[patch 3/13] s390: aes crypto code fixes.

From: Jan Glauber <[email protected]>

[patch 3/13] s390: aes crypto code fixes.

Call KM[C] only with a multiple of block size.
Check return value of KM[C] instructions and complain about erros

Signed-off-by: Jan Glauber <[email protected]>
Signed-off-by: Martin Schwidefsky <[email protected]>

---

 arch/s390/crypto/aes_s390.c |   60 ++++++++++++++++++++++++++++++++------------
 1 files changed, 44 insertions(+), 16 deletions(-)

diff -urpN linux-2.6/arch/s390/crypto/aes_s390.c linux-2.6-patched/arch/s390/crypto/aes_s390.c
--- linux-2.6/arch/s390/crypto/aes_s390.c	2006-01-12 15:43:19.000000000 +0100
+++ linux-2.6-patched/arch/s390/crypto/aes_s390.c	2006-01-12 15:43:53.000000000 +0100
@@ -114,80 +114,108 @@ static unsigned int aes_encrypt_ecb(cons
 				    const u8 *in, unsigned int nbytes)
 {
 	struct s390_aes_ctx *sctx = crypto_tfm_ctx(desc->tfm);
+	int ret;
+
+	/* only use complete blocks */
+	nbytes &= ~(AES_BLOCK_SIZE - 1);
 
 	switch (sctx->key_len) {
 	case 16:
-		crypt_s390_km(KM_AES_128_ENCRYPT, &sctx->key, out, in, nbytes);
+		ret = crypt_s390_km(KM_AES_128_ENCRYPT, &sctx->key, out, in, nbytes);
+		BUG_ON((ret < 0) || (ret != nbytes));
 		break;
 	case 24:
-		crypt_s390_km(KM_AES_192_ENCRYPT, &sctx->key, out, in, nbytes);
+		ret = crypt_s390_km(KM_AES_192_ENCRYPT, &sctx->key, out, in, nbytes);
+		BUG_ON((ret < 0) || (ret != nbytes));
 		break;
 	case 32:
-		crypt_s390_km(KM_AES_256_ENCRYPT, &sctx->key, out, in, nbytes);
+		ret = crypt_s390_km(KM_AES_256_ENCRYPT, &sctx->key, out, in, nbytes);
+		BUG_ON((ret < 0) || (ret != nbytes));
 		break;
 	}
-	return nbytes & ~(AES_BLOCK_SIZE - 1);
+	return nbytes;
 }
 
 static unsigned int aes_decrypt_ecb(const struct cipher_desc *desc, u8 *out,
 				    const u8 *in, unsigned int nbytes)
 {
 	struct s390_aes_ctx *sctx = crypto_tfm_ctx(desc->tfm);
+	int ret;
+
+	/* only use complete blocks */
+	nbytes &= ~(AES_BLOCK_SIZE - 1);
 
 	switch (sctx->key_len) {
 	case 16:
-		crypt_s390_km(KM_AES_128_DECRYPT, &sctx->key, out, in, nbytes);
+		ret = crypt_s390_km(KM_AES_128_DECRYPT, &sctx->key, out, in, nbytes);
+		BUG_ON((ret < 0) || (ret != nbytes));
 		break;
 	case 24:
-		crypt_s390_km(KM_AES_192_DECRYPT, &sctx->key, out, in, nbytes);
+		ret = crypt_s390_km(KM_AES_192_DECRYPT, &sctx->key, out, in, nbytes);
+		BUG_ON((ret < 0) || (ret != nbytes));
 		break;
 	case 32:
-		crypt_s390_km(KM_AES_256_DECRYPT, &sctx->key, out, in, nbytes);
+		ret = crypt_s390_km(KM_AES_256_DECRYPT, &sctx->key, out, in, nbytes);
+		BUG_ON((ret < 0) || (ret != nbytes));
 		break;
 	}
-	return nbytes & ~(AES_BLOCK_SIZE - 1);
+	return nbytes;
 }
 
