release/5.2.33/crypto-virtio-deal-with-unsupported-input-sizes.patch - pub/scm/linux/kernel/git/paulg/longterm-queue-5.2 - Git at Google

 From a7b159afea6982a5d4d9bd244a3f7fdc4f076e3d Mon Sep 17 00:00:00 2001
 From: Ard Biesheuvel <ardb@kernel.org>
 Date: Sat, 9 Nov 2019 18:09:27 +0100
 Subject: [PATCH] crypto: virtio - deal with unsupported input sizes

 commit 19c5da7d4a2662e85ea67d2d81df57e038fde3ab upstream.

 Return -EINVAL for input sizes that are not a multiple of the AES
 block size, since they are not supported by our CBC chaining mode.

 While at it, remove the pr_err() that reports unsupported key sizes
 being used: we shouldn't spam the kernel log with that.

 Fixes: dbaf0624ffa5 ("crypto: add virtio-crypto driver")
 Cc: "Michael S. Tsirkin" <mst@redhat.com>
 Cc: Jason Wang <jasowang@redhat.com>
 Cc: Gonglei <arei.gonglei@huawei.com>
 Cc: virtualization@lists.linux-foundation.org
 Signed-off-by: Ard Biesheuvel <ardb@kernel.org>
 Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
 Signed-off-by: Paul Gortmaker <paul.gortmaker@windriver.com>

 diff --git a/drivers/crypto/virtio/virtio_crypto_algs.c b/drivers/crypto/virtio/virtio_crypto_algs.c
 index 10f266d462d6..963f16a6f9cf 100644
 --- a/drivers/crypto/virtio/virtio_crypto_algs.c
 +++ b/drivers/crypto/virtio/virtio_crypto_algs.c
 @@ -105,8 +105,6 @@ virtio_crypto_alg_validate_key(int key_len, uint32_t *alg)
  		*alg = VIRTIO_CRYPTO_CIPHER_AES_CBC;
  		break;
  	default:
 -		pr_err("virtio_crypto: Unsupported key length: %d\n",
 -			key_len);
  		return -EINVAL;
  	}
  	return 0;
 @@ -486,6 +484,11 @@ static int virtio_crypto_ablkcipher_encrypt(struct ablkcipher_request *req)
  	/* Use the first data virtqueue as default */
  	struct data_queue *data_vq = &vcrypto->data_vq[0];

 +	if (!req->nbytes)
 +		return 0;
 +	if (req->nbytes % AES_BLOCK_SIZE)
 +		return -EINVAL;
 +
  	vc_req->dataq = data_vq;
  	vc_req->alg_cb = virtio_crypto_dataq_sym_callback;
  	vc_sym_req->ablkcipher_ctx = ctx;
 @@ -506,6 +509,11 @@ static int virtio_crypto_ablkcipher_decrypt(struct ablkcipher_request *req)
  	/* Use the first data virtqueue as default */
  	struct data_queue *data_vq = &vcrypto->data_vq[0];

 +	if (!req->nbytes)
 +		return 0;
 +	if (req->nbytes % AES_BLOCK_SIZE)
 +		return -EINVAL;
 +
  	vc_req->dataq = data_vq;
  	vc_req->alg_cb = virtio_crypto_dataq_sym_callback;
  	vc_sym_req->ablkcipher_ctx = ctx;
 --
 2.7.4
	From a7b159afea6982a5d4d9bd244a3f7fdc4f076e3d Mon Sep 17 00:00:00 2001
	From: Ard Biesheuvel <ardb@kernel.org>
	Date: Sat, 9 Nov 2019 18:09:27 +0100
	Subject: [PATCH] crypto: virtio - deal with unsupported input sizes

	commit 19c5da7d4a2662e85ea67d2d81df57e038fde3ab upstream.

	Return -EINVAL for input sizes that are not a multiple of the AES
	block size, since they are not supported by our CBC chaining mode.

	While at it, remove the pr_err() that reports unsupported key sizes
	being used: we shouldn't spam the kernel log with that.

	Fixes: dbaf0624ffa5 ("crypto: add virtio-crypto driver")
	Cc: "Michael S. Tsirkin" <mst@redhat.com>
	Cc: Jason Wang <jasowang@redhat.com>
	Cc: Gonglei <arei.gonglei@huawei.com>
	Cc: virtualization@lists.linux-foundation.org
	Signed-off-by: Ard Biesheuvel <ardb@kernel.org>
	Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
	Signed-off-by: Paul Gortmaker <paul.gortmaker@windriver.com>

	diff --git a/drivers/crypto/virtio/virtio_crypto_algs.c b/drivers/crypto/virtio/virtio_crypto_algs.c
	index 10f266d462d6..963f16a6f9cf 100644
	--- a/drivers/crypto/virtio/virtio_crypto_algs.c
	+++ b/drivers/crypto/virtio/virtio_crypto_algs.c
	@@ -105,8 +105,6 @@ virtio_crypto_alg_validate_key(int key_len, uint32_t *alg)
	*alg = VIRTIO_CRYPTO_CIPHER_AES_CBC;
	break;
	default:
	- pr_err("virtio_crypto: Unsupported key length: %d\n",
	- key_len);
	return -EINVAL;
	}
	return 0;
	@@ -486,6 +484,11 @@ static int virtio_crypto_ablkcipher_encrypt(struct ablkcipher_request *req)
	/* Use the first data virtqueue as default */
	struct data_queue *data_vq = &vcrypto->data_vq[0];

	+ if (!req->nbytes)
	+ return 0;
	+ if (req->nbytes % AES_BLOCK_SIZE)
	+ return -EINVAL;
	+
	vc_req->dataq = data_vq;
	vc_req->alg_cb = virtio_crypto_dataq_sym_callback;
	vc_sym_req->ablkcipher_ctx = ctx;
	@@ -506,6 +509,11 @@ static int virtio_crypto_ablkcipher_decrypt(struct ablkcipher_request *req)
	/* Use the first data virtqueue as default */
	struct data_queue *data_vq = &vcrypto->data_vq[0];

	+ if (!req->nbytes)
	+ return 0;
	+ if (req->nbytes % AES_BLOCK_SIZE)
	+ return -EINVAL;
	+
	vc_req->dataq = data_vq;
	vc_req->alg_cb = virtio_crypto_dataq_sym_callback;
	vc_sym_req->ablkcipher_ctx = ctx;
	--
	2.7.4