From fda5e142598341d30006e3715e53b2c983a9fca7 Mon Sep 17 00:00:00 2001 From: Jan Glauber Date: Sat, 14 Jan 2006 13:20:55 -0800 Subject: [PATCH] s390: aes crypto code fixes Call KM[C] only with a multiple of block size. Check return value of KM[C] instructions and complain about erros Signed-off-by: Jan Glauber Signed-off-by: Martin Schwidefsky Signed-off-by: Andrew Morton Signed-off-by: Linus Torvalds --- arch/s390/crypto/aes_s390.c | 60 +++++++++++++++++++++++++++++++++------------ 1 file changed, 44 insertions(+), 16 deletions(-) diff --git a/arch/s390/crypto/aes_s390.c b/arch/s390/crypto/aes_s390.c index 7a1033d8e00..c5ca2dc5d42 100644 --- a/arch/s390/crypto/aes_s390.c +++ b/arch/s390/crypto/aes_s390.c @@ -114,80 +114,108 @@ static unsigned int aes_encrypt_ecb(const struct cipher_desc *desc, u8 *out, const u8 *in, unsigned int nbytes) { struct s390_aes_ctx *sctx = crypto_tfm_ctx(desc->tfm); + int ret; + + /* only use complete blocks */ + nbytes &= ~(AES_BLOCK_SIZE - 1); switch (sctx->key_len) { case 16: - crypt_s390_km(KM_AES_128_ENCRYPT, &sctx->key, out, in, nbytes); + ret = crypt_s390_km(KM_AES_128_ENCRYPT, &sctx->key, out, in, nbytes); + BUG_ON((ret < 0) || (ret != nbytes)); break; case 24: - crypt_s390_km(KM_AES_192_ENCRYPT, &sctx->key, out, in, nbytes); + ret = crypt_s390_km(KM_AES_192_ENCRYPT, &sctx->key, out, in, nbytes); + BUG_ON((ret < 0) || (ret != nbytes)); break; case 32: - crypt_s390_km(KM_AES_256_ENCRYPT, &sctx->key, out, in, nbytes); + ret = crypt_s390_km(KM_AES_256_ENCRYPT, &sctx->key, out, in, nbytes); + BUG_ON((ret < 0) || (ret != nbytes)); break; } - return nbytes & ~(AES_BLOCK_SIZE - 1); + return nbytes; } static unsigned int aes_decrypt_ecb(const struct cipher_desc *desc, u8 *out, const u8 *in, unsigned int nbytes) { struct s390_aes_ctx *sctx = crypto_tfm_ctx(desc->tfm); + int ret; + + /* only use complete blocks */ + nbytes &= ~(AES_BLOCK_SIZE - 1); switch (sctx->key_len) { case 16: - crypt_s390_km(KM_AES_128_DECRYPT, &sctx->key, out, in, nbytes); + ret = crypt_s390_km(KM_AES_128_DECRYPT, &sctx->key, out, in, nbytes); + BUG_ON((ret < 0) || (ret != nbytes)); break; case 24: - crypt_s390_km(KM_AES_192_DECRYPT, &sctx->key, out, in, nbytes); + ret = crypt_s390_km(KM_AES_192_DECRYPT, &sctx->key, out, in, nbytes); + BUG_ON((ret < 0) || (ret != nbytes)); break; case 32: - crypt_s390_km(KM_AES_256_DECRYPT, &sctx->key, out, in, nbytes); + ret = crypt_s390_km(KM_AES_256_DECRYPT, &sctx->key, out, in, nbytes); + BUG_ON((ret < 0) || (ret != nbytes)); break; } - return nbytes & ~(AES_BLOCK_SIZE - 1); + return nbytes; } static unsigned int aes_encrypt_cbc(const struct cipher_desc *desc, u8 *out, const u8 *in, unsigned int nbytes) { struct s390_aes_ctx *sctx = crypto_tfm_ctx(desc->tfm); + int ret; + + /* only use complete blocks */ + nbytes &= ~(AES_BLOCK_SIZE - 1); memcpy(&sctx->iv, desc->info, AES_BLOCK_SIZE); switch (sctx->key_len) { case 16: - crypt_s390_kmc(KMC_AES_128_ENCRYPT, &sctx->iv, out, in, nbytes); + ret = crypt_s390_kmc(KMC_AES_128_ENCRYPT, &sctx->iv, out, in, nbytes); + BUG_ON((ret < 0) || (ret != nbytes)); break; case 24: - crypt_s390_kmc(KMC_AES_192_ENCRYPT, &sctx->iv, out, in, nbytes); + ret = crypt_s390_kmc(KMC_AES_192_ENCRYPT, &sctx->iv, out, in, nbytes); + BUG_ON((ret < 0) || (ret != nbytes)); break; case 32: - crypt_s390_kmc(KMC_AES_256_ENCRYPT, &sctx->iv, out, in, nbytes); + ret = crypt_s390_kmc(KMC_AES_256_ENCRYPT, &sctx->iv, out, in, nbytes); + BUG_ON((ret < 0) || (ret != nbytes)); break; } memcpy(desc->info, &sctx->iv, AES_BLOCK_SIZE); - return nbytes & ~(AES_BLOCK_SIZE - 1); + return nbytes; } static unsigned int aes_decrypt_cbc(const struct cipher_desc *desc, u8 *out, const u8 *in, unsigned int nbytes) { struct s390_aes_ctx *sctx = crypto_tfm_ctx(desc->tfm); + int ret; + + /* only use complete blocks */ + nbytes &= ~(AES_BLOCK_SIZE - 1); memcpy(&sctx->iv, desc->info, AES_BLOCK_SIZE); switch (sctx->key_len) { case 16: - crypt_s390_kmc(KMC_AES_128_DECRYPT, &sctx->iv, out, in, nbytes); + ret = crypt_s390_kmc(KMC_AES_128_DECRYPT, &sctx->iv, out, in, nbytes); + BUG_ON((ret < 0) || (ret != nbytes)); break; case 24: - crypt_s390_kmc(KMC_AES_192_DECRYPT, &sctx->iv, out, in, nbytes); + ret = crypt_s390_kmc(KMC_AES_192_DECRYPT, &sctx->iv, out, in, nbytes); + BUG_ON((ret < 0) || (ret != nbytes)); break; case 32: - crypt_s390_kmc(KMC_AES_256_DECRYPT, &sctx->iv, out, in, nbytes); + ret = crypt_s390_kmc(KMC_AES_256_DECRYPT, &sctx->iv, out, in, nbytes); + BUG_ON((ret < 0) || (ret != nbytes)); break; } - return nbytes & ~(AES_BLOCK_SIZE - 1); + return nbytes; } -- cgit v1.2.3