releases/4.9.195/s390-crypto-xts-aes-s390-fix-extra-run-time-crypto-s.patch - pub/scm/linux/kernel/git/stable/stable-queue - Git at Google

 From 3fcb3bcb5cfa2190ffd61dd63bb3fc6aec788715 Mon Sep 17 00:00:00 2001
 From: Sasha Levin <sashal@kernel.org>
 Date: Thu, 5 Sep 2019 09:38:17 +0200
 Subject: s390/crypto: xts-aes-s390 fix extra run-time crypto self tests
  finding

 From: Harald Freudenberger <freude@linux.ibm.com>

 [ Upstream commit 9e323d45ba94262620a073a3f9945ca927c07c71 ]

 With 'extra run-time crypto self tests' enabled, the selftest
 for s390-xts fails with

   alg: skcipher: xts-aes-s390 encryption unexpectedly succeeded on
   test vector "random: len=0 klen=64"; expected_error=-22,
   cfg="random: inplace use_digest nosimd src_divs=[2.61%@+4006,
   84.44%@+21, 1.55%@+13, 4.50%@+344, 4.26%@+21, 2.64%@+27]"

 This special case with nbytes=0 is not handled correctly and this
 fix now makes sure that -EINVAL is returned when there is en/decrypt
 called with 0 bytes to en/decrypt.

 Signed-off-by: Harald Freudenberger <freude@linux.ibm.com>
 Signed-off-by: Vasily Gorbik <gor@linux.ibm.com>
 Signed-off-by: Sasha Levin <sashal@kernel.org>
 ---
  arch/s390/crypto/aes_s390.c | 6 ++++++
  1 file changed, 6 insertions(+)

 diff --git a/arch/s390/crypto/aes_s390.c b/arch/s390/crypto/aes_s390.c
 index 591cbdf615af0..1a906dd7ca7d9 100644
 --- a/arch/s390/crypto/aes_s390.c
 +++ b/arch/s390/crypto/aes_s390.c
 @@ -572,6 +572,9 @@ static int xts_aes_encrypt(struct blkcipher_desc *desc,
  	struct s390_xts_ctx *xts_ctx = crypto_blkcipher_ctx(desc->tfm);
  	struct blkcipher_walk walk;

 +	if (!nbytes)
 +		return -EINVAL;
 +
  	if (unlikely(!xts_ctx->fc))
  		return xts_fallback_encrypt(desc, dst, src, nbytes);

 @@ -586,6 +589,9 @@ static int xts_aes_decrypt(struct blkcipher_desc *desc,
  	struct s390_xts_ctx *xts_ctx = crypto_blkcipher_ctx(desc->tfm);
  	struct blkcipher_walk walk;

 +	if (!nbytes)
 +		return -EINVAL;
 +
  	if (unlikely(!xts_ctx->fc))
  		return xts_fallback_decrypt(desc, dst, src, nbytes);

 --
 2.20.1
	From 3fcb3bcb5cfa2190ffd61dd63bb3fc6aec788715 Mon Sep 17 00:00:00 2001
	From: Sasha Levin <sashal@kernel.org>
	Date: Thu, 5 Sep 2019 09:38:17 +0200
	Subject: s390/crypto: xts-aes-s390 fix extra run-time crypto self tests
	finding

	From: Harald Freudenberger <freude@linux.ibm.com>

	[ Upstream commit 9e323d45ba94262620a073a3f9945ca927c07c71 ]

	With 'extra run-time crypto self tests' enabled, the selftest
	for s390-xts fails with

	alg: skcipher: xts-aes-s390 encryption unexpectedly succeeded on
	test vector "random: len=0 klen=64"; expected_error=-22,
	cfg="random: inplace use_digest nosimd src_divs=[2.61%@+4006,
	84.44%@+21, 1.55%@+13, 4.50%@+344, 4.26%@+21, 2.64%@+27]"

	This special case with nbytes=0 is not handled correctly and this
	fix now makes sure that -EINVAL is returned when there is en/decrypt
	called with 0 bytes to en/decrypt.

	Signed-off-by: Harald Freudenberger <freude@linux.ibm.com>
	Signed-off-by: Vasily Gorbik <gor@linux.ibm.com>
	Signed-off-by: Sasha Levin <sashal@kernel.org>
	---
	arch/s390/crypto/aes_s390.c \| 6 ++++++
	1 file changed, 6 insertions(+)

	diff --git a/arch/s390/crypto/aes_s390.c b/arch/s390/crypto/aes_s390.c
	index 591cbdf615af0..1a906dd7ca7d9 100644
	--- a/arch/s390/crypto/aes_s390.c
	+++ b/arch/s390/crypto/aes_s390.c
	@@ -572,6 +572,9 @@ static int xts_aes_encrypt(struct blkcipher_desc *desc,
	struct s390_xts_ctx *xts_ctx = crypto_blkcipher_ctx(desc->tfm);
	struct blkcipher_walk walk;

	+ if (!nbytes)
	+ return -EINVAL;
	+
	if (unlikely(!xts_ctx->fc))
	return xts_fallback_encrypt(desc, dst, src, nbytes);

	@@ -586,6 +589,9 @@ static int xts_aes_decrypt(struct blkcipher_desc *desc,
	struct s390_xts_ctx *xts_ctx = crypto_blkcipher_ctx(desc->tfm);
	struct blkcipher_walk walk;

	+ if (!nbytes)
	+ return -EINVAL;
	+
	if (unlikely(!xts_ctx->fc))
	return xts_fallback_decrypt(desc, dst, src, nbytes);

	--
	2.20.1