tjh.dev / kernel
Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
kernel os linux
fork atom

s390/pkey: do not use struct pkey_protkey

This is an internal rework of the pkey code to not use the
struct pkey_protkey internal any more. This struct has a hard
coded protected key buffer with MAXPROTKEYSIZE = 64 bytes.
However, with support for ECC protected key, this limit is
too short and thus this patch reworks all the internal code
to use the triple u8 *protkey, u32 protkeylen, u32 protkeytype
instead. So the ioctl which still has to deal with this struct
coming from userspace and/or provided to userspace invoke all
the internal functions now with the triple instead of passing
a pointer to struct pkey_protkey.

Also the struct pkey_clrkey has been internally replaced in
a similar way. This struct also has a hard coded clear key
buffer of MAXCLRKEYSIZE = 32 bytes and thus is not usable with
e.g. ECC clear key material.

This is a transparent rework for userspace applications using
the pkey API. The internal kernel API used by the PAES crypto
ciphers has been adapted to this change to make it possible
to provide ECC protected keys via this interface in the future.

Signed-off-by: Harald Freudenberger <freude@linux.ibm.com>
Reviewed-by: Holger Dengler <dengler@linux.ibm.com>
Signed-off-by: Alexander Gordeev <agordeev@linux.ibm.com>

authored by

Harald Freudenberger and committed by
Alexander Gordeev f370f45c 46a29b03

+125 -83
+7 -2
arch/s390/crypto/paes_s390.c
··· 5 5 * s390 implementation of the AES Cipher Algorithm with protected keys. 6 6 * 7 7 * s390 Version: 8 - * Copyright IBM Corp. 2017,2020 8 + * Copyright IBM Corp. 2017, 2023 9 9 * Author(s): Martin Schwidefsky <schwidefsky@de.ibm.com> 10 10 * Harald Freudenberger <freude@de.ibm.com> 11 11 */ ··· 132 132 if (i > 0 && ret == -EAGAIN && in_task()) 133 133 if (msleep_interruptible(1000)) 134 134 return -EINTR; 135 - ret = pkey_keyblob2pkey(kb->key, kb->keylen, pk); 135 + ret = pkey_keyblob2pkey(kb->key, kb->keylen, 136 + pk->protkey, &pk->len, &pk->type); 136 137 if (ret == 0) 137 138 break; 138 139 } ··· 146 145 int ret; 147 146 struct pkey_protkey pkey; 148 147 148 + pkey.len = sizeof(pkey.protkey); 149 149 ret = __paes_keyblob2pkey(&ctx->kb, &pkey); 150 150 if (ret) 151 151 return ret; ··· 415 413 static inline int __xts_paes_convert_key(struct s390_pxts_ctx *ctx) 416 414 { 417 415 struct pkey_protkey pkey0, pkey1; 416 + 417 + pkey0.len = sizeof(pkey0.protkey); 418 + pkey1.len = sizeof(pkey1.protkey); 418 419 419 420 if (__paes_keyblob2pkey(&ctx->kb[0], &pkey0) || 420 421 __paes_keyblob2pkey(&ctx->kb[1], &pkey1))
+2 -2
arch/s390/include/asm/pkey.h
··· 2 2 /* 3 3 * Kernelspace interface to the pkey device driver 4 4 * 5 - * Copyright IBM Corp. 2016,2019 5 + * Copyright IBM Corp. 2016, 2023 6 6 * 7 7 * Author: Harald Freudenberger <freude@de.ibm.com> 8 8 * ··· 23 23 * @return 0 on success, negative errno value on failure 24 24 */ 25 25 int pkey_keyblob2pkey(const u8 *key, u32 keylen, 26 - struct pkey_protkey *protkey); 26 + u8 *protkey, u32 *protkeylen, u32 *protkeytype); 27 27 28 28 #endif /* _KAPI_PKEY_H */
