| From 3901c1124ec5099254a9396085f7798153a7293f Mon Sep 17 00:00:00 2001 |
| From: Harald Freudenberger <freude@linux.vnet.ibm.com> |
| Date: Wed, 7 May 2014 16:51:29 +0200 |
| Subject: crypto: s390 - fix aes,des ctr mode concurrency finding. |
| |
| From: Harald Freudenberger <freude@linux.vnet.ibm.com> |
| |
| commit 3901c1124ec5099254a9396085f7798153a7293f upstream. |
| |
| An additional testcase found an issue with the last |
| series of patches applied: the fallback solution may |
| not save the iv value after operation. This very small |
| fix just makes sure the iv is copied back to the |
| walk/desc struct. |
| |
| Signed-off-by: Harald Freudenberger <freude@linux.vnet.ibm.com> |
| Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> |
| Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> |
| |
| --- |
| arch/s390/crypto/aes_s390.c | 3 +++ |
| arch/s390/crypto/des_s390.c | 3 +++ |
| 2 files changed, 6 insertions(+) |
| |
| --- a/arch/s390/crypto/aes_s390.c |
| +++ b/arch/s390/crypto/aes_s390.c |
| @@ -818,6 +818,9 @@ static int ctr_aes_crypt(struct blkciphe |
| else |
| memcpy(walk->iv, ctrptr, AES_BLOCK_SIZE); |
| spin_unlock(&ctrblk_lock); |
| + } else { |
| + if (!nbytes) |
| + memcpy(walk->iv, ctrptr, AES_BLOCK_SIZE); |
| } |
| /* |
| * final block may be < AES_BLOCK_SIZE, copy only nbytes |
| --- a/arch/s390/crypto/des_s390.c |
| +++ b/arch/s390/crypto/des_s390.c |
| @@ -429,6 +429,9 @@ static int ctr_desall_crypt(struct blkci |
| else |
| memcpy(walk->iv, ctrptr, DES_BLOCK_SIZE); |
| spin_unlock(&ctrblk_lock); |
| + } else { |
| + if (!nbytes) |
| + memcpy(walk->iv, ctrptr, DES_BLOCK_SIZE); |
| } |
| /* final block may be < DES_BLOCK_SIZE, copy only nbytes */ |
| if (nbytes) { |