release/5.2.46/crypto-testmgr-fix-length-truncation-with-large-page.patch - pub/scm/linux/kernel/git/paulg/longterm-queue-5.2 - Git at Google

 From 87975dd0a22082c881fd837a908c3b3c5003d838 Mon Sep 17 00:00:00 2001
 From: Eric Biggers <ebiggers@google.com>
 Date: Mon, 20 May 2019 09:47:19 -0700
 Subject: [PATCH] crypto: testmgr - fix length truncation with large page size

 commit e944eab37a72bf171647d691dda4614f7151191f upstream.

 On PowerPC with CONFIG_CRYPTO_MANAGER_EXTRA_TESTS=y, there is sometimes
 a crash in generate_random_aead_testvec().  The problem is that the
 generated test vectors use data lengths of up to about 2 * PAGE_SIZE,
 which is 128 KiB on PowerPC; however, the data length fields in the test
 vectors are 'unsigned short', so the lengths get truncated.  Fix this by
 changing the relevant fields to 'unsigned int'.

 Fixes: 40153b10d91c ("crypto: testmgr - fuzz AEADs against their generic implementation")
 Signed-off-by: Eric Biggers <ebiggers@google.com>
 Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
 Signed-off-by: Paul Gortmaker <paul.gortmaker@windriver.com>

 diff --git a/crypto/testmgr.h b/crypto/testmgr.h
 index 1fdae5993bc3..b4d1b32885b6 100644
 --- a/crypto/testmgr.h
 +++ b/crypto/testmgr.h
 @@ -38,7 +38,7 @@ struct hash_testvec {
  	const char *key;
  	const char *plaintext;
  	const char *digest;
 -	unsigned short psize;
 +	unsigned int psize;
  	unsigned short ksize;
  	int setkey_error;
  	int digest_error;
 @@ -69,7 +69,7 @@ struct cipher_testvec {
  	const char *ctext;
  	unsigned char wk; /* weak key flag */
  	unsigned short klen;
 -	unsigned short len;
 +	unsigned int len;
  	bool fips_skip;
  	bool generates_iv;
  	int setkey_error;
 @@ -105,9 +105,9 @@ struct aead_testvec {
  	unsigned char novrfy;
  	unsigned char wk;
  	unsigned char klen;
 -	unsigned short plen;
 -	unsigned short clen;
 -	unsigned short alen;
 +	unsigned int plen;
 +	unsigned int clen;
 +	unsigned int alen;
  	int setkey_error;
  	int setauthsize_error;
  	int crypt_error;
 --
 2.27.0
	From 87975dd0a22082c881fd837a908c3b3c5003d838 Mon Sep 17 00:00:00 2001
	From: Eric Biggers <ebiggers@google.com>
	Date: Mon, 20 May 2019 09:47:19 -0700
	Subject: [PATCH] crypto: testmgr - fix length truncation with large page size

	commit e944eab37a72bf171647d691dda4614f7151191f upstream.

	On PowerPC with CONFIG_CRYPTO_MANAGER_EXTRA_TESTS=y, there is sometimes
	a crash in generate_random_aead_testvec(). The problem is that the
	generated test vectors use data lengths of up to about 2 * PAGE_SIZE,
	which is 128 KiB on PowerPC; however, the data length fields in the test
	vectors are 'unsigned short', so the lengths get truncated. Fix this by
	changing the relevant fields to 'unsigned int'.

	Fixes: 40153b10d91c ("crypto: testmgr - fuzz AEADs against their generic implementation")
	Signed-off-by: Eric Biggers <ebiggers@google.com>
	Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
	Signed-off-by: Paul Gortmaker <paul.gortmaker@windriver.com>

	diff --git a/crypto/testmgr.h b/crypto/testmgr.h
	index 1fdae5993bc3..b4d1b32885b6 100644
	--- a/crypto/testmgr.h
	+++ b/crypto/testmgr.h
	@@ -38,7 +38,7 @@ struct hash_testvec {
	const char *key;
	const char *plaintext;
	const char *digest;
	- unsigned short psize;
	+ unsigned int psize;
	unsigned short ksize;
	int setkey_error;
	int digest_error;
	@@ -69,7 +69,7 @@ struct cipher_testvec {
	const char *ctext;
	unsigned char wk; /* weak key flag */
	unsigned short klen;
	- unsigned short len;
	+ unsigned int len;
	bool fips_skip;
	bool generates_iv;
	int setkey_error;
	@@ -105,9 +105,9 @@ struct aead_testvec {
	unsigned char novrfy;
	unsigned char wk;
	unsigned char klen;
	- unsigned short plen;
	- unsigned short clen;
	- unsigned short alen;
	+ unsigned int plen;
	+ unsigned int clen;
	+ unsigned int alen;
	int setkey_error;
	int setauthsize_error;
	int crypt_error;
	--
	2.27.0