From: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
To: linux-kernel@vger.kernel.org
Cc: Greg Kroah-Hartman <gregkh@linuxfoundation.org>,
stable@vger.kernel.org,
Gerald Schaefer <gerald.schaefer@de.ibm.com>,
Herbert Xu <herbert@gondor.apana.org.au>
Subject: [PATCH 3.12 08/62] crypto: s390 - Fix aes-xts parameter corruption
Date: Tue, 10 Dec 2013 00:00:39 -0800 [thread overview]
Message-ID: <20131210080058.038172939@linuxfoundation.org> (raw)
In-Reply-To: <20131210080057.415644748@linuxfoundation.org>
3.12-stable review patch. If anyone has any objections, please let me know.
------------------
From: Gerald Schaefer <gerald.schaefer@de.ibm.com>
commit 9dda2769af4f3f3093434648c409bb351120d9e8 upstream.
Some s390 crypto algorithms incorrectly use the crypto_tfm structure to
store private data. As the tfm can be shared among multiple threads, this
can result in data corruption.
This patch fixes aes-xts by moving the xts and pcc parameter blocks from
the tfm onto the stack (48 + 96 bytes).
Signed-off-by: Gerald Schaefer <gerald.schaefer@de.ibm.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
---
arch/s390/crypto/aes_s390.c | 31 +++++++++++++++++--------------
1 file changed, 17 insertions(+), 14 deletions(-)
--- a/arch/s390/crypto/aes_s390.c
+++ b/arch/s390/crypto/aes_s390.c
@@ -55,8 +55,7 @@ struct pcc_param {
struct s390_xts_ctx {
u8 key[32];
- u8 xts_param[16];
- struct pcc_param pcc;
+ u8 pcc_key[32];
long enc;
long dec;
int key_len;
@@ -591,7 +590,7 @@ static int xts_aes_set_key(struct crypto
xts_ctx->enc = KM_XTS_128_ENCRYPT;
xts_ctx->dec = KM_XTS_128_DECRYPT;
memcpy(xts_ctx->key + 16, in_key, 16);
- memcpy(xts_ctx->pcc.key + 16, in_key + 16, 16);
+ memcpy(xts_ctx->pcc_key + 16, in_key + 16, 16);
break;
case 48:
xts_ctx->enc = 0;
@@ -602,7 +601,7 @@ static int xts_aes_set_key(struct crypto
xts_ctx->enc = KM_XTS_256_ENCRYPT;
xts_ctx->dec = KM_XTS_256_DECRYPT;
memcpy(xts_ctx->key, in_key, 32);
- memcpy(xts_ctx->pcc.key, in_key + 32, 32);
+ memcpy(xts_ctx->pcc_key, in_key + 32, 32);
break;
default:
*flags |= CRYPTO_TFM_RES_BAD_KEY_LEN;
@@ -621,29 +620,33 @@ static int xts_aes_crypt(struct blkciphe
unsigned int nbytes = walk->nbytes;
unsigned int n;
u8 *in, *out;
- void *param;
+ struct pcc_param pcc_param;
+ struct {
+ u8 key[32];
+ u8 init[16];
+ } xts_param;
if (!nbytes)
goto out;
- memset(xts_ctx->pcc.block, 0, sizeof(xts_ctx->pcc.block));
- memset(xts_ctx->pcc.bit, 0, sizeof(xts_ctx->pcc.bit));
- memset(xts_ctx->pcc.xts, 0, sizeof(xts_ctx->pcc.xts));
- memcpy(xts_ctx->pcc.tweak, walk->iv, sizeof(xts_ctx->pcc.tweak));
- param = xts_ctx->pcc.key + offset;
- ret = crypt_s390_pcc(func, param);
+ memset(pcc_param.block, 0, sizeof(pcc_param.block));
+ memset(pcc_param.bit, 0, sizeof(pcc_param.bit));
+ memset(pcc_param.xts, 0, sizeof(pcc_param.xts));
+ memcpy(pcc_param.tweak, walk->iv, sizeof(pcc_param.tweak));
