From patchwork Wed Jan 22 09:27:33 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Greg KH X-Patchwork-Id: 233429 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-5.7 required=3.0 tests=DATE_IN_PAST_03_06, DKIMWL_WL_HIGH, DKIM_SIGNED, DKIM_VALID, HEADER_FROM_DIFFERENT_DOMAINS, MAILING_LIST_MULTI, SIGNED_OFF_BY, SPF_HELO_NONE, SPF_PASS, USER_AGENT_GIT autolearn=ham autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 830E5C2D0DB for ; Wed, 22 Jan 2020 13:19:52 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by mail.kernel.org (Postfix) with ESMTP id 55F3C2467E for ; Wed, 22 Jan 2020 13:19:52 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=default; t=1579699192; bh=lYcyzUsSueiTVaeCjUbMt38KiP52JGJR1GhZPYucS/4=; h=From:To:Cc:Subject:Date:In-Reply-To:References:List-ID:From; b=2K70KFCfYXJdJ7gu1eljDSO0hzRBkoWQppWqtMi2qaczJgv34FJL5Vt5AGZluZjDv KwavDajjTKi79G+J2wAzABYUav3MlmqCeVkyVCj99POw6N2o/0MOH8GYmFEd2UN4gm +LJ3YVzNjaafLQgtheMabIrjBWOvf5Vc2z1BKVgY= Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1729817AbgAVNTv (ORCPT ); Wed, 22 Jan 2020 08:19:51 -0500 Received: from mail.kernel.org ([198.145.29.99]:35892 "EHLO mail.kernel.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1729058AbgAVNTu (ORCPT ); Wed, 22 Jan 2020 08:19:50 -0500 Received: from localhost (unknown [84.241.205.26]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPSA id 98E732467A; Wed, 22 Jan 2020 13:19:49 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=default; t=1579699190; bh=lYcyzUsSueiTVaeCjUbMt38KiP52JGJR1GhZPYucS/4=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=rD9hxWb0B+Uew2OaI+6vlKSWy6UrpDLH6T1Z+2W+3AA9mEaxlGdQoydJw0BdXBp1x 0Ca3yMy7fRTknmY7alrclkQwGRKl2hfi5FNr6YATox+aSk4S9IKGxdlEEdjPsTAa8d HAg7zsZXWAqMoZYfgWrLt85Rrc7BC7thKlhsTNYE= From: Greg Kroah-Hartman To: linux-kernel@vger.kernel.org Cc: Greg Kroah-Hartman , stable@vger.kernel.org, Harald Freudenberger , Vasily Gorbik Subject: [PATCH 5.4 067/222] s390/zcrypt: Fix CCA cipher key gen with clear key value function Date: Wed, 22 Jan 2020 10:27:33 +0100 Message-Id: <20200122092838.523158685@linuxfoundation.org> X-Mailer: git-send-email 2.25.0 In-Reply-To: <20200122092833.339495161@linuxfoundation.org> References: <20200122092833.339495161@linuxfoundation.org> User-Agent: quilt/0.66 MIME-Version: 1.0 Sender: stable-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: stable@vger.kernel.org From: Harald Freudenberger commit 94dd3bada53ee77b80d0aeee5571eeb83654d156 upstream. Regression tests showed that the CCA cipher key function which generates an CCA cipher key with given clear key value does not work correctly. At parsing the reply CPRB two limits are wrong calculated resulting in rejecting the reply as invalid with s390dbf message "_ip_cprb_helper reply with invalid or unknown key block". Fixes: f2bbc96e7cfa ("s390/pkey: add CCA AES cipher key support") Cc: Stable Signed-off-by: Harald Freudenberger Signed-off-by: Vasily Gorbik Signed-off-by: Greg Kroah-Hartman --- drivers/s390/crypto/zcrypt_ccamisc.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) --- a/drivers/s390/crypto/zcrypt_ccamisc.c +++ b/drivers/s390/crypto/zcrypt_ccamisc.c @@ -1037,8 +1037,8 @@ static int _ip_cprb_helper(u16 cardnr, u prepparm = (struct iprepparm *) prepcblk->rpl_parmb; /* do some plausibility checks on the key block */ - if (prepparm->kb.len < 120 + 5 * sizeof(uint16_t) || - prepparm->kb.len > 136 + 5 * sizeof(uint16_t)) { + if (prepparm->kb.len < 120 + 3 * sizeof(uint16_t) || + prepparm->kb.len > 136 + 3 * sizeof(uint16_t)) { DEBUG_ERR("%s reply with invalid or unknown key block\n", __func__); rc = -EIO;