Commit f7ab034d authored by Mikael Ylikoski's avatar Mikael Ylikoski Committed by David S. Miller

[IPSEC]: Fix oops using null ciper in CBC mode.

parent 68bc1ac9
No related merge requests found
...@@ -442,7 +442,6 @@ static struct crypto_alg aes_alg = { ...@@ -442,7 +442,6 @@ static struct crypto_alg aes_alg = {
.cipher = { .cipher = {
.cia_min_keysize = AES_MIN_KEY_SIZE, .cia_min_keysize = AES_MIN_KEY_SIZE,
.cia_max_keysize = AES_MAX_KEY_SIZE, .cia_max_keysize = AES_MAX_KEY_SIZE,
.cia_ivsize = AES_BLOCK_SIZE,
.cia_setkey = aes_set_key, .cia_setkey = aes_set_key,
.cia_encrypt = aes_encrypt, .cia_encrypt = aes_encrypt,
.cia_decrypt = aes_decrypt .cia_decrypt = aes_decrypt
......
...@@ -456,7 +456,6 @@ static struct crypto_alg alg = { ...@@ -456,7 +456,6 @@ static struct crypto_alg alg = {
.cra_u = { .cipher = { .cra_u = { .cipher = {
.cia_min_keysize = BF_MIN_KEY_SIZE, .cia_min_keysize = BF_MIN_KEY_SIZE,
.cia_max_keysize = BF_MAX_KEY_SIZE, .cia_max_keysize = BF_MAX_KEY_SIZE,
.cia_ivsize = BF_BLOCK_SIZE,
.cia_setkey = bf_setkey, .cia_setkey = bf_setkey,
.cia_encrypt = bf_encrypt, .cia_encrypt = bf_encrypt,
.cia_decrypt = bf_decrypt } } .cia_decrypt = bf_decrypt } }
......
...@@ -345,7 +345,6 @@ int crypto_init_cipher_flags(struct crypto_tfm *tfm, u32 flags) ...@@ -345,7 +345,6 @@ int crypto_init_cipher_flags(struct crypto_tfm *tfm, u32 flags)
int crypto_init_cipher_ops(struct crypto_tfm *tfm) int crypto_init_cipher_ops(struct crypto_tfm *tfm)
{ {
int ret = 0; int ret = 0;
struct crypto_alg *alg = tfm->__crt_alg;
struct cipher_tfm *ops = &tfm->crt_cipher; struct cipher_tfm *ops = &tfm->crt_cipher;
ops->cit_setkey = setkey; ops->cit_setkey = setkey;
...@@ -381,8 +380,7 @@ int crypto_init_cipher_ops(struct crypto_tfm *tfm) ...@@ -381,8 +380,7 @@ int crypto_init_cipher_ops(struct crypto_tfm *tfm)
BUG(); BUG();
} }
if (alg->cra_cipher.cia_ivsize && if (ops->cit_mode == CRYPTO_TFM_MODE_CBC) {
ops->cit_mode != CRYPTO_TFM_MODE_ECB) {
switch (crypto_tfm_alg_blocksize(tfm)) { switch (crypto_tfm_alg_blocksize(tfm)) {
case 8: case 8:
...@@ -401,7 +399,8 @@ int crypto_init_cipher_ops(struct crypto_tfm *tfm) ...@@ -401,7 +399,8 @@ int crypto_init_cipher_ops(struct crypto_tfm *tfm)
goto out; goto out;
} }
ops->cit_iv = kmalloc(alg->cra_cipher.cia_ivsize, GFP_KERNEL); ops->cit_ivsize = crypto_tfm_alg_blocksize(tfm);
ops->cit_iv = kmalloc(ops->cit_ivsize, GFP_KERNEL);
if (ops->cit_iv == NULL) if (ops->cit_iv == NULL)
ret = -ENOMEM; ret = -ENOMEM;
} }
......
...@@ -89,7 +89,6 @@ static struct crypto_alg cipher_null = { ...@@ -89,7 +89,6 @@ static struct crypto_alg cipher_null = {
.cra_u = { .cipher = { .cra_u = { .cipher = {
.cia_min_keysize = NULL_KEY_SIZE, .cia_min_keysize = NULL_KEY_SIZE,
.cia_max_keysize = NULL_KEY_SIZE, .cia_max_keysize = NULL_KEY_SIZE,
.cia_ivsize = 0,
.cia_setkey = null_setkey, .cia_setkey = null_setkey,
.cia_encrypt = null_encrypt, .cia_encrypt = null_encrypt,
.cia_decrypt = null_decrypt } } .cia_decrypt = null_decrypt } }
......
