diff options
Diffstat (limited to 'arch/s390/crypto/aes_s390.c')
| -rw-r--r-- | arch/s390/crypto/aes_s390.c | 50 |
1 files changed, 29 insertions, 21 deletions
diff --git a/arch/s390/crypto/aes_s390.c b/arch/s390/crypto/aes_s390.c index 46cae138ece2..b3feabd39f31 100644 --- a/arch/s390/crypto/aes_s390.c +++ b/arch/s390/crypto/aes_s390.c | |||
| @@ -35,7 +35,6 @@ static u8 *ctrblk; | |||
| 35 | static char keylen_flag; | 35 | static char keylen_flag; |
| 36 | 36 | ||
| 37 | struct s390_aes_ctx { | 37 | struct s390_aes_ctx { |
| 38 | u8 iv[AES_BLOCK_SIZE]; | ||
| 39 | u8 key[AES_MAX_KEY_SIZE]; | 38 | u8 key[AES_MAX_KEY_SIZE]; |
| 40 | long enc; | 39 | long enc; |
| 41 | long dec; | 40 | long dec; |
| @@ -56,8 +55,7 @@ struct pcc_param { | |||
| 56 | 55 | ||
| 57 | struct s390_xts_ctx { | 56 | struct s390_xts_ctx { |
| 58 | u8 key[32]; | 57 | u8 key[32]; |
| 59 | u8 xts_param[16]; | 58 | u8 pcc_key[32]; |
| 60 | struct pcc_param pcc; | ||
| 61 | long enc; | 59 | long enc; |
| 62 | long dec; | 60 | long dec; |
| 63 | int key_len; | 61 | int key_len; |
| @@ -441,30 +439,36 @@ static int cbc_aes_set_key(struct crypto_tfm *tfm, const u8 *in_key, | |||
| 441 | return aes_set_key(tfm, in_key, key_len); | 439 | return aes_set_key(tfm, in_key, key_len); |
| 442 | } | 440 | } |
| 443 | 441 | ||
| 444 | static int cbc_aes_crypt(struct blkcipher_desc *desc, long func, void *param, | 442 | static int cbc_aes_crypt(struct blkcipher_desc *desc, long func, |
| 445 | struct blkcipher_walk *walk) | 443 | struct blkcipher_walk *walk) |
| 446 | { | 444 | { |
| 445 | struct s390_aes_ctx *sctx = crypto_blkcipher_ctx(desc->tfm); | ||
| 447 | int ret = blkcipher_walk_virt(desc, walk); | 446 | int ret = blkcipher_walk_virt(desc, walk); |
| 448 | unsigned int nbytes = walk->nbytes; | 447 | unsigned int nbytes = walk->nbytes; |
| 448 | struct { | ||
| 449 | u8 iv[AES_BLOCK_SIZE]; | ||
| 450 | u8 key[AES_MAX_KEY_SIZE]; | ||
| 451 | } param; | ||
| 449 | 452 | ||
| 450 | if (!nbytes) | 453 | if (!nbytes) |
| 451 | goto out; | 454 | goto out; |
| 452 | 455 | ||
| 453 | memcpy(param, walk->iv, AES_BLOCK_SIZE); | 456 | memcpy(param.iv, walk->iv, AES_BLOCK_SIZE); |
| 457 | memcpy(param.key, sctx->key, sctx->key_len); | ||
| 454 | do { | 458 | do { |
| 455 | /* only use complete blocks */ | 459 | /* only use complete blocks */ |
| 456 | unsigned int n = nbytes & ~(AES_BLOCK_SIZE - 1); | 460 | unsigned int n = nbytes & ~(AES_BLOCK_SIZE - 1); |
| 457 | u8 *out = walk->dst.virt.addr; | 461 | u8 *out = walk->dst.virt.addr; |
| 458 | u8 *in = walk->src.virt.addr; | 462 | u8 *in = walk->src.virt.addr; |
| 459 | 463 | ||
