tjh.dev / kernel
Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
kernel os linux
1
fork

Configure Feed

Select the types of activity you want to include in your feed.

crypto: ccp - copy IV using skcipher ivsize

AF_ALG rfc3686-ctr-aes-ccp requests pass an 8-byte IV to the driver.

ccp_aes_complete() restores AES_BLOCK_SIZE bytes into the caller's IV
buffer while RFC3686 skciphers expose an 8-byte IV, so the restore
overruns the provided buffer.

Use crypto_skcipher_ivsize() to copy only the algorithm's IV length.

Fixes: 2b789435d7f3 ("crypto: ccp - CCP AES crypto API support")
Signed-off-by: Paul Moses <p@1g4.org>
Reviewed-by: Tom Lendacky <thomas.lendacky@amd.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>

authored by

Paul Moses and committed by
Herbert Xu a7a1f3cd 4f685dbf

+5 -2
+5 -2
drivers/crypto/ccp/ccp-crypto-aes.c
··· 30 30 if (ret) 31 31 return ret; 32 32 33 - if (ctx->u.aes.mode != CCP_AES_MODE_ECB) 34 - memcpy(req->iv, rctx->iv, AES_BLOCK_SIZE); 33 + if (ctx->u.aes.mode != CCP_AES_MODE_ECB) { 34 + size_t ivsize = crypto_skcipher_ivsize(crypto_skcipher_reqtfm(req)); 35 + 36 + memcpy(req->iv, rctx->iv, ivsize); 37 + } 35 38 36 39 return 0; 37 40 }