+ memcpy(pcc_param.key, xts_ctx->pcc_key, 32);
+ ret = crypt_s390_pcc(func, &pcc_param.key[offset]);
if (ret < 0)
return -EIO;
- memcpy(xts_ctx->xts_param, xts_ctx->pcc.xts, 16);
- param = xts_ctx->key + offset;
+ memcpy(xts_param.key, xts_ctx->key, 32);
+ memcpy(xts_param.init, pcc_param.xts, 16);
do {
/* only use complete blocks */
n = nbytes & ~(AES_BLOCK_SIZE - 1);
out = walk->dst.virt.addr;
in = walk->src.virt.addr;
- ret = crypt_s390_km(func, param, out, in, n);
+ ret = crypt_s390_km(func, &xts_param.key[offset], out, in, n);
if (ret < 0 || ret != n)
return -EIO;
next prev parent reply other threads:[~2013-12-10 8:00 UTC|newest]
Thread overview: 75+ messages / expand[flat|nested] mbox.gz Atom feed top
2013-12-10 8:00 [PATCH 3.12 00/62] 3.12.5-stable review Greg Kroah-Hartman
2013-12-10 8:00 ` [PATCH 3.12 01/62] ALSA: hda - Fix silent output on ASUS W7J laptop Greg Kroah-Hartman
2013-12-10 8:00 ` [PATCH 3.12 02/62] ALSA: hda - Another fixup for ASUS laptop with ALC660 codec Greg Kroah-Hartman
2013-12-10 8:00 ` [PATCH 3.12 03/62] ALSA: hda - Use always amps for auto-mute on AD1986A codec Greg Kroah-Hartman
2013-12-10 8:00 ` [PATCH 3.12 04/62] ALSA: hda - Fix headset mic input after muted internal mic (Dell/Realtek) Greg Kroah-Hartman
2013-12-10 8:00 ` [PATCH 3.12 05/62] ALSA: hda - Fix bad EAPD setup for HP machines with AD1984A Greg Kroah-Hartman
2013-12-10 8:00 ` [PATCH 3.12 06/62] ALSA: hda - Fix silent output on MacBook Air 2,1 Greg Kroah-Hartman
2013-12-10 8:00 ` [PATCH 3.12 07/62] ALSA: hda - Add mono speaker quirk for Dell Inspiron 5439 Greg Kroah-Hartman
2013-12-10 8:00 ` Greg Kroah-Hartman [this message]
2013-12-10 8:00 ` [PATCH 3.12 09/62] crypto: scatterwalk - Set the chain pointer indication bit Greg Kroah-Hartman
2013-12-10 8:00 ` [PATCH 3.12 10/62] crypto: ccm - Fix handling of zero plaintext when computing mac Greg Kroah-Hartman
2013-12-10 8:00 ` [PATCH 3.12 11/62] crypto: authenc - Find proper IV address in ablkcipher callback Greg Kroah-Hartman
2013-12-10 8:00 ` [PATCH 3.12 12/62] ARM: fix booting low-vectors machines Greg Kroah-Hartman
2013-12-10 8:00 ` [PATCH 3.12 13/62] ARM: footbridge: fix VGA initialisation Greg Kroah-Hartman
2013-12-10 8:00 ` [PATCH 3.12 14/62] ARM: footbridge: fix EBSA285 LEDs Greg Kroah-Hartman
2013-12-10 8:00 ` [PATCH 3.12 15/62] ARM: multi_v7_defconfig: enable SDHCI_BCM_KONA and MMC_BLOCK_MINORS=16 Greg Kroah-Hartman
2013-12-10 8:00 ` [PATCH 3.12 16/62] ARM: dts: omap4-panda-common: Fix pin muxing for wl12xx Greg Kroah-Hartman
2013-12-10 8:00 ` [PATCH 3.12 17/62] ARM: OMAPFB: panel-sony-acx565akm: fix bad unlock balance Greg Kroah-Hartman
2013-12-10 8:00 ` [PATCH 3.12 18/62] ARM: at91: sama5d3: reduce TWI internal clock frequency Greg Kroah-Hartman
2013-12-10 8:00 ` [PATCH 3.12 19/62] ARM: mvebu: second PCIe unit of Armada XP mv78230 is only x1 capable Greg Kroah-Hartman