...@@ -1249,7 +1249,6 @@ static struct crypto_alg des_alg = { ...@@ -1249,7 +1249,6 @@ static struct crypto_alg des_alg = {
.cra_u = { .cipher = { .cra_u = { .cipher = {
.cia_min_keysize = DES_KEY_SIZE, .cia_min_keysize = DES_KEY_SIZE,
.cia_max_keysize = DES_KEY_SIZE, .cia_max_keysize = DES_KEY_SIZE,
.cia_ivsize = DES_BLOCK_SIZE,
.cia_setkey = des_setkey, .cia_setkey = des_setkey,
.cia_encrypt = des_encrypt, .cia_encrypt = des_encrypt,
.cia_decrypt = des_decrypt } } .cia_decrypt = des_decrypt } }
...@@ -1265,7 +1264,6 @@ static struct crypto_alg des3_ede_alg = { ...@@ -1265,7 +1264,6 @@ static struct crypto_alg des3_ede_alg = {
.cra_u = { .cipher = { .cra_u = { .cipher = {
.cia_min_keysize = DES3_EDE_KEY_SIZE, .cia_min_keysize = DES3_EDE_KEY_SIZE,
.cia_max_keysize = DES3_EDE_KEY_SIZE, .cia_max_keysize = DES3_EDE_KEY_SIZE,
.cia_ivsize = DES3_EDE_BLOCK_SIZE,
.cia_setkey = des3_ede_setkey, .cia_setkey = des3_ede_setkey,
.cia_encrypt = des3_ede_encrypt, .cia_encrypt = des3_ede_encrypt,
.cia_decrypt = des3_ede_decrypt } } .cia_decrypt = des3_ede_decrypt } }
......
...@@ -62,8 +62,6 @@ static int c_show(struct seq_file *m, void *p) ...@@ -62,8 +62,6 @@ static int c_show(struct seq_file *m, void *p)
alg->cra_cipher.cia_min_keysize); alg->cra_cipher.cia_min_keysize);
seq_printf(m, "max keysize : %u\n", seq_printf(m, "max keysize : %u\n",
alg->cra_cipher.cia_max_keysize); alg->cra_cipher.cia_max_keysize);
seq_printf(m, "ivsize : %u\n",
alg->cra_cipher.cia_ivsize);
break; break;
case CRYPTO_ALG_TYPE_DIGEST: case CRYPTO_ALG_TYPE_DIGEST:
......
...@@ -483,7 +483,6 @@ static struct crypto_alg serpent_alg = { ...@@ -483,7 +483,6 @@ static struct crypto_alg serpent_alg = {
.cra_u = { .cipher = { .cra_u = { .cipher = {
.cia_min_keysize = SERPENT_MIN_KEY_SIZE, .cia_min_keysize = SERPENT_MIN_KEY_SIZE,
.cia_max_keysize = SERPENT_MAX_KEY_SIZE, .cia_max_keysize = SERPENT_MAX_KEY_SIZE,
.cia_ivsize = SERPENT_BLOCK_SIZE,
.cia_setkey = setkey, .cia_setkey = setkey,
.cia_encrypt = encrypt, .cia_encrypt = encrypt,
.cia_decrypt = decrypt } } .cia_decrypt = decrypt } }
......
...@@ -877,7 +877,6 @@ static struct crypto_alg alg = { ...@@ -877,7 +877,6 @@ static struct crypto_alg alg = {
.cra_u = { .cipher = { .cra_u = { .cipher = {
.cia_min_keysize = TF_MIN_KEY_SIZE, .cia_min_keysize = TF_MIN_KEY_SIZE,
.cia_max_keysize = TF_MAX_KEY_SIZE, .cia_max_keysize = TF_MAX_KEY_SIZE,
.cia_ivsize = TF_BLOCK_SIZE,
.cia_setkey = twofish_setkey, .cia_setkey = twofish_setkey,
.cia_encrypt = twofish_encrypt, .cia_encrypt = twofish_encrypt,
.cia_decrypt = twofish_decrypt } } .cia_decrypt = twofish_decrypt } }
......
