]>
Commit | Line | Data |
---|---|---|
eedc2696 GKH |
1 | From 2b5ac17463dcb2411fed506edcf259a89bb538ba Mon Sep 17 00:00:00 2001 |
2 | From: Gilad Ben-Yossef <gilad@benyossef.com> | |
3 | Date: Tue, 15 Jan 2019 15:43:17 +0200 | |
4 | Subject: crypto: ccree - don't copy zero size ciphertext | |
5 | ||
6 | From: Gilad Ben-Yossef <gilad@benyossef.com> | |
7 | ||
8 | commit 2b5ac17463dcb2411fed506edcf259a89bb538ba upstream. | |
9 | ||
10 | For decryption in CBC mode we need to save the last ciphertext block | |
11 | for use as the next IV. However, we were trying to do this also with | |
12 | zero sized ciphertext resulting in a panic. | |
13 | ||
14 | Fix this by only doing the copy if the ciphertext length is at least | |
15 | of IV size. | |
16 | ||
17 | Signed-off-by: Gilad Ben-Yossef <gilad@benyossef.com> | |
18 | Cc: stable@vger.kernel.org | |
19 | Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> | |
20 | Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> | |
21 | ||
22 | --- | |
23 | drivers/crypto/ccree/cc_cipher.c | 3 ++- | |
24 | 1 file changed, 2 insertions(+), 1 deletion(-) | |
25 | ||
26 | --- a/drivers/crypto/ccree/cc_cipher.c | |
27 | +++ b/drivers/crypto/ccree/cc_cipher.c | |
28 | @@ -783,7 +783,8 @@ static int cc_cipher_decrypt(struct skci | |
29 | ||
30 | memset(req_ctx, 0, sizeof(*req_ctx)); | |
31 | ||
32 | - if (ctx_p->cipher_mode == DRV_CIPHER_CBC) { | |
33 | + if ((ctx_p->cipher_mode == DRV_CIPHER_CBC) && | |
34 | + (req->cryptlen >= ivsize)) { | |
35 | ||
36 | /* Allocate and save the last IV sized bytes of the source, | |
37 | * which will be lost in case of in-place decryption. |