+116 -79
drivers/s390/crypto/pkey_api.c
··· 34 34 #define KEYBLOBBUFSIZE 8192 /* key buffer size used for internal processing */ 35 35 #define PROTKEYBLOBBUFSIZE 256 /* protected key buffer size used internal */ 36 36 #define MAXAPQNSINLIST 64 /* max 64 apqns within a apqn list */ 37 + #define AES_WK_VP_SIZE 32 /* Size of WK VP block appended to a prot key */ 37 38 38 39 /* 39 40 * debug feature data and functions ··· 83 82 } __packed; 84 83 85 84 /* 86 - * Create a protected key from a clear key value. 85 + * Create a protected key from a clear key value via PCKMO instruction. 87 86 */ 88 - static int pkey_clr2protkey(u32 keytype, 89 - const struct pkey_clrkey *clrkey, 90 - struct pkey_protkey *protkey) 87 + static int pkey_clr2protkey(u32 keytype, const u8 *clrkey, 88 + u8 *protkey, u32 *protkeylen, u32 *protkeytype) 91 89 { 92 90 /* mask of available pckmo subfunctions */ 93 91 static cpacf_mask_t pckmo_functions; ··· 109 109 fc = CPACF_PCKMO_ENC_AES_256_KEY; 110 110 break; 111 111 default: 112 - DEBUG_ERR("%s unknown/unsupported keytype %d\n", 112 + DEBUG_ERR("%s unknown/unsupported keytype %u\n", 113 113 __func__, keytype); 114 + return -EINVAL; 115 + } 116 + 117 + if (*protkeylen < keysize + AES_WK_VP_SIZE) { 118 + DEBUG_ERR("%s prot key buffer size too small: %u < %d\n", 119 + __func__, *protkeylen, keysize + AES_WK_VP_SIZE); 114 120 return -EINVAL; 115 121 } 116 122 ··· 134 128 135 129 /* prepare param block */ 136 130 memset(paramblock, 0, sizeof(paramblock)); 137 - memcpy(paramblock, clrkey->clrkey, keysize); 131 + memcpy(paramblock, clrkey, keysize); 138 132 139 133 /* call the pckmo instruction */ 140 134 cpacf_pckmo(fc, paramblock); 141 135 142 - /* copy created protected key */ 143 - protkey->type = keytype; 144 - protkey->len = keysize + 32; 145 - memcpy(protkey->protkey, paramblock, keysize + 32); 136 + /* copy created protected key to key buffer including the wkvp block */ 137 + *protkeylen = keysize + AES_WK_VP_SIZE; 138 + memcpy(protkey, paramblock, *protkeylen); 139 + *protkeytype = keytype; 146 140 147 141 return 0; 148 142 } ··· 150 144 /* 151 145 * Find card and transform secure key into protected key. 152 146 */ 153 - static int pkey_skey2pkey(const u8 *key, struct pkey_protkey *pkey) 147 + static int pkey_skey2pkey(const u8 *key, u8 *protkey, 148 + u32 *protkeylen, u32 *protkeytype) 154 149 { 155 150 struct keytoken_header *hdr = (struct keytoken_header *)key; 156 151 u16 cardnr, domain; ··· 174 167 continue; 175 168 switch (hdr->version) { 176 169 case TOKVER_CCA_AES: 177 - rc = cca_sec2protkey(cardnr, domain, 178 - key, pkey->protkey, 179 - &pkey->len, &pkey->type); 170 + rc = cca_sec2protkey(cardnr, domain, key, 171 + protkey, protkeylen, protkeytype); 180 172 break; 181 173 case TOKVER_CCA_VLSC: 182 - rc = cca_cipher2protkey(cardnr, domain, 183 - key, pkey->protkey, 184 - &pkey->len, &pkey->type); 174 + rc = cca_cipher2protkey(cardnr, domain, key, 175 + protkey, protkeylen, 176 + protkeytype); 185 177 break; 186 178 default: 187 179 return -EINVAL; ··· 233 227 /* 234 228 * Find card and transform EP11 secure key into