review.tizen.org Git - platform/kernel/linux-starfive.git/commit

author	Holger Dengler <dengler@linux.ibm.com>
	Tue, 25 Jul 2023 07:49:55 +0000 (09:49 +0200)
committer	Greg Kroah-Hartman <gregkh@linuxfoundation.org>
	Wed, 13 Sep 2023 07:42:29 +0000 (09:42 +0200)
commit	f98ea9abc1f7fc85ff0573f4db8f9696590b5c6b
tree	330dd8c4f07469d64f6a7c366fb8a593cd8716d4	tree \| snapshot
parent	87d452a076d121846fb743ad831c843e454fea80	commit \| diff

s390/pkey: fix PKEY_TYPE_EP11_AES handling in PKEY_GENSECK2 IOCTL

[ Upstream commit fb249ce7f7bfd8621a38e4ad401ba74b680786d4 ]

Commit 'fa6999e326fe ("s390/pkey: support CCA and EP11 secure ECC
private keys")' introduced PKEY_TYPE_EP11_AES for the PKEY_GENSECK2
IOCTL, to enable userspace to generate securekey blobs of this
type. Unfortunately, all PKEY_GENSECK2 IOCTL requests for
PKEY_TYPE_EP11_AES return with an error (-EINVAL). Fix the handling
for PKEY_TYPE_EP11_AES in PKEY_GENSECK2 IOCTL, so that userspace can
generate securekey blobs of this type.

The start of the header and the keyblob, as well as the length need
special handling, depending on the internal keyversion. Add a helper
function that splits an uninitialized buffer into start and size of
the header as well as start and size of the payload, depending on the
requested keyversion.

Do the header-related calculations and the raw genkey request handling
in separate functions. Use the raw genkey request function for
internal purposes.

Fixes: fa6999e326fe ("s390/pkey: support CCA and EP11 secure ECC private keys")
Signed-off-by: Holger Dengler <dengler@linux.ibm.com>
Reviewed-by: Ingo Franzki <ifranzki@linux.ibm.com>
Signed-off-by: Heiko Carstens <hca@linux.ibm.com>
Signed-off-by: Sasha Levin <sashal@kernel.org>

drivers/s390/crypto/pkey_api.c		diff \| blob \| history
drivers/s390/crypto/zcrypt_ep11misc.c		diff \| blob \| history
drivers/s390/crypto/zcrypt_ep11misc.h		diff \| blob \| history