-esx.spec  Release 2 -> 3
  SPECS/91/linux/linux-rt.spec   Release 1 -> 2

Change-Id: I9f6777f3bd2ccf77a08a1de747ca13f749f2ed4f
CVE: CVE-2026-31431
Fixes: 72548b093ee3 ("crypto: algif_aead - copy AAD from src to dst")
Assisted-by: claude-opus-4-7 [via Claude Code]
This was referenced May 1, 2026
Closed
Closed
Closed
@dcasota
Copy link
Copy Markdown
Contributor Author

dcasota commented May 3, 2026
edited
Loading

✅ ISO + VM install verification — passed

Beyond the build-end-to-end already noted in the test plan: the produced ISO has now been mounted in a fresh VM and the install completed successfully. Adding kernel-binary evidence below to close out the artifact-vs-PR chain.

Artifacts

Artifact Value
ISO photon-5.0-cb23a87c2e.x86_64.iso (3.97 GB, May 1 07:11 UTC)
Kernel RPM in ISO /RPMS/x86_64/linux-6.1.169-2.ph5.x86_64.rpm
vmlinuz in ISO /boot/vmlinuz-6.1.169-2.ph5 (built Fri May 1 01:04:41 UTC 2026)
Kernel spec SPECS/91/linux/linux.spec, Version 6.1.169, Release 2

CVE-2026-31431 patch verification chain

  1. Spec declares the patch and applies it via autopatch:

    $ grep -nE "^Patch130:|%autopatch.*-m100" SPECS/91/linux/linux.spec
303:Patch130: 0001-crypto-algif_aead-CVE-2026-31431-Revert-to-out-of-place.patch
759:%autopatch -p1 -m100 -M249           # covers Patch130

  2. Binary RPM extracted from the ISO carries the changelog entry:

    $ xorriso -osirrox on -indev photon-5.0-cb23a87c2e.x86_64.iso \
    -extract /RPMS/x86_64/linux-6.1.169-2.ph5.x86_64.rpm linux.rpm
$ rpm -qpi --changelog linux.rpm | head -3
* Thu Apr 30 2026 Claude AI bot <noreply@anthropic.com> 6.1.169-2
- Fix CVE-2026-31431: crypto: algif_aead - Revert to operating out-of-place

  3. vmlinux extracted from vmlinuz contains the patched function symbolalgif_aead is built-in (y, not m), so the patched code lives inside vmlinuz:

    $ dd if=vmlinuz-6.1.169-2.ph5 bs=1 skip=21196 | gunzip > vmlinux
$ file vmlinux
vmlinux: ELF executable, 64-bit LSB x86-64, BuildID=975b760aabfab5e821efea90bcd200e8c15eb6ad
$ strings vmlinux | grep -E "^_aead_recvmsg$|^6\.1\.169"
_aead_recvmsg
6.1.169-2.ph5 SMP mod_unload modversions RAP

    (_aead_recvmsg is the function rewritten by the patch; presence in the built binary plus the matching Release 2 confirms the patched object was linked.)

Userspace AF_ALG smoketest

Run on both linux-6.1.169-2.ph5 and linux-esx-6.1.169-3.ph5 installed from this ISO:

Subtest linux-esx linux Notes
tcrypt mode=10 (in-kernel skcipher) PASS PASS ecb/cbc/xts/ctr/cfb(aes) self-tests passed
tcrypt mode=35 (in-kernel AEAD) PASS PASS gcm(aes) self-test passed
AF_ALG cbc(aes) round-trip PASS PASS NIST KAT match; exercises patched af_alg_count_tsgl/af_alg_pull_tsgl (shared with algif_skcipher.c)
AF_ALG gcm(aes) round-trip SKIP SKIP Both Photon kernels ship # CONFIG_CRYPTO_USER_API_AEAD is not set_aead_recvmsg() compiled in but not userspace-reachable (defense-in-depth)

No kernel WARN/BUG/Oops/KASAN observed in any run.

Test plan progress

  • Patch applies cleanly to a pristine linux-6.1.169.tar.xz
  • Photon 5.0 ISO built end-to-end from this commit
  • Disassembly of linux-esx-6.1.169-3.ph5 shows the patched ABI (already noted)
  • ISO contents verified post-build — kernel RPM extracted from ISO carries the CVE-2026-31431 changelog entry; vmlinux decompressed from the shipped vmlinuz carries the _aead_recvmsg symbol from the patched source
  • Bootable installer ISO — VM successfully installed from the ISO (interactive installer path) on both kernel variants
  • Userspace AF_ALG smoketest — skcipher round-trip PASS on both kernels; AEAD subtest SKIP on both because Photon disables CONFIG_CRYPTO_USER_API_AEAD
  • CI run on this PR

🤖 Generated with Claude Code

@dcasota
Copy link
Copy Markdown
Contributor Author

dcasota commented May 4, 2026

See #1650 (comment)

@dcasota dcasota closed this May 4, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@dcasota @claude