Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit d644c026 authored by Linus Torvalds's avatar Linus Torvalds
Browse files

Merge git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6 

Pull crypto fixes from Herbert Xu:
 "This push fixes a number of crashes triggered by a previous crypto
  self-test update.  It also fixes a build problem in the caam driver,
  as well as a concurrency issue in s390.

  Finally there is a pair of fixes to bugs in the crypto scatterwalk
  code and authenc that may lead to crashes"

* git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6:
  crypto: testmgr - fix sglen in test_aead for case 'dst != src'
  crypto: talitos - fix aead sglen for case 'dst != src'
  crypto: caam - fix aead sglen for case 'dst != src'
  crypto: ccm - Fix handling of zero plaintext when computing mac
  crypto: s390 - Fix aes-xts parameter corruption
  crypto: talitos - corrrectly handle zero-length assoc data
  crypto: scatterwalk - Set the chain pointer indication bit
  crypto: authenc - Find proper IV address in ablkcipher callback
  crypto: caam - Add missing Job Ring include
parents 1ab231b2 8ec25c51

arch/s390/crypto/aes_s390.c

+17 −14
Original line number Diff line number Diff line
@@ -55,8 +55,7 @@ struct pcc_param { 


struct s390_xts_ctx {

	u8 key[32];

	u8 xts_param[16];

	struct pcc_param pcc;

	u8 pcc_key[32];

	long enc;

	long dec;

	int key_len;
@@ -591,7 +590,7 @@ static int xts_aes_set_key(struct crypto_tfm *tfm, const u8 *in_key, 
		xts_ctx->enc = KM_XTS_128_ENCRYPT;

		xts_ctx->dec = KM_XTS_128_DECRYPT;

		memcpy(xts_ctx->key + 16, in_key, 16);

		memcpy(xts_ctx->pcc.key + 16, in_key + 16, 16);

		memcpy(xts_ctx->pcc_key + 16, in_key + 16, 16);

		break;

	case 48:

		xts_ctx->enc = 0;
@@ -602,7 +601,7 @@ static int xts_aes_set_key(struct crypto_tfm *tfm, const u8 *in_key, 
		xts_ctx->enc = KM_XTS_256_ENCRYPT;

		xts_ctx->dec = KM_XTS_256_DECRYPT;

		memcpy(xts_ctx->key, in_key, 32);

		memcpy(xts_ctx->pcc.key, in_key + 32, 32);

		memcpy(xts_ctx->pcc_key, in_key + 32, 32);

		break;

	default:

		*flags |= CRYPTO_TFM_RES_BAD_KEY_LEN;
@@ -621,29 +620,33 @@ static int xts_aes_crypt(struct blkcipher_desc *desc, long func, 
	unsigned int nbytes = walk->nbytes;

	unsigned int n;

	u8 *in, *out;

	void *param;

	struct pcc_param pcc_param;

	struct {

		u8 key[32];

		u8 init[16];

	} xts_param;



	if (!nbytes)

		goto out;



	memset(xts_ctx->pcc.block, 0, sizeof(xts_ctx->pcc.block));

	memset(xts_ctx->pcc.bit, 0, sizeof(xts_ctx->pcc.bit));

	memset(xts_ctx->pcc.xts, 0, sizeof(xts_ctx->pcc.xts));

	memcpy(xts_ctx->pcc.tweak, walk->iv, sizeof(xts_ctx->pcc.tweak));

	param = xts_ctx->pcc.key + offset;

	ret = crypt_s390_pcc(func, param);

	memset(pcc_param.block, 0, sizeof(pcc_param.block));

	memset(pcc_param.bit, 0, sizeof(pcc_param.bit));

	memset(pcc_param.xts, 0, sizeof(pcc_param.xts));

	memcpy(pcc_param.tweak, walk->iv, sizeof(pcc_param.tweak));

	memcpy(pcc_param.key, xts_ctx->pcc_key, 32);

	ret = crypt_s390_pcc(func, &pcc_param.key[offset]);

	if (ret < 0)

		return -EIO;



	memcpy(xts_ctx->xts_param, xts_ctx->pcc.xts, 16);

	param = xts_ctx->key + offset;

	memcpy(xts_param.key, xts_ctx->key, 32);

	memcpy(xts_param.init, pcc_param.xts, 16);

