crypto: s390/sha512 - Fix sha512 state size

Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git

kernel os linux

The sha512 state size in s390_sha_ctx is out by a factor of 8,
fix it so that it stays below HASH_MAX_DESCSIZE. Also fix the
state init function which was writing garbage to the state. Luckily
this is not actually used for anything other than export.

Reported-by: Harald Freudenberger <freude@linux.ibm.com>
Fixes: 572b5c4682c7 ("crypto: s390/sha512 - Use API partial block handling")
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>

Herbert Xu 11 months ago 5b39aa36 2dfc7cd7

+8 -8

2 changed files

expand all

arch

s390

crypto

sha.h

sha512_s390.c

+1 -1

arch/s390/crypto/sha.h

··· 24 24 union { 25 25 u32 state[CPACF_MAX_PARMBLOCK_SIZE / sizeof(u32)]; 26 26 struct { 27 - u64 state[SHA512_DIGEST_SIZE]; 27 + u64 state[SHA512_DIGEST_SIZE / sizeof(u64)]; 28 28 u64 count_hi; 29 29 } sha512; 30 30 };

+7 -7

arch/s390/crypto/sha512_s390.c

··· 22 22 struct s390_sha_ctx *ctx = shash_desc_ctx(desc); 23 23 24 24 ctx->sha512.state[0] = SHA512_H0; 25 - ctx->sha512.state[2] = SHA512_H1; 26 - ctx->sha512.state[4] = SHA512_H2; 27 - ctx->sha512.state[6] = SHA512_H3; 28 - ctx->sha512.state[8] = SHA512_H4; 29 - ctx->sha512.state[10] = SHA512_H5; 30 - ctx->sha512.state[12] = SHA512_H6; 31 - ctx->sha512.state[14] = SHA512_H7; 25 + ctx->sha512.state[1] = SHA512_H1; 26 + ctx->sha512.state[2] = SHA512_H2; 27 + ctx->sha512.state[3] = SHA512_H3; 28 + ctx->sha512.state[4] = SHA512_H4; 29 + ctx->sha512.state[5] = SHA512_H5; 30 + ctx->sha512.state[6] = SHA512_H6; 31 + ctx->sha512.state[7] = SHA512_H7; 32 32 ctx->count = 0; 33 33 ctx->sha512.count_hi = 0; 34 34 ctx->func = CPACF_KIMD_SHA_512;