Received: by 2002:ac0:bc90:0:0:0:0:0 with SMTP id a16csp615665img; Fri, 22 Mar 2019 05:12:57 -0700 (PDT) X-Google-Smtp-Source: APXvYqyV9KWE6kXELNuIA1L48ewRE4CiROPK+0tW7+u1rD0DBff8VOAqvC4E7G71gUzwtYQrbARO X-Received: by 2002:a62:6086:: with SMTP id u128mr5941147pfb.148.1553256777577; Fri, 22 Mar 2019 05:12:57 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1553256777; cv=none; d=google.com; s=arc-20160816; b=CKwfRkFV1CSRDmUuvIINvd5e0fGKis11EDeqzkjKut1sOSOt2iA0WjRFg6OORKJfTl t4G04Dmv49YGZkR/aZ8118GRQ+MUprgLiUgwfxqZlzRjU3K6evMQk517KtsehNeCiBxb rt3EnmKvDmZcJWymwKDcIpxVzwSdWkLI/2O0rrZ6wBnreKe78W4V9HSL7CfyyCd1lRmm 9oKDkhzWCMByzT0XOIV4M3qrtwoOLUVQvKhha6sd2PLFBlIjejxTvasubCZqAAqCHHlT 3F5gD0lqPW9hssXLZtX3f54pt5PEhmMDGUnECwM3GPpslooDAksmPn6QlN3eijG2Qxdw F/+Q== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:mime-version :user-agent:references:in-reply-to:message-id:date:subject:cc:to :from:dkim-signature; bh=yPFclGXrYLXckY++sKbk/LA2/rjsYP1HxDMnYPcM3m8=; b=Pot4LMpfwOyKAQ7C/4KlzRM+itKSqQOXSXntW7XIwiaWSHUCNbE0SoWQpGtRKOmRJ8 6Ul6KHFvCcaneECQENOVpu7v5Lozl4fOztOEME43rmNPtL6JLdzpVSDr27OlsUlSbOvY /GySBPWti3bOp8vX0axR9joVXqWhi+mMpfzOurZKqIwWpyPyDrlUeBIgjKFB28316icl i9ldKvldx0rbtHlIbin1R2VMtqClE92mNM3+WbGiYB7kZAj2M0IpuWAGhU/VWZqXBWEI PKsATzw8h8IzWOJaDD/fewnrsNa2s0AGmXLmbFBI2bWDdMO97R5BIsTk1anftbDLMJBh s6Vg== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@kernel.org header.s=default header.b=Qh3QGcoC; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id p6si6403632pga.151.2019.03.22.05.12.42; Fri, 22 Mar 2019 05:12:57 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@kernel.org header.s=default header.b=Qh3QGcoC; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S2389577AbfCVMMG (ORCPT + 99 others); Fri, 22 Mar 2019 08:12:06 -0400 Received: from mail.kernel.org ([198.145.29.99]:50270 "EHLO mail.kernel.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S2388968AbfCVMMD (ORCPT ); Fri, 22 Mar 2019 08:12:03 -0400 Received: from localhost (83-86-89-107.cable.dynamic.v4.ziggo.nl [83.86.89.107]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPSA id AE74220830; Fri, 22 Mar 2019 12:12:02 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=default; t=1553256723; bh=jIImtb19x6wdiJJzDnn77niy0v4N6aOnTJ29y0YOIWY=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=Qh3QGcoCG6Q3HpIImrhxeOHVKkIB2HNkzcU2wOA8Rfd70L+/Lqh46WTMmr9gCLlQu diiDlyKS5XLl6b+ZVC8eXPzOIoyiBvk79jBc9t+fAUoMc5Ex7xeIy6u+w92FR3l9O/ ob8Sdiy6xH2aoMM0hOpGxEtbfhz1p3w8phuq581Y= From: Greg Kroah-Hartman To: linux-kernel@vger.kernel.org Cc: Greg Kroah-Hartman , stable@vger.kernel.org, Gilad Ben-Yossef , Herbert Xu Subject: [PATCH 5.0 018/238] crypto: ccree - dont copy zero size ciphertext Date: Fri, 22 Mar 2019 12:13:57 +0100 Message-Id: <20190322111259.245385243@linuxfoundation.org> X-Mailer: git-send-email 2.21.0 In-Reply-To: <20190322111258.383569278@linuxfoundation.org> References: <20190322111258.383569278@linuxfoundation.org> User-Agent: quilt/0.65 X-stable: review X-Patchwork-Hint: ignore MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org 5.0-stable review patch. If anyone has any objections, please let me know. ------------------ From: Gilad Ben-Yossef commit 2b5ac17463dcb2411fed506edcf259a89bb538ba upstream. For decryption in CBC mode we need to save the last ciphertext block for use as the next IV. However, we were trying to do this also with zero sized ciphertext resulting in a panic. Fix this by only doing the copy if the ciphertext length is at least of IV size. Signed-off-by: Gilad Ben-Yossef Cc: stable@vger.kernel.org Signed-off-by: Herbert Xu Signed-off-by: Greg Kroah-Hartman --- drivers/crypto/ccree/cc_cipher.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) --- a/drivers/crypto/ccree/cc_cipher.c +++ b/drivers/crypto/ccree/cc_cipher.c @@ -801,7 +801,8 @@ static int cc_cipher_decrypt(struct skci memset(req_ctx, 0, sizeof(*req_ctx)); - if (ctx_p->cipher_mode == DRV_CIPHER_CBC) { + if ((ctx_p->cipher_mode == DRV_CIPHER_CBC) && + (req->cryptlen >= ivsize)) { /* Allocate and save the last IV sized bytes of the source, * which will be lost in case of in-place decryption.