 static unsigned int aes_encrypt_cbc(const struct cipher_desc *desc, u8 *out,
 				    const u8 *in, unsigned int nbytes)
 {
 	struct s390_aes_ctx *sctx = crypto_tfm_ctx(desc->tfm);
+	int ret;
+
+	/* only use complete blocks */
+	nbytes &= ~(AES_BLOCK_SIZE - 1);
 
 	memcpy(&sctx->iv, desc->info, AES_BLOCK_SIZE);
 	switch (sctx->key_len) {
 	case 16:
-		crypt_s390_kmc(KMC_AES_128_ENCRYPT, &sctx->iv, out, in, nbytes);
+		ret = crypt_s390_kmc(KMC_AES_128_ENCRYPT, &sctx->iv, out, in, nbytes);
+		BUG_ON((ret < 0) || (ret != nbytes));
 		break;
 	case 24:
-		crypt_s390_kmc(KMC_AES_192_ENCRYPT, &sctx->iv, out, in, nbytes);
+		ret = crypt_s390_kmc(KMC_AES_192_ENCRYPT, &sctx->iv, out, in, nbytes);
+		BUG_ON((ret < 0) || (ret != nbytes));
 		break;
 	case 32:
-		crypt_s390_kmc(KMC_AES_256_ENCRYPT, &sctx->iv, out, in, nbytes);
+		ret = crypt_s390_kmc(KMC_AES_256_ENCRYPT, &sctx->iv, out, in, nbytes);
+		BUG_ON((ret < 0) || (ret != nbytes));
 		break;
 	}
 	memcpy(desc->info, &sctx->iv, AES_BLOCK_SIZE);
 
-	return nbytes & ~(AES_BLOCK_SIZE - 1);
+	return nbytes;
 }
 
 static unsigned int aes_decrypt_cbc(const struct cipher_desc *desc, u8 *out,
 				    const u8 *in, unsigned int nbytes)
 {
 	struct s390_aes_ctx *sctx = crypto_tfm_ctx(desc->tfm);
+	int ret;
+
+	/* only use complete blocks */
+	nbytes &= ~(AES_BLOCK_SIZE - 1);
 
 	memcpy(&sctx->iv, desc->info, AES_BLOCK_SIZE);
 	switch (sctx->key_len) {
 	case 16:
-		crypt_s390_kmc(KMC_AES_128_DECRYPT, &sctx->iv, out, in, nbytes);
+		ret = crypt_s390_kmc(KMC_AES_128_DECRYPT, &sctx->iv, out, in, nbytes);
+		BUG_ON((ret < 0) || (ret != nbytes));
 		break;
 	case 24:
-		crypt_s390_kmc(KMC_AES_192_DECRYPT, &sctx->iv, out, in, nbytes);
+		ret = crypt_s390_kmc(KMC_AES_192_DECRYPT, &sctx->iv, out, in, nbytes);
+		BUG_ON((ret < 0) || (ret != nbytes));
 		break;
 	case 32:
-		crypt_s390_kmc(KMC_AES_256_DECRYPT, &sctx->iv, out, in, nbytes);
+		ret = crypt_s390_kmc(KMC_AES_256_DECRYPT, &sctx->iv, out, in, nbytes);
+		BUG_ON((ret < 0) || (ret != nbytes));
 		break;
 	}
-	return nbytes & ~(AES_BLOCK_SIZE - 1);
+	return nbytes;
 }
 
 
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to [email protected]
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

---

• Prev by Date: [patch 4/13] s390: sha256 crypto code fix.
• Next by Date: [patch 6/13] s390: sigcontext.h vs __user.
• Previous by thread: [patch 4/13] s390: sha256 crypto code fix.
• Next by thread: [patch 6/13] s390: sigcontext.h vs __user.
• Index(es):
  • Date
  • Thread

[Index of Archives]     [Kernel Newbies]     [Netfilter]     [Bugtraq]     [Photo]     [Stuff]     [Gimp]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Video 4 Linux]     [Linux for the blind]     [Linux Resources]