| 460 | ret = crypt_s390_kmc(func, param, out, in, n); | 464 | ret = crypt_s390_kmc(func, ¶m, out, in, n); |
| 461 | if (ret < 0 || ret != n) | 465 | if (ret < 0 || ret != n) |
| 462 | return -EIO; | 466 | return -EIO; |
| 463 | 467 | ||
| 464 | nbytes &= AES_BLOCK_SIZE - 1; | 468 | nbytes &= AES_BLOCK_SIZE - 1; |
| 465 | ret = blkcipher_walk_done(desc, walk, nbytes); | 469 | ret = blkcipher_walk_done(desc, walk, nbytes); |
| 466 | } while ((nbytes = walk->nbytes)); | 470 | } while ((nbytes = walk->nbytes)); |
| 467 | memcpy(walk->iv, param, AES_BLOCK_SIZE); | 471 | memcpy(walk->iv, param.iv, AES_BLOCK_SIZE); |
| 468 | 472 | ||
| 469 | out: | 473 | out: |
| 470 | return ret; | 474 | return ret; |
| @@ -481,7 +485,7 @@ static int cbc_aes_encrypt(struct blkcipher_desc *desc, | |||
| 481 | return fallback_blk_enc(desc, dst, src, nbytes); | 485 | return fallback_blk_enc(desc, dst, src, nbytes); |
| 482 | 486 | ||
| 483 | blkcipher_walk_init(&walk, dst, src, nbytes); | 487 | blkcipher_walk_init(&walk, dst, src, nbytes); |
| 484 | return cbc_aes_crypt(desc, sctx->enc, sctx->iv, &walk); | 488 | return cbc_aes_crypt(desc, sctx->enc, &walk); |
| 485 | } | 489 | } |
| 486 | 490 | ||
| 487 | static int cbc_aes_decrypt(struct blkcipher_desc *desc, | 491 | static int cbc_aes_decrypt(struct blkcipher_desc *desc, |
| @@ -495,7 +499,7 @@ static int cbc_aes_decrypt(struct blkcipher_desc *desc, | |||
| 495 | return fallback_blk_dec(desc, dst, src, nbytes); | 499 | return fallback_blk_dec(desc, dst, src, nbytes); |
| 496 | 500 | ||
| 497 | blkcipher_walk_init(&walk, dst, src, nbytes); | 501 | blkcipher_walk_init(&walk, dst, src, nbytes); |
| 498 | return cbc_aes_crypt(desc, sctx->dec, sctx->iv, &walk); | 502 | return cbc_aes_crypt(desc, sctx->dec, &walk); |
| 499 | } | 503 | } |
| 500 | 504 | ||
| 501 | static struct crypto_alg cbc_aes_alg = { | 505 | static struct crypto_alg cbc_aes_alg = { |
| @@ -586,7 +590,7 @@ static int xts_aes_set_key(struct crypto_tfm *tfm, const u8 *in_key, | |||
| 586 | xts_ctx->enc = KM_XTS_128_ENCRYPT; | 590 | xts_ctx->enc = KM_XTS_128_ENCRYPT; |
| 587 | xts_ctx->dec = KM_XTS_128_DECRYPT; | 591 | xts_ctx->dec = KM_XTS_128_DECRYPT; |
| 588 | memcpy(xts_ctx->key + 16, in_key, 16); | 592 | memcpy(xts_ctx->key + 16, in_key, 16); |
| 589 | memcpy(xts_ctx->pcc.key + 16, in_key + 16, 16); | 593 | memcpy(xts_ctx->pcc_key + 16, in_key + 16, 16); |
| 590 | break; | 594 | break; |
| 591 | case 48: | 595 | case 48: |
| 592 | xts_ctx->enc = 0; | 596 | xts_ctx->enc = 0; |
| @@ -597,7 +601,7 @@ static int xts_aes_set_key(struct crypto_tfm *tfm, const u8 *in_key, | |||
| 597 | xts_ctx->enc = KM_XTS_256_ENCRYPT; | 601 | xts_ctx->enc = KM_XTS_256_ENCRYPT; |