2013-12-10 8:00 ` [PATCH 3.12 20/62] ARM: mvebu: fix second and third PCIe unit of Armada XP mv78260 Greg Kroah-Hartman
2013-12-10 8:00 ` [PATCH 3.12 21/62] ARM: mvebu: use the virtual CPU registers to access coherency registers Greg Kroah-Hartman
2013-12-10 8:00 ` [PATCH 3.12 22/62] ARM: mvebu: re-enable PCIe on Armada 370 DB Greg Kroah-Hartman
2013-12-10 8:00 ` [PATCH 3.12 23/62] ASoC: wm8990: Mark the register map as dirty when powering down Greg Kroah-Hartman
2013-12-10 8:00 ` [PATCH 3.12 24/62] ASoC: dapm: Use SND_SOC_DAPM_INIT_REG_VAL in SND_SOC_DAPM_MUX Greg Kroah-Hartman
2013-12-10 8:00 ` [PATCH 3.12 25/62] ASoC: wm8731: fix dsp mode configuration Greg Kroah-Hartman
2013-12-10 8:00 ` [PATCH 3.12 26/62] vfs: fix subtle use-after-free of pipe_inode_info Greg Kroah-Hartman
2013-12-10 8:00 ` [PATCH 3.12 27/62] can: sja1000: fix {pre,post}_irq() handling and IRQ handler return value Greg Kroah-Hartman
2013-12-10 8:00 ` [PATCH 3.12 28/62] can: flexcan: use correct clock as base for bit rate calculation Greg Kroah-Hartman
2013-12-10 8:01 ` [PATCH 3.12 29/62] can: c_can: dont call pm_runtime_get_sync() from interrupt context Greg Kroah-Hartman
2013-12-10 8:01 ` [PATCH 3.12 30/62] efivars, efi-pstore: Hold off deletion of sysfs entry until the scan is completed Greg Kroah-Hartman
2013-12-10 8:01 ` [PATCH 3.12 31/62] efi-pstore: Make efi-pstore return a unique id Greg Kroah-Hartman
2013-12-10 8:01 ` [PATCH 3.12 32/62] SCSI: bfa: Fix crash when symb name set for offline vport Greg Kroah-Hartman
2013-12-10 8:01 ` [PATCH 3.12 33/62] SCSI: enclosure: fix WARN_ON in dual path device removing Greg Kroah-Hartman
2013-12-10 8:01 ` [PATCH 3.12 34/62] SCSI: libsas: fix usage of ata_tf_to_fis Greg Kroah-Hartman
2013-12-10 8:01 ` [PATCH 3.12 35/62] SCSI: hpsa: do not discard scsi status on aborted commands Greg Kroah-Hartman
2013-12-10 8:01 ` [PATCH 3.12 36/62] SCSI: hpsa: return 0 from driver probe function on success, not 1 Greg Kroah-Hartman
2013-12-10 8:01 ` [PATCH 3.12 37/62] NFSv4: Update list of irrecoverable errors on DELEGRETURN Greg Kroah-Hartman
2013-12-10 8:01 ` [PATCH 3.12 38/62] PNP: fix restoring devices after hibernation Greg Kroah-Hartman
2013-12-10 8:01 ` [PATCH 3.12 39/62] time: Fix 1ns/tick drift w/ GENERIC_TIME_VSYSCALL_OLD Greg Kroah-Hartman
2013-12-10 8:01 ` [PATCH 3.12 40/62] powerpc/gpio: Fix the wrong GPIO input data on MPC8572/MPC8536 Greg Kroah-Hartman
2013-12-10 8:01 ` [PATCH 3.12 41/62] parisc: fix mmap(MAP_FIXED|MAP_SHARED) to already mmapped address Greg Kroah-Hartman
2013-12-10 8:01 ` [PATCH 3.12 42/62] xen/gnttab: leave lazy MMU mode in the case of a m2p override failure Greg Kroah-Hartman
2013-12-10 8:01 ` [PATCH 3.12 43/62] spi/pxa2xx: add new ACPI IDs Greg Kroah-Hartman
2013-12-10 8:01 ` [PATCH 3.12 44/62] cpuidle: Check for dev before deregistering it Greg Kroah-Hartman