	do {

		/* only use complete blocks */

		n = nbytes & ~(AES_BLOCK_SIZE - 1);

		out = walk->dst.virt.addr;

		in = walk->src.virt.addr;



		ret = crypt_s390_km(func, param, out, in, n);

		ret = crypt_s390_km(func, &xts_param.key[offset], out, in, n);

		if (ret < 0 || ret != n)

			return -EIO;

crypto/authenc.c

+4 −3
Original line number Diff line number Diff line
@@ -380,9 +380,10 @@ static void crypto_authenc_encrypt_done(struct crypto_async_request *req, 
	if (!err) {

		struct crypto_aead *authenc = crypto_aead_reqtfm(areq);

		struct crypto_authenc_ctx *ctx = crypto_aead_ctx(authenc);

		struct ablkcipher_request *abreq = aead_request_ctx(areq);

		u8 *iv = (u8 *)(abreq + 1) +

			 crypto_ablkcipher_reqsize(ctx->enc);

		struct authenc_request_ctx *areq_ctx = aead_request_ctx(areq);

		struct ablkcipher_request *abreq = (void *)(areq_ctx->tail

							    + ctx->reqoff);

		u8 *iv = (u8 *)abreq - crypto_ablkcipher_ivsize(ctx->enc);



		err = crypto_authenc_genicv(areq, iv, 0);

	}

crypto/ccm.c

+2 −1
Original line number Diff line number Diff line
@@ -271,6 +271,7 @@ static int crypto_ccm_auth(struct aead_request *req, struct scatterlist *plain, 
	}



	/* compute plaintext into mac */

	if (cryptlen)

		get_data_to_compute(cipher, pctx, plain, cryptlen);



out:

crypto/tcrypt.c

+4 −0
Original line number Diff line number Diff line
@@ -1242,6 +1242,10 @@ static int do_test(int m) 
		ret += tcrypt_test("cmac(des3_ede)");

		break;



	case 155:

		ret += tcrypt_test("authenc(hmac(sha1),cbc(aes))");

		break;



	case 200:

		test_cipher_speed("ecb(aes)", ENCRYPT, sec, NULL, 0,

				speed_template_16_24_32);

crypto/testmgr.c

+12 −14
Original line number Diff line number Diff line
@@ -503,16 +503,16 @@ static int __test_aead(struct crypto_aead *tfm, int enc, 
				goto out;

			}



			sg_init_one(&sg[0], input,

				    template[i].ilen + (enc ? authsize : 0));



			if (diff_dst) {

				output = xoutbuf[0];

				output += align_offset;

				sg_init_one(&sg[0], input, template[i].ilen);

				sg_init_one(&sgout[0], output,

					    template[i].rlen);

			} else {

				sg_init_one(&sg[0], input,

					    template[i].ilen +

						(enc ? authsize : 0));

			} else {

				output = input;

			}
@@ -612,12 +612,6 @@ static int __test_aead(struct crypto_aead *tfm, int enc, 
				memcpy(q, template[i].input + temp,

				       template[i].tap[k]);



				n = template[i].tap[k];

				if (k == template[i].np - 1 && enc)

					n += authsize;

				if (offset_in_page(q) + n < PAGE_SIZE)

					q[n] = 0;



				sg_set_buf(&sg[k], q, template[i].tap[k]);



				if (diff_dst) {
@@ -625,13 +619,17 @@ static int __test_aead(struct crypto_aead *tfm, int enc, 
					    offset_in_page(IDX[k]);



					memset(q, 0, template[i].tap[k]);

					if (offset_in_page(q) + n < PAGE_SIZE)

						q[n] = 0;



					sg_set_buf(&sgout[k], q,

						   template[i].tap[k]);

				}



				n = template[i].tap[k];

				if (k == template[i].np - 1 && enc)

					n += authsize;

				if (offset_in_page(q) + n < PAGE_SIZE)

					q[n] = 0;



				temp += template[i].tap[k];

			}
@@ -650,10 +648,10 @@ static int __test_aead(struct crypto_aead *tfm, int enc, 
					goto out;

				}



				sg[k - 1].length += authsize;



				if (diff_dst)

					sgout[k - 1].length += authsize;

				else

					sg[k - 1].length += authsize;

			}



			sg_init_table(asg, template[i].anp);