]> err.no Git - linux-2.6/commitdiff
[PATCH] s390: aes crypto code fixes
authorJan Glauber <jan.glauber@de.ibm.com>
Sat, 14 Jan 2006 21:20:55 +0000 (13:20 -0800)
committerLinus Torvalds <torvalds@g5.osdl.org>
Sun, 15 Jan 2006 02:27:08 +0000 (18:27 -0800)
Call KM[C] only with a multiple of block size.  Check return value of KM[C]
instructions and complain about erros

Signed-off-by: Jan Glauber <jan.glauber@de.ibm.com>
Signed-off-by: Martin Schwidefsky <schwidefsky@de.ibm.com>
Signed-off-by: Andrew Morton <akpm@osdl.org>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
arch/s390/crypto/aes_s390.c

index 7a1033d8e00fe202ed15245b610f1455baf53f61..c5ca2dc5d4281ee67d7d67be936dec4ec2214ff0 100644 (file)
@@ -114,80 +114,108 @@ static unsigned int aes_encrypt_ecb(const struct cipher_desc *desc, u8 *out,
                                    const u8 *in, unsigned int nbytes)
 {
        struct s390_aes_ctx *sctx = crypto_tfm_ctx(desc->tfm);
+       int ret;
+
+       /* only use complete blocks */
+       nbytes &= ~(AES_BLOCK_SIZE - 1);
 
        switch (sctx->key_len) {
        case 16:
-               crypt_s390_km(KM_AES_128_ENCRYPT, &sctx->key, out, in, nbytes);
+               ret = crypt_s390_km(KM_AES_128_ENCRYPT, &sctx->key, out, in, nbytes);
+               BUG_ON((ret < 0) || (ret != nbytes));
                break;
        case 24:
-               crypt_s390_km(KM_AES_192_ENCRYPT, &sctx->key, out, in, nbytes);
+               ret = crypt_s390_km(KM_AES_192_ENCRYPT, &sctx->key, out, in, nbytes);
+               BUG_ON((ret < 0) || (ret != nbytes));
                break;
        case 32:
-               crypt_s390_km(KM_AES_256_ENCRYPT, &sctx->key, out, in, nbytes);
+               ret = crypt_s390_km(KM_AES_256_ENCRYPT, &sctx->key, out, in, nbytes);
+               BUG_ON((ret < 0) || (ret != nbytes));
                break;
        }
-       return nbytes & ~(AES_BLOCK_SIZE - 1);
+       return nbytes;
 }
 
 static unsigned int aes_decrypt_ecb(const struct cipher_desc *desc, u8 *out,
                                    const u8 *in, unsigned int nbytes)
 {
        struct s390_aes_ctx *sctx = crypto_tfm_ctx(desc->tfm);
+       int ret;
+
+       /* only use complete blocks */
+       nbytes &= ~(AES_BLOCK_SIZE - 1);
 
        switch (sctx->key_len) {
        case 16:
-               crypt_s390_km(KM_AES_128_DECRYPT, &sctx->key, out, in, nbytes);
+               ret = crypt_s390_km(KM_AES_128_DECRYPT, &sctx->key, out, in, nbytes);
+               BUG_ON((ret < 0) || (ret != nbytes));
                break;
        case 24:
-               crypt_s390_km(KM_AES_192_DECRYPT, &sctx->key, out, in, nbytes);
+               ret = crypt_s390_km(KM_AES_192_DECRYPT, &sctx->key, out, in, nbytes);
+               BUG_ON((ret < 0) || (ret != nbytes));
                break;
        case 32:
-               crypt_s390_km(KM_AES_256_DECRYPT, &sctx->key, out, in, nbytes);
+               ret = crypt_s390_km(KM_AES_256_DECRYPT, &sctx->key, out, in, nbytes);
+               BUG_ON((ret < 0) || (ret != nbytes));
                break;
        }
-       return nbytes & ~(AES_BLOCK_SIZE - 1);
+       return nbytes;
 }
 
 static unsigned int aes_encrypt_cbc(const struct cipher_desc *desc, u8 *out,
                                    const u8 *in, unsigned int nbytes)
 {
        struct s390_aes_ctx *sctx = crypto_tfm_ctx(desc->tfm);
+       int ret;
+
+       /* only use complete blocks */
+       nbytes &= ~(AES_BLOCK_SIZE - 1);
 
        memcpy(&sctx->iv, desc->info, AES_BLOCK_SIZE);
        switch (sctx->key_len) {
        case 16:
-               crypt_s390_kmc(KMC_AES_128_ENCRYPT, &sctx->iv, out, in, nbytes);
+               ret = crypt_s390_kmc(KMC_AES_128_ENCRYPT, &sctx->iv, out, in, nbytes);
+               BUG_ON((ret < 0) || (ret != nbytes));
                break;
        case 24:
-               crypt_s390_kmc(KMC_AES_192_ENCRYPT, &sctx->iv, out, in, nbytes);
+               ret = crypt_s390_kmc(KMC_AES_192_ENCRYPT, &sctx->iv, out, in, nbytes);
+               BUG_ON((ret < 0) || (ret != nbytes));
                break;
        case 32:
-               crypt_s390_kmc(KMC_AES_256_ENCRYPT, &sctx->iv, out, in, nbytes);
+               ret = crypt_s390_kmc(KMC_AES_256_ENCRYPT, &sctx->iv, out, in, nbytes);
+               BUG_ON((ret < 0) || (ret != nbytes));
                break;
        }
        memcpy(desc->info, &sctx->iv, AES_BLOCK_SIZE);
 
-       return nbytes & ~(AES_BLOCK_SIZE - 1);
+       return nbytes;
 }
 
 static unsigned int aes_decrypt_cbc(const struct cipher_desc *desc, u8 *out,
                                    const u8 *in, unsigned int nbytes)
 {
        struct s390_aes_ctx *sctx = crypto_tfm_ctx(desc->tfm);
+       int ret;
+
+       /* only use complete blocks */
+       nbytes &= ~(AES_BLOCK_SIZE - 1);
 
        memcpy(&sctx->iv, desc->info, AES_BLOCK_SIZE);
        switch (sctx->key_len) {
        case 16:
-               crypt_s390_kmc(KMC_AES_128_DECRYPT, &sctx->iv, out, in, nbytes);
+               ret = crypt_s390_kmc(KMC_AES_128_DECRYPT, &sctx->iv, out, in, nbytes);
+               BUG_ON((ret < 0) || (ret != nbytes));
                break;
        case 24:
-               crypt_s390_kmc(KMC_AES_192_DECRYPT, &sctx->iv, out, in, nbytes);
+               ret = crypt_s390_kmc(KMC_AES_192_DECRYPT, &sctx->iv, out, in, nbytes);
+               BUG_ON((ret < 0) || (ret != nbytes));
                break;
        case 32:
-               crypt_s390_kmc(KMC_AES_256_DECRYPT, &sctx->iv, out, in, nbytes);
+               ret = crypt_s390_kmc(KMC_AES_256_DECRYPT, &sctx->iv, out, in, nbytes);
+               BUG_ON((ret < 0) || (ret != nbytes));
                break;
        }
-       return nbytes & ~(AES_BLOCK_SIZE - 1);
+       return nbytes;
 }