tjh.dev / kernel
Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
kernel os linux
1
fork

Configure Feed

Select the types of activity you want to include in your feed.

Merge git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6

Pull another crypto fix from Herbert Xu:
"Fix ICV corruption in s390/ghash when the same tfm is used by more
than one thread"

* git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6:
crypto: s390/ghash - Fix incorrect ghash icv buffer handling.

Linus Torvalds 2a058f38 865d8722

+13 -12
+13 -12
arch/s390/crypto/ghash_s390.c
··· 16 16 #define GHASH_DIGEST_SIZE 16 17 17 18 18 struct ghash_ctx { 19 - u8 icv[16]; 20 - u8 key[16]; 19 + u8 key[GHASH_BLOCK_SIZE]; 21 20 }; 22 21 23 22 struct ghash_desc_ctx { 23 + u8 icv[GHASH_BLOCK_SIZE]; 24 + u8 key[GHASH_BLOCK_SIZE]; 24 25 u8 buffer[GHASH_BLOCK_SIZE]; 25 26 u32 bytes; 26 27 }; ··· 29 28 static int ghash_init(struct shash_desc *desc) 30 29 { 31 30 struct ghash_desc_ctx *dctx = shash_desc_ctx(desc); 31 + struct ghash_ctx *ctx = crypto_shash_ctx(desc->tfm); 32 32 33 33 memset(dctx, 0, sizeof(*dctx)); 34 + memcpy(dctx->key, ctx->key, GHASH_BLOCK_SIZE); 34 35 35 36 return 0; 36 37 } ··· 48 45 } 49 46 50 47 memcpy(ctx->key, key, GHASH_BLOCK_SIZE); 51 - memset(ctx->icv, 0, GHASH_BLOCK_SIZE); 52 48 53 49 return 0; 54 50 } ··· 56 54 const u8 *src, unsigned int srclen) 57 55 { 58 56 struct ghash_desc_ctx *dctx = shash_desc_ctx(desc); 59 - struct ghash_ctx *ctx = crypto_shash_ctx(desc->tfm); 60 57 unsigned int n; 61 58 u8 *buf = dctx->buffer; 62 59 int ret; ··· 71 70 src += n; 72 71 73 72 if (!dctx->bytes) { 74 - ret = crypt_s390_kimd(KIMD_GHASH, ctx, buf, 73 + ret = crypt_s390_kimd(KIMD_GHASH, dctx, buf, 75 74 GHASH_BLOCK_SIZE); 76 75 if (ret != GHASH_BLOCK_SIZE) 77 76 return -EIO; ··· 80 79 81 80 n = srclen & ~(GHASH_BLOCK_SIZE - 1); 82 81 if (n) { 83 - ret = crypt_s390_kimd(KIMD_GHASH, ctx, src, n); 82 + ret = crypt_s390_kimd(KIMD_GHASH, dctx, src, n); 84 83 if (ret != n) 85 84 return -EIO; 86 85 src += n; ··· 95 94 return 0; 96 95 } 97 96 98 - static int ghash_flush(struct ghash_ctx *ctx, struct ghash_desc_ctx *dctx) 97 + static int ghash_flush(struct ghash_desc_ctx *dctx) 99 98 { 100 99 u8 *buf = dctx->buffer; 101 100 int ret; ··· 105 104 106 105 memset(pos, 0, dctx->bytes); 107 106 108 - ret = crypt_s390_kimd(KIMD_GHASH, ctx, buf, GHASH_BLOCK_SIZE); 107 + ret = crypt_s390_kimd(KIMD_GHASH, dctx, buf, GHASH_BLOCK_SIZE); 109 108 if (ret != GHASH_BLOCK_SIZE) 110 109 return -EIO; 110 + 111 + dctx->bytes = 0; 111 112 } 112 113 113 - dctx->bytes = 0; 114 114 return 0; 115 115 } 116 116 117 117 static int ghash_final(struct shash_desc *desc, u8 *dst) 118 118 { 119 119 struct ghash_desc_ctx *dctx = shash_desc_ctx(desc); 120 - struct ghash_ctx *ctx = crypto_shash_ctx(desc->tfm); 121 120 int ret; 122 121 123 - ret = ghash_flush(ctx, dctx); 122 + ret = ghash_flush(dctx); 124 123 if (!ret) 125 - memcpy(dst, ctx->icv, GHASH_BLOCK_SIZE); 124 + memcpy(dst, dctx->icv, GHASH_BLOCK_SIZE); 126 125 return ret; 127 126 } 128 127