...@@ -65,7 +65,6 @@ struct scatterlist; ...@@ -65,7 +65,6 @@ struct scatterlist;
struct cipher_alg { struct cipher_alg {
unsigned int cia_min_keysize; unsigned int cia_min_keysize;
unsigned int cia_max_keysize; unsigned int cia_max_keysize;
unsigned int cia_ivsize;
int (*cia_setkey)(void *ctx, const u8 *key, int (*cia_setkey)(void *ctx, const u8 *key,
unsigned int keylen, u32 *flags); unsigned int keylen, u32 *flags);
void (*cia_encrypt)(void *ctx, u8 *dst, const u8 *src); void (*cia_encrypt)(void *ctx, u8 *dst, const u8 *src);
...@@ -128,6 +127,7 @@ struct crypto_tfm; ...@@ -128,6 +127,7 @@ struct crypto_tfm;
struct cipher_tfm { struct cipher_tfm {
void *cit_iv; void *cit_iv;
unsigned int cit_ivsize;
u32 cit_mode; u32 cit_mode;
int (*cit_setkey)(struct crypto_tfm *tfm, int (*cit_setkey)(struct crypto_tfm *tfm,
const u8 *key, unsigned int keylen); const u8 *key, unsigned int keylen);
...@@ -237,7 +237,7 @@ static inline unsigned int crypto_tfm_alg_max_keysize(struct crypto_tfm *tfm) ...@@ -237,7 +237,7 @@ static inline unsigned int crypto_tfm_alg_max_keysize(struct crypto_tfm *tfm)
static inline unsigned int crypto_tfm_alg_ivsize(struct crypto_tfm *tfm) static inline unsigned int crypto_tfm_alg_ivsize(struct crypto_tfm *tfm)
{ {
BUG_ON(crypto_tfm_alg_type(tfm) != CRYPTO_ALG_TYPE_CIPHER); BUG_ON(crypto_tfm_alg_type(tfm) != CRYPTO_ALG_TYPE_CIPHER);
return tfm->__crt_alg->cra_cipher.cia_ivsize; return tfm->crt_cipher.cit_ivsize;
} }
static inline unsigned int crypto_tfm_alg_blocksize(struct crypto_tfm *tfm) static inline unsigned int crypto_tfm_alg_blocksize(struct crypto_tfm *tfm)
......
...@@ -505,6 +505,9 @@ int esp_init_state(struct xfrm_state *x, void *args) ...@@ -505,6 +505,9 @@ int esp_init_state(struct xfrm_state *x, void *args)
} }
esp->conf.key = x->ealg->alg_key; esp->conf.key = x->ealg->alg_key;
esp->conf.key_len = (x->ealg->alg_key_len+7)/8; esp->conf.key_len = (x->ealg->alg_key_len+7)/8;
if (x->props.ealgo == SADB_EALG_NULL)
esp->conf.tfm = crypto_alloc_tfm(x->ealg->alg_name, CRYPTO_TFM_MODE_ECB);
else
esp->conf.tfm = crypto_alloc_tfm(x->ealg->alg_name, CRYPTO_TFM_MODE_CBC); esp->conf.tfm = crypto_alloc_tfm(x->ealg->alg_name, CRYPTO_TFM_MODE_CBC);
if (esp->conf.tfm == NULL) if (esp->conf.tfm == NULL)
goto error; goto error;
......
...@@ -409,6 +409,9 @@ int esp6_init_state(struct xfrm_state *x, void *args) ...@@ -409,6 +409,9 @@ int esp6_init_state(struct xfrm_state *x, void *args)
} }
esp->conf.key = x->ealg->alg_key; esp->conf.key = x->ealg->alg_key;
esp->conf.key_len = (x->ealg->alg_key_len+7)/8; esp->conf.key_len = (x->ealg->alg_key_len+7)/8;
if (x->props.ealgo == SADB_EALG_NULL)
esp->conf.tfm = crypto_alloc_tfm(x->ealg->alg_name, CRYPTO_TFM_MODE_ECB);
else
esp->conf.tfm = crypto_alloc_tfm(x->ealg->alg_name, CRYPTO_TFM_MODE_CBC); esp->conf.tfm = crypto_alloc_tfm(x->ealg->alg_name, CRYPTO_TFM_MODE_CBC);
if (esp->conf.tfm == NULL) if (esp->conf.tfm == NULL)
goto error; goto error;
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment