| From a7b159afea6982a5d4d9bd244a3f7fdc4f076e3d Mon Sep 17 00:00:00 2001 |
| From: Ard Biesheuvel <ardb@kernel.org> |
| Date: Sat, 9 Nov 2019 18:09:27 +0100 |
| Subject: [PATCH] crypto: virtio - deal with unsupported input sizes |
| |
| commit 19c5da7d4a2662e85ea67d2d81df57e038fde3ab upstream. |
| |
| Return -EINVAL for input sizes that are not a multiple of the AES |
| block size, since they are not supported by our CBC chaining mode. |
| |
| While at it, remove the pr_err() that reports unsupported key sizes |
| being used: we shouldn't spam the kernel log with that. |
| |
| Fixes: dbaf0624ffa5 ("crypto: add virtio-crypto driver") |
| Cc: "Michael S. Tsirkin" <mst@redhat.com> |
| Cc: Jason Wang <jasowang@redhat.com> |
| Cc: Gonglei <arei.gonglei@huawei.com> |
| Cc: virtualization@lists.linux-foundation.org |
| Signed-off-by: Ard Biesheuvel <ardb@kernel.org> |
| Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> |
| Signed-off-by: Paul Gortmaker <paul.gortmaker@windriver.com> |
| |
| diff --git a/drivers/crypto/virtio/virtio_crypto_algs.c b/drivers/crypto/virtio/virtio_crypto_algs.c |
| index 10f266d462d6..963f16a6f9cf 100644 |
| --- a/drivers/crypto/virtio/virtio_crypto_algs.c |
| +++ b/drivers/crypto/virtio/virtio_crypto_algs.c |
| @@ -105,8 +105,6 @@ virtio_crypto_alg_validate_key(int key_len, uint32_t *alg) |
| *alg = VIRTIO_CRYPTO_CIPHER_AES_CBC; |
| break; |
| default: |
| - pr_err("virtio_crypto: Unsupported key length: %d\n", |
| - key_len); |
| return -EINVAL; |
| } |
| return 0; |
| @@ -486,6 +484,11 @@ static int virtio_crypto_ablkcipher_encrypt(struct ablkcipher_request *req) |
| /* Use the first data virtqueue as default */ |
| struct data_queue *data_vq = &vcrypto->data_vq[0]; |
| |
| + if (!req->nbytes) |
| + return 0; |
| + if (req->nbytes % AES_BLOCK_SIZE) |
| + return -EINVAL; |
| + |
| vc_req->dataq = data_vq; |
| vc_req->alg_cb = virtio_crypto_dataq_sym_callback; |
| vc_sym_req->ablkcipher_ctx = ctx; |
| @@ -506,6 +509,11 @@ static int virtio_crypto_ablkcipher_decrypt(struct ablkcipher_request *req) |
| /* Use the first data virtqueue as default */ |
| struct data_queue *data_vq = &vcrypto->data_vq[0]; |
| |
| + if (!req->nbytes) |
| + return 0; |
| + if (req->nbytes % AES_BLOCK_SIZE) |
| + return -EINVAL; |
| + |
| vc_req->dataq = data_vq; |
| vc_req->alg_cb = virtio_crypto_dataq_sym_callback; |
| vc_sym_req->ablkcipher_ctx = ctx; |
| -- |
| 2.7.4 |
| |