Received: by 2002:a25:8b91:0:0:0:0:0 with SMTP id j17csp4820454ybl; Wed, 22 Jan 2020 05:22:51 -0800 (PST) X-Google-Smtp-Source: APXvYqwC4aTSeeAaEkqFkyyZ6tBNpoS9F4DaGMuBvzqjrl1+iZmU/MilTCnc5jTD9MrmgGhoAor1 X-Received: by 2002:aca:50cd:: with SMTP id e196mr6788067oib.178.1579699370967; Wed, 22 Jan 2020 05:22:50 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1579699370; cv=none; d=google.com; s=arc-20160816; b=f0TIwK/OLEHA6MvnjcGgKY87slqbfa2qLYelvpAtnXCMEQXNc7wjKXwoCQsegDCzuY /MDuhd7U3dHZUSICtEB2hSg2a1oVlzHtQFpkDFrR0goSI7ePwd4Gg7fh8YtXOWhXmz0L qe5HbGd2ldNLbqbOAsdiAP/2FMbQXGNW+Dma0+huuNv1269U2EbVB9qV5IzzWbq9ktXV 5tbjssJOd7dQe0/d/g9eZH0mg1p5YjuKzELXLcPLYBXdbmjuKZ8zOHn8tye//9um2Xai Ea2NxZaPLT65W4l9TClW8t7N34oqftME1hi7cvOmwnEw+hH8FxJyMZaSieeOCJidVeUA TLrQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:mime-version :user-agent:references:in-reply-to:message-id:date:subject:cc:to :from:dkim-signature; bh=8phllRE6jpHLJaTd8Ckw+trIRTSjtiMJLThWiZg7ReY=; b=q+lriMaL1xR3S3UyuYdajfSRwLmat0xsZU7YBJdcBk/OjlMTnxW+SXyIbPILE/5Mp/ dkGi9xEk/Awvd+jGbBDFloJlEjkSqNiGYj8Kn/PmJE4NyDkwcvxg/4BSU2FKQcZjTpLe vuv4ZDOI2bGCuvJTWywTq1ub5L6KoRGjheLdyx0HTB/k19270h/cLCNMIm+OcDICxWlA +HVbVv1UjF+mmVllOZXrAlptxQOFKT+VM9N8/Tz7r4zQuqEw0bZ0HCpcPkuR/E+/Yj6v ntcsEN6Dt40oZVuCvR0f90gkG7Umiqu4qRhK3Qsi3raM2Dl9yWvg5nAlJaEvlVvA7JZ7 ltVA== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@kernel.org header.s=default header.b=rD9hxWb0; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id w11si21158799oic.62.2020.01.22.05.22.38; Wed, 22 Jan 2020 05:22:50 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@kernel.org header.s=default header.b=rD9hxWb0; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1729219AbgAVNTz (ORCPT + 99 others); Wed, 22 Jan 2020 08:19:55 -0500 Received: from mail.kernel.org ([198.145.29.99]:35892 "EHLO mail.kernel.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1729058AbgAVNTu (ORCPT ); Wed, 22 Jan 2020 08:19:50 -0500 Received: from localhost (unknown [84.241.205.26]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPSA id 98E732467A; Wed, 22 Jan 2020 13:19:49 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=default; t=1579699190; bh=lYcyzUsSueiTVaeCjUbMt38KiP52JGJR1GhZPYucS/4=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=rD9hxWb0B+Uew2OaI+6vlKSWy6UrpDLH6T1Z+2W+3AA9mEaxlGdQoydJw0BdXBp1x 0Ca3yMy7fRTknmY7alrclkQwGRKl2hfi5FNr6YATox+aSk4S9IKGxdlEEdjPsTAa8d HAg7zsZXWAqMoZYfgWrLt85Rrc7BC7thKlhsTNYE= From: Greg Kroah-Hartman To: linux-kernel@vger.kernel.org Cc: Greg Kroah-Hartman , stable@vger.kernel.org, Harald Freudenberger , Vasily Gorbik Subject: [PATCH 5.4 067/222] s390/zcrypt: Fix CCA cipher key gen with clear key value function Date: Wed, 22 Jan 2020 10:27:33 +0100 Message-Id: <20200122092838.523158685@linuxfoundation.org> X-Mailer: git-send-email 2.25.0 In-Reply-To: <20200122092833.339495161@linuxfoundation.org> References: <20200122092833.339495161@linuxfoundation.org> User-Agent: quilt/0.66 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org From: Harald Freudenberger commit 94dd3bada53ee77b80d0aeee5571eeb83654d156 upstream. Regression tests showed that the CCA cipher key function which generates an CCA cipher key with given clear key value does not work correctly. At parsing the reply CPRB two limits are wrong calculated resulting in rejecting the reply as invalid with s390dbf message "_ip_cprb_helper reply with invalid or unknown key block". Fixes: f2bbc96e7cfa ("s390/pkey: add CCA AES cipher key support") Cc: Stable Signed-off-by: Harald Freudenberger Signed-off-by: Vasily Gorbik Signed-off-by: Greg Kroah-Hartman --- drivers/s390/crypto/zcrypt_ccamisc.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) --- a/drivers/s390/crypto/zcrypt_ccamisc.c +++ b/drivers/s390/crypto/zcrypt_ccamisc.c @@ -1037,8 +1037,8 @@ static int _ip_cprb_helper(u16 cardnr, u prepparm = (struct iprepparm *) prepcblk->rpl_parmb; /* do some plausibility checks on the key block */ - if (prepparm->kb.len < 120 + 5 * sizeof(uint16_t) || - prepparm->kb.len > 136 + 5 * sizeof(uint16_t)) { + if (prepparm->kb.len < 120 + 3 * sizeof(uint16_t) || + prepparm->kb.len > 136 + 3 * sizeof(uint16_t)) { DEBUG_ERR("%s reply with invalid or unknown key block\n", __func__); rc = -EIO;