| From 3fcb3bcb5cfa2190ffd61dd63bb3fc6aec788715 Mon Sep 17 00:00:00 2001 |
| From: Sasha Levin <sashal@kernel.org> |
| Date: Thu, 5 Sep 2019 09:38:17 +0200 |
| Subject: s390/crypto: xts-aes-s390 fix extra run-time crypto self tests |
| finding |
| |
| From: Harald Freudenberger <freude@linux.ibm.com> |
| |
| [ Upstream commit 9e323d45ba94262620a073a3f9945ca927c07c71 ] |
| |
| With 'extra run-time crypto self tests' enabled, the selftest |
| for s390-xts fails with |
| |
| alg: skcipher: xts-aes-s390 encryption unexpectedly succeeded on |
| test vector "random: len=0 klen=64"; expected_error=-22, |
| cfg="random: inplace use_digest nosimd src_divs=[2.61%@+4006, |
| 84.44%@+21, 1.55%@+13, 4.50%@+344, 4.26%@+21, 2.64%@+27]" |
| |
| This special case with nbytes=0 is not handled correctly and this |
| fix now makes sure that -EINVAL is returned when there is en/decrypt |
| called with 0 bytes to en/decrypt. |
| |
| Signed-off-by: Harald Freudenberger <freude@linux.ibm.com> |
| Signed-off-by: Vasily Gorbik <gor@linux.ibm.com> |
| Signed-off-by: Sasha Levin <sashal@kernel.org> |
| --- |
| arch/s390/crypto/aes_s390.c | 6 ++++++ |
| 1 file changed, 6 insertions(+) |
| |
| diff --git a/arch/s390/crypto/aes_s390.c b/arch/s390/crypto/aes_s390.c |
| index 591cbdf615af0..1a906dd7ca7d9 100644 |
| --- a/arch/s390/crypto/aes_s390.c |
| +++ b/arch/s390/crypto/aes_s390.c |
| @@ -572,6 +572,9 @@ static int xts_aes_encrypt(struct blkcipher_desc *desc, |
| struct s390_xts_ctx *xts_ctx = crypto_blkcipher_ctx(desc->tfm); |
| struct blkcipher_walk walk; |
| |
| + if (!nbytes) |
| + return -EINVAL; |
| + |
| if (unlikely(!xts_ctx->fc)) |
| return xts_fallback_encrypt(desc, dst, src, nbytes); |
| |
| @@ -586,6 +589,9 @@ static int xts_aes_decrypt(struct blkcipher_desc *desc, |
| struct s390_xts_ctx *xts_ctx = crypto_blkcipher_ctx(desc->tfm); |
| struct blkcipher_walk walk; |
| |
| + if (!nbytes) |
| + return -EINVAL; |
| + |
| if (unlikely(!xts_ctx->fc)) |
| return xts_fallback_decrypt(desc, dst, src, nbytes); |
| |
| -- |
| 2.20.1 |
| |