2013-12-10 8:01 ` [PATCH 3.12 45/62] Update of blkg_stat and blkg_rwstat may happen in bh context. While u64_stats_fetch_retry is only preempt_disable on 32bit UP system. This is not enough to avoid preemption by bh and may read strange 64 bit value Greg Kroah-Hartman
2013-12-10 8:01 ` [PATCH 3.12 46/62] irq: Enable all irqs unconditionally in irq_resume Greg Kroah-Hartman
2013-12-10 9:01 ` Pavel Machek
2013-12-10 9:08 ` Greg Kroah-Hartman
2013-12-10 12:52 ` Heiko Stübner
2013-12-10 19:27 ` Greg Kroah-Hartman
2013-12-10 21:46 ` Heiko Stübner
2013-12-11 1:16 ` Greg Kroah-Hartman
2013-12-10 8:01 ` [PATCH 3.12 47/62] net: update consumers of MSG_MORE to recognize MSG_SENDPAGE_NOTLAST Greg Kroah-Hartman
2013-12-10 8:01 ` [PATCH 3.12 48/62] x86-64, build: Always pass in -mno-sse Greg Kroah-Hartman
2013-12-10 8:01 ` [PATCH 3.12 49/62] SCSI: Disable WRITE SAME for RAID and virtual host adapter drivers Greg Kroah-Hartman
2013-12-10 8:01 ` [PATCH 3.12 50/62] iwlwifi: dvm: dont override mac80211s queue setting Greg Kroah-Hartman
2013-12-10 8:01 ` [PATCH 3.12 51/62] tg3: avoid double-freeing of rx data memory Greg Kroah-Hartman
2013-12-10 8:01 ` [PATCH 3.12 52/62] Input: allow deselecting serio drivers even without CONFIG_EXPERT Greg Kroah-Hartman
2013-12-10 8:01 ` [PATCH 3.12 53/62] Input: mousedev - allow disabling " Greg Kroah-Hartman
2013-12-10 8:01 ` [PATCH 3.12 54/62] mei: me: add Lynx Point Wellsburg work station device id Greg Kroah-Hartman
2013-12-10 8:01 ` [PATCH 3.12 55/62] mei: add 9 series PCH mei device ids Greg Kroah-Hartman
2013-12-10 8:01 ` [PATCH 3.12 56/62] n_tty: Fix missing newline echo Greg Kroah-Hartman
2013-12-10 8:01 ` [PATCH 3.12 57/62] USB: pl2303: fixed handling of CS5 setting Greg Kroah-Hartman
2013-12-10 8:01 ` [PATCH 3.12 58/62] USB: ftdi_sio: fixed handling of unsupported CSIZE setting Greg Kroah-Hartman
2013-12-10 8:01 ` [PATCH 3.12 59/62] USB: mos7840: correct handling of CS5 setting Greg Kroah-Hartman
2013-12-10 8:01 ` [PATCH 3.12 60/62] USB: spcp8x5: " Greg Kroah-Hartman
2013-12-10 8:01 ` [PATCH 3.12 61/62] USB: cdc-acm: Added support for the Lenovo RD02-D400 USB Modem Greg Kroah-Hartman
2013-12-10 8:01 ` [PATCH 3.12 62/62] drivers/char/i8k.c: add Dell XPLS L421X Greg Kroah-Hartman
2013-12-10 17:04 ` [PATCH 3.12 00/62] 3.12.5-stable review Guenter Roeck
2013-12-11 1:17 ` Greg Kroah-Hartman
2013-12-11 1:49 ` Shuah Khan
2013-12-11 2:00 ` Greg Kroah-Hartman
2013-12-11 21:26 ` Satoru Takeuchi
2013-12-11 23:31 ` Greg Kroah-Hartman
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20131210080058.038172939@linuxfoundation.org \
--to=gregkh@linuxfoundation.org \
--cc=gerald.schaefer@de.ibm.com \
--cc=herbert@gondor.apana.org.au \
--cc=linux-kernel@vger.kernel.org \
--cc=stable@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).