| 598 | xts_ctx->dec = KM_XTS_256_DECRYPT; | 602 | xts_ctx->dec = KM_XTS_256_DECRYPT; |
| 599 | memcpy(xts_ctx->key, in_key, 32); | 603 | memcpy(xts_ctx->key, in_key, 32); |
| 600 | memcpy(xts_ctx->pcc.key, in_key + 32, 32); | 604 | memcpy(xts_ctx->pcc_key, in_key + 32, 32); |
| 601 | break; | 605 | break; |
| 602 | default: | 606 | default: |
| 603 | *flags |= CRYPTO_TFM_RES_BAD_KEY_LEN; | 607 | *flags |= CRYPTO_TFM_RES_BAD_KEY_LEN; |
| @@ -616,29 +620,33 @@ static int xts_aes_crypt(struct blkcipher_desc *desc, long func, | |||
| 616 | unsigned int nbytes = walk->nbytes; | 620 | unsigned int nbytes = walk->nbytes; |
| 617 | unsigned int n; | 621 | unsigned int n; |
| 618 | u8 *in, *out; | 622 | u8 *in, *out; |
| 619 | void *param; | 623 | struct pcc_param pcc_param; |
| 624 | struct { | ||
| 625 | u8 key[32]; | ||
| 626 | u8 init[16]; | ||
| 627 | } xts_param; | ||
| 620 | 628 | ||
| 621 | if (!nbytes) | 629 | if (!nbytes) |
| 622 | goto out; | 630 | goto out; |
| 623 | 631 | ||
| 624 | memset(xts_ctx->pcc.block, 0, sizeof(xts_ctx->pcc.block)); | 632 | memset(pcc_param.block, 0, sizeof(pcc_param.block)); |
| 625 | memset(xts_ctx->pcc.bit, 0, sizeof(xts_ctx->pcc.bit)); | 633 | memset(pcc_param.bit, 0, sizeof(pcc_param.bit)); |
| 626 | memset(xts_ctx->pcc.xts, 0, sizeof(xts_ctx->pcc.xts)); | 634 | memset(pcc_param.xts, 0, sizeof(pcc_param.xts)); |
| 627 | memcpy(xts_ctx->pcc.tweak, walk->iv, sizeof(xts_ctx->pcc.tweak)); | 635 | memcpy(pcc_param.tweak, walk->iv, sizeof(pcc_param.tweak)); |
| 628 | param = xts_ctx->pcc.key + offset; | 636 | memcpy(pcc_param.key, xts_ctx->pcc_key, 32); |
| 629 | ret = crypt_s390_pcc(func, param); | 637 | ret = crypt_s390_pcc(func, &pcc_param.key[offset]); |
| 630 | if (ret < 0) | 638 | if (ret < 0) |
| 631 | return -EIO; | 639 | return -EIO; |
| 632 | 640 | ||
| 633 | memcpy(xts_ctx->xts_param, xts_ctx->pcc.xts, 16); | 641 | memcpy(xts_param.key, xts_ctx->key, 32); |
| 634 | param = xts_ctx->key + offset; | 642 | memcpy(xts_param.init, pcc_param.xts, 16); |
| 635 | do { | 643 | do { |
| 636 | /* only use complete blocks */ | 644 | /* only use complete blocks */ |
| 637 | n = nbytes & ~(AES_BLOCK_SIZE - 1); | 645 | n = nbytes & ~(AES_BLOCK_SIZE - 1); |
| 638 | out = walk->dst.virt.addr; | 646 | out = walk->dst.virt.addr; |
| 639 | in = walk->src.virt.addr; | 647 | in = walk->src.virt.addr; |
| 640 | 648 | ||
| 641 | ret = crypt_s390_km(func, param, out, in, n); | 649 | ret = crypt_s390_km(func, &xts_param.key[offset], out, in, n); |
| 642 | if (ret < 0 || ret != n) | 650 | if (ret < 0 || ret != n) |
| 643 | return -EIO; | 651 | return -EIO; |
| 644 | 652 | ||