[feisty][PATCH] CRYPTO-geode-Fix-in-place-operations-and-set-key (CVE-2007-2451)

Phillip lougher phillip at lougher.demon.co.uk
Tue Jun 5 12:58:24 UTC 2007 

>From 430d610594ea889ae948c1c9505d60719572a5b1 Mon Sep 17 00:00:00 2001
From: Jordan Crouse <jordan.crouse at amd.com>
Date: Thu, 24 May 2007 21:23:24 +1000
Subject: [PATCH] [CRYPTO] geode: Fix in-place operations and set key (CVE-2007-2451)

Allow in-place crypto operations.  Also remove the coherent user flag
(we use it automagically now), and by default use the user written
key rather then the HW hidden key - this makes crypto just work without
any special considerations, and thats OK, since its our only usage
model.

Signed-off-by: Jordan Crouse <jordan.crouse at amd.com>
Signed-off-by: Herbert Xu <herbert at gondor.apana.org.au>
(cherry picked from commit 761e784673d79c8ea9befdad31e30c65e0d20b82)
---
 drivers/crypto/geode-aes.c |   12 +++++++++---
 drivers/crypto/geode-aes.h |    3 +--
 2 files changed, 10 insertions(+), 5 deletions(-)

diff --git a/drivers/crypto/geode-aes.c b/drivers/crypto/geode-aes.c
index 43a6839..9dbb218 100644
--- a/drivers/crypto/geode-aes.c
+++ b/drivers/crypto/geode-aes.c
@@ -104,10 +104,15 @@ geode_aes_crypt(struct geode_aes_op *op)
 	u32 flags = 0;
 	int iflags;
 
-	if (op->len == 0 || op->src == op->dst)
+	if (op->len == 0)
 		return 0;
 
-	if (op->flags & AES_FLAGS_COHERENT)
+	/* If the source and destination is the same, then
+	 * we need to turn on the coherent flags, otherwise
+	 * we don't need to worry
+	 */
+
+	if (op->src == op->dst)
 		flags |= (AES_CTRL_DCA | AES_CTRL_SCA);
 
 	if (op->dir == AES_DIR_ENCRYPT)
@@ -122,7 +127,7 @@ geode_aes_crypt(struct geode_aes_op *op)
 		_writefield(AES_WRITEIV0_REG, op->iv);
 	}
 
-	if (op->flags & AES_FLAGS_USRKEY) {
+	if (!(op->flags & AES_FLAGS_HIDDENKEY)) {
 		flags |= AES_CTRL_WRKEY;
 		_writefield(AES_WRITEKEY0_REG, op->key);
 	}
@@ -291,6 +296,7 @@ static struct crypto_alg geode_cbc_alg = {
 			.setkey			=	geode_setkey,
 			.encrypt		=	geode_cbc_encrypt,
 			.decrypt		=	geode_cbc_decrypt,
+			.ivsize			=	AES_IV_LENGTH,
 		}
 	}
 };
diff --git a/drivers/crypto/geode-aes.h b/drivers/crypto/geode-aes.h
index 8003a36..f479686 100644
--- a/drivers/crypto/geode-aes.h
+++ b/drivers/crypto/geode-aes.h
@@ -20,8 +20,7 @@
 #define AES_DIR_DECRYPT 0
 #define AES_DIR_ENCRYPT 1
 
-#define AES_FLAGS_USRKEY   (1 << 0)
-#define AES_FLAGS_COHERENT (1 << 1)
+#define AES_FLAGS_HIDDENKEY (1 << 0)
 
 struct geode_aes_op {
 
-- 
1.4.4.2

More information about the kernel-team mailing list