releases/4.9.212/crypto-ccp-fix-aes-cfb-error-exposed-by-new-test-vec.patch - pub/scm/linux/kernel/git/stable/stable-queue - Git at Google

 From c978a156e29529dbb789823a31a2d6a1a95be616 Mon Sep 17 00:00:00 2001
 From: Sasha Levin <sashal@kernel.org>
 Date: Tue, 14 May 2019 21:53:23 +0000
 Subject: crypto: ccp - fix AES CFB error exposed by new test vectors

 From: Hook, Gary <Gary.Hook@amd.com>

 [ Upstream commit c3b359d6567c0b8f413e924feb37cf025067d55a ]

 Updated testmgr will exhibit this error message when loading the
 ccp-crypto module:

 alg: skcipher: cfb-aes-ccp encryption failed with err -22 on test vector 3, cfg="in-place"

 Update the CCP crypto driver to correctly treat CFB as a streaming mode
 cipher (instead of block mode). Update the configuration for CFB to
 specify the block size as a single byte;

 Fixes: 2b789435d7f3 ('crypto: ccp - CCP AES crypto API support')

 Signed-off-by: Gary R Hook <gary.hook@amd.com>
 Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
 Signed-off-by: Sasha Levin <sashal@kernel.org>
 ---
  drivers/crypto/ccp/ccp-crypto-aes.c | 8 ++++----
  1 file changed, 4 insertions(+), 4 deletions(-)

 diff --git a/drivers/crypto/ccp/ccp-crypto-aes.c b/drivers/crypto/ccp/ccp-crypto-aes.c
 index 89291c15015cd..3f768699332ba 100644
 --- a/drivers/crypto/ccp/ccp-crypto-aes.c
 +++ b/drivers/crypto/ccp/ccp-crypto-aes.c
 @@ -1,7 +1,8 @@
 +// SPDX-License-Identifier: GPL-2.0
  /*
   * AMD Cryptographic Coprocessor (CCP) AES crypto API support
   *
 - * Copyright (C) 2013,2016 Advanced Micro Devices, Inc.
 + * Copyright (C) 2013-2019 Advanced Micro Devices, Inc.
   *
   * Author: Tom Lendacky <thomas.lendacky@amd.com>
   *
 @@ -79,8 +80,7 @@ static int ccp_aes_crypt(struct ablkcipher_request *req, bool encrypt)
  		return -EINVAL;

  	if (((ctx->u.aes.mode == CCP_AES_MODE_ECB) ||
 -	     (ctx->u.aes.mode == CCP_AES_MODE_CBC) ||
 -	     (ctx->u.aes.mode == CCP_AES_MODE_CFB)) &&
 +	     (ctx->u.aes.mode == CCP_AES_MODE_CBC)) &&
  	    (req->nbytes & (AES_BLOCK_SIZE - 1)))
  		return -EINVAL;

 @@ -291,7 +291,7 @@ static struct ccp_aes_def aes_algs[] = {
  		.version	= CCP_VERSION(3, 0),
  		.name		= "cfb(aes)",
  		.driver_name	= "cfb-aes-ccp",
 -		.blocksize	= AES_BLOCK_SIZE,
 +		.blocksize	= 1,
  		.ivsize		= AES_BLOCK_SIZE,
  		.alg_defaults	= &ccp_aes_defaults,
  	},
 --
 2.20.1
	From c978a156e29529dbb789823a31a2d6a1a95be616 Mon Sep 17 00:00:00 2001
	From: Sasha Levin <sashal@kernel.org>
	Date: Tue, 14 May 2019 21:53:23 +0000
	Subject: crypto: ccp - fix AES CFB error exposed by new test vectors

	From: Hook, Gary <Gary.Hook@amd.com>

	[ Upstream commit c3b359d6567c0b8f413e924feb37cf025067d55a ]

	Updated testmgr will exhibit this error message when loading the
	ccp-crypto module:

	alg: skcipher: cfb-aes-ccp encryption failed with err -22 on test vector 3, cfg="in-place"

	Update the CCP crypto driver to correctly treat CFB as a streaming mode
	cipher (instead of block mode). Update the configuration for CFB to
	specify the block size as a single byte;

	Fixes: 2b789435d7f3 ('crypto: ccp - CCP AES crypto API support')

	Signed-off-by: Gary R Hook <gary.hook@amd.com>
	Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
	Signed-off-by: Sasha Levin <sashal@kernel.org>
	---
	drivers/crypto/ccp/ccp-crypto-aes.c \| 8 ++++----
	1 file changed, 4 insertions(+), 4 deletions(-)

	diff --git a/drivers/crypto/ccp/ccp-crypto-aes.c b/drivers/crypto/ccp/ccp-crypto-aes.c
	index 89291c15015cd..3f768699332ba 100644
	--- a/drivers/crypto/ccp/ccp-crypto-aes.c
	+++ b/drivers/crypto/ccp/ccp-crypto-aes.c
	@@ -1,7 +1,8 @@
	+// SPDX-License-Identifier: GPL-2.0
	/*
	* AMD Cryptographic Coprocessor (CCP) AES crypto API support
	*
	- * Copyright (C) 2013,2016 Advanced Micro Devices, Inc.
	+ * Copyright (C) 2013-2019 Advanced Micro Devices, Inc.
	*
	* Author: Tom Lendacky <thomas.lendacky@amd.com>
	*
	@@ -79,8 +80,7 @@ static int ccp_aes_crypt(struct ablkcipher_request *req, bool encrypt)
	return -EINVAL;

	if (((ctx->u.aes.mode == CCP_AES_MODE_ECB) \|\|
	- (ctx->u.aes.mode == CCP_AES_MODE_CBC) \|\|
	- (ctx->u.aes.mode == CCP_AES_MODE_CFB)) &&
	+ (ctx->u.aes.mode == CCP_AES_MODE_CBC)) &&
	(req->nbytes & (AES_BLOCK_SIZE - 1)))
	return -EINVAL;

	@@ -291,7 +291,7 @@ static struct ccp_aes_def aes_algs[] = {
	.version = CCP_VERSION(3, 0),
	.name = "cfb(aes)",
	.driver_name = "cfb-aes-ccp",
	- .blocksize = AES_BLOCK_SIZE,
	+ .blocksize = 1,
	.ivsize = AES_BLOCK_SIZE,
	.alg_defaults = &ccp_aes_defaults,
	},
	--
	2.20.1