Received: by 2002:a25:8b91:0:0:0:0:0 with SMTP id j17csp2099398ybl; Thu, 30 Jan 2020 11:20:32 -0800 (PST) X-Google-Smtp-Source: APXvYqzC75m4uSfmYEnPKNC5AVy7T0I1azFQlz0rakW1vhpkTFyZllegV+7lFkvuoZMyUhNumvmC X-Received: by 2002:aca:5f85:: with SMTP id t127mr4033874oib.1.1580412031984; Thu, 30 Jan 2020 11:20:31 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1580412031; cv=none; d=google.com; s=arc-20160816; b=xwtQ1eCXOct6XFzj1zZeHAgGbtt7/5XOludLcUU135cfLtVyk5m+zDICLj3HJu7NJc jq8YEHN+3XeC87LLMb88ZDPjkGV0m0mDBW3txkprikeZlVJUj5TG3Syw2/BkCNFzz6I8 gTGt0IJiJ2SaSEXNI2Rxj4XO7ZrF1HrYsSxaABtH5rMKzbOfRKk6U5PfBsvxmQ3JRQdm /EvSmx/aPGLYgYXbD0g27TqRfOEEVkdl09CMetQLs3gmYANUhtGtMTg+LOAtesKsYW1Q iHZ5DG0abXlWZ/WKpCxyUQtVv1Wnbsd5lwu7qEh03ag9gAb23FfdggB2aDPhc8vr7M4J G2Hw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:mime-version :user-agent:references:in-reply-to:message-id:date:subject:cc:to :from:dkim-signature; bh=CN3KS6VFrH038jfh+Cx0R7oBmpo6V81gH85T1zQvUK4=; b=bLZAglv8X1N1Wkb5HUjn3vxIpJ/PfYC18GDHSLjIrvtYfBFhkb8gYQUZ/lh/45eui6 HK7EiznZ9oe23VzmbkJPm4pm0RVKys6FzkXwlm4r4EjB9PgIvT21oysm+82+VC3qkErJ ZJ5BecRfzLQR4eExR29MMx61ROx87yEajcSJbVaLk/uavTkcwOFsKL3dIyVMEFNtwf7s nW+ysuq/XM38mQIEx0EOGIoVJDohaIQBoIanxysy1ZIHwQGUfCy4wCky/MstnVZkHMl1 T8v0exE3MqX5YJ59aracbfokrOq1gzzUY9rRWDobG9vLnF+BOA7BXrtIYLYTgLAYjX9/ 9u4w== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@kernel.org header.s=default header.b=Nnolaoxb; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id u5si4051742otg.66.2020.01.30.11.20.19; Thu, 30 Jan 2020 11:20:31 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@kernel.org header.s=default header.b=Nnolaoxb; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1731178AbgA3SqT (ORCPT + 99 others); Thu, 30 Jan 2020 13:46:19 -0500 Received: from mail.kernel.org ([198.145.29.99]:56020 "EHLO mail.kernel.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1730878AbgA3SqJ (ORCPT ); Thu, 30 Jan 2020 13:46:09 -0500 Received: from localhost (83-86-89-107.cable.dynamic.v4.ziggo.nl [83.86.89.107]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPSA id 3FC0820674; Thu, 30 Jan 2020 18:46:08 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=default; t=1580409968; bh=bGoDS0mBgh3I4daVnCZ7k2qTbcUa8RGgkJZ9QH04wi4=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=NnolaoxbQTSfpwxtw+DiFBfkXzkj3SNxfW5gpN6UBwn+ItF5ZJl/xxEeLE26qcd7A mP26B6z63pEXpAB3ByHgpGmosGbEd8K+ZihSJy81QAPHtDSGdi1Da5ykb9f5Nto48Z 13jnMEywMROin7QMs66+AG4wvD0l9ZA5tlP/lVfk= From: Greg Kroah-Hartman To: linux-kernel@vger.kernel.org Cc: Greg Kroah-Hartman , stable@vger.kernel.org, Erhard Furtner , Ard Biesheuvel , Michael Ellerman , Daniel Axtens , Herbert Xu Subject: [PATCH 5.4 105/110] crypto: vmx - reject xts inputs that are too short Date: Thu, 30 Jan 2020 19:39:21 +0100 Message-Id: <20200130183625.934298628@linuxfoundation.org> X-Mailer: git-send-email 2.25.0 In-Reply-To: <20200130183613.810054545@linuxfoundation.org> References: <20200130183613.810054545@linuxfoundation.org> User-Agent: quilt/0.66 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org From: Daniel Axtens commit 1372a51b88fa0d5a8ed2803e4975c98da3f08463 upstream. When the kernel XTS implementation was extended to deal with ciphertext stealing in commit 8083b1bf8163 ("crypto: xts - add support for ciphertext stealing"), a check was added to reject inputs that were too short. However, in the vmx enablement - commit 239668419349 ("crypto: vmx/xts - use fallback for ciphertext stealing"), that check wasn't added to the vmx implementation. This disparity leads to errors like the following: alg: skcipher: p8_aes_xts encryption unexpectedly succeeded on test vector "random: len=0 klen=64"; expected_error=-22, cfg="random: inplace may_sleep use_finup src_divs=[66.99%@+10, 33.1%@alignmask+1155]" Return -EINVAL if asked to operate with a cryptlen smaller than the AES block size. This brings vmx in line with the generic implementation. Reported-by: Erhard Furtner Link: https://bugzilla.kernel.org/show_bug.cgi?id=206049 Fixes: 239668419349 ("crypto: vmx/xts - use fallback for ciphertext stealing") Cc: Ard Biesheuvel Cc: stable@vger.kernel.org # v5.4+ Signed-off-by: Michael Ellerman [dja: commit message] Signed-off-by: Daniel Axtens Signed-off-by: Herbert Xu Signed-off-by: Greg Kroah-Hartman --- drivers/crypto/vmx/aes_xts.c | 3 +++ 1 file changed, 3 insertions(+) --- a/drivers/crypto/vmx/aes_xts.c +++ b/drivers/crypto/vmx/aes_xts.c @@ -84,6 +84,9 @@ static int p8_aes_xts_crypt(struct skcip u8 tweak[AES_BLOCK_SIZE]; int ret; + if (req->cryptlen < AES_BLOCK_SIZE) + return -EINVAL; + if (!crypto_simd_usable() || (req->cryptlen % XTS_BLOCK_SIZE) != 0) { struct skcipher_request *subreq = skcipher_request_ctx(req);