protected key. 235 229 */ 236 - static int pkey_ep11key2pkey(const u8 *key, struct pkey_protkey *pkey) 230 + static int pkey_ep11key2pkey(const u8 *key, u8 *protkey, 231 + u32 *protkeylen, u32 *protkeytype) 237 232 { 238 233 struct ep11keyblob *kb = (struct ep11keyblob *)key; 239 234 u32 nr_apqns, *apqns = NULL; ··· 253 246 for (rc = -ENODEV, i = 0; i < nr_apqns; i++) { 254 247 card = apqns[i] >> 16; 255 248 dom = apqns[i] & 0xFFFF; 256 - pkey->len = sizeof(pkey->protkey); 257 249 rc = ep11_kblob2protkey(card, dom, key, kb->head.len, 258 - pkey->protkey, &pkey->len, &pkey->type); 250 + protkey, protkeylen, protkeytype); 259 251 if (rc == 0) 260 252 break; 261 253 } ··· 312 306 /* 313 307 * Generate a random protected key 314 308 */ 315 - static int pkey_genprotkey(u32 keytype, struct pkey_protkey *protkey) 309 + static int pkey_genprotkey(u32 keytype, u8 *protkey, 310 + u32 *protkeylen, u32 *protkeytype) 316 311 { 317 - struct pkey_clrkey clrkey; 312 + u8 clrkey[32]; 318 313 int keysize; 319 314 int rc; 320 315 ··· 336 329 } 337 330 338 331 /* generate a dummy random clear key */ 339 - get_random_bytes(clrkey.clrkey, keysize); 332 + get_random_bytes(clrkey, keysize); 340 333 341 334 /* convert it to a dummy protected key */ 342 - rc = pkey_clr2protkey(keytype, &clrkey, protkey); 335 + rc = pkey_clr2protkey(keytype, clrkey, 336 + protkey, protkeylen, protkeytype); 343 337 if (rc) 344 338 return rc; 345 339 346 340 /* replace the key part of the protected key with random bytes */ 347 - get_random_bytes(protkey->protkey, keysize); 341 + get_random_bytes(protkey, keysize); 348 342 349 343 return 0; 350 344 } ··· 353 345 /* 354 346 * Verify if a protected key is still valid 355 347 */ 356 - static int pkey_verifyprotkey(const struct pkey_protkey *protkey) 348 + static int pkey_verifyprotkey(const u8 *protkey, u32 protkeylen, 349 + u32 protkeytype) 357 350 { 358 351 struct { 359 352 u8 iv[AES_BLOCK_SIZE]; ··· 362 353 } param; 363 354 u8 null_msg[AES_BLOCK_SIZE]; 364 355 u8 dest_buf[AES_BLOCK_SIZE]; 356 + unsigned int k, pkeylen; 365 357 unsigned long fc; 366 - unsigned int k; 367 358 368 - switch (protkey->type) { 359 + switch (protkeytype) { 369 360 case PKEY_KEYTYPE_AES_128: 361 + pkeylen = 16 + AES_WK_VP_SIZE; 370 362 fc = CPACF_KMC_PAES_128; 371 363 break; 372 364 case PKEY_KEYTYPE_AES_192: 365 + pkeylen = 24 + AES_WK_VP_SIZE; 373 366 fc = CPACF_KMC_PAES_192; 374 367 break; 375 368 case PKEY_KEYTYPE_AES_256: 369 + pkeylen = 32 + AES_WK_VP_SIZE; 376 370 fc = CPACF_KMC_PAES_256; 377 371 break; 378 372 default: 379 - DEBUG_ERR("%s unknown/unsupported keytype %d\n", __func__, 380 - protkey->type); 373 + DEBUG_ERR("%s unknown/unsupported keytype %u\n", __func__, 374 + protkeytype); 375 + return -EINVAL; 376 + } 377 + if (protkeylen != pkeylen) { 378 + DEBUG_ERR("%s invalid protected key size %u for keytype %u\n", 379 + __func__, protkeylen, protkeytype); 381 380 return -EINVAL; 382 381 } 383 382 384 383 memset(null_msg, 0, sizeof(null_msg)); 385 384 386 385 memset(param.iv, 0, sizeof(param.iv)); 387 - memcpy(param.key, protkey->protkey, sizeof(param.key)); 386 + memcpy(param.key, protkey, protkeylen); 388 387 389 388 k = cpacf_kmc(fc | CPACF_ENCRYPT, &param, null_msg, dest_buf, 390 389 sizeof(null_msg)); ··· 408 391 * Transform a non-CCA key token into a protected key 409 392 */ 410 393 static int pkey_nonccatok2pkey(const u8 *key, u32 keylen, 411 - struct pkey_protkey *protkey) 394 + u8 *protkey, u32 *protkeylen, u32 *protkeytype) 412 395 { 413 396 struct keytoken_header *hdr = (struct keytoken_header *)key; 414 397 u8 *tmpbuf = NULL; ··· 421 404 if (keylen != sizeof(struct protaeskeytoken)) 422 405 goto out; 423 406 t = (struct protaeskeytoken *)key; 424 - protkey->len = t->len; 425 - protkey->type = t->keytype; 426 - memcpy(protkey->protkey, t->protkey, 427 - sizeof(protkey->protkey)); 428 - rc = pkey_verifyprotkey(protkey); 407 + rc = pkey_verifyprotkey(t->protkey, t->len, t->keytype); 408 + if (rc) 409 + goto out; 410 + memcpy(protkey, t->protkey, t->len); 411 + *protkeylen = t->len; 412 + *protkeytype = t->keytype; 429 413 break; 430 414 } 431 415 case TOKVER_CLEAR_KEY: { ··· 456 438 goto out; 457 439 } 458 440 /* try direct way with the PCKMO instruction */ 459 - rc = pkey_clr2protkey(t->keytype, &ckey, protkey); 441 + rc = pkey_clr2protkey(t->keytype, ckey.clrkey, 442 + protkey, protkeylen, protkeytype); 460 443 if (rc == 0) 461 444 break; 462 445 /* PCKMO failed, so try the CCA secure key way */ ··· 465 446 rc = cca_clr2seckey(0xFFFF, 0xFFFF, t->keytype, 466 447 ckey.clrkey, tmpbuf); 467 448 if (rc == 0) 468 - rc = pkey_skey2pkey(tmpbuf, protkey); 449 + rc = pkey_skey2pkey(tmpbuf, 450 + protkey, protkeylen, protkeytype); 469 451 if (rc == 0) 470 452 break; 471 453 /* if the CCA way also failed, let's try via EP11 */ 472 454 rc = pkey_clr2ep11key(ckey.clrkey, t->len, 473 455 tmpbuf, &tmpbuflen); 474 456 if (rc == 0) 475 - rc = pkey_ep11key2pkey(tmpbuf, protkey); 457 + rc = pkey_ep11key2pkey(tmpbuf, 458 + protkey, protkeylen, protkeytype); 476 459 /* now we should really have an protected key */ 477 460 DEBUG_ERR("%s unable to build protected key from clear", 478 461 __func__); ··· 485 464 rc = ep11_check_aes_key(debug_info, 3, key, keylen, 1); 486 465 if (rc) 487 466 goto out; 488 - rc = pkey_ep11key2pkey(key, protkey); 467 + rc = pkey_ep11key2pkey(key, 468 + protkey, protkeylen, protkeytype); 489 469 break; 490 470 } 491 471 case TOKVER_EP11_AES_WITH_HEADER: ··· 495 473 if (rc) 496 474 goto out; 497 475 rc = pkey_ep11key2pkey(key + sizeof(struct ep11kblob_header), 498 - protkey); 476 + protkey, protkeylen, protkeytype); 499 477 break; 500 478 default: 501 479 DEBUG_ERR("%s unknown/unsupported non-CCA token version %d\n", ··· 512 490 * Transform a CCA internal key token into a protected key 513 491 */ 514 492 static int pkey_ccainttok2pkey(const u8 *key, u32 keylen, 515 - struct pkey_protkey *protkey) 493 + u8 *protkey, u32 *protkeylen, u32 *protkeytype) 516 494 { 517 495 struct keytoken_header *hdr = (struct keytoken_header *)key; 518 496 ··· 531 509 return -EINVAL; 532 510 } 533 511 534 - return pkey_skey2pkey(key, protkey); 512 + return pkey_skey2pkey(key, protkey, protkeylen, protkeytype); 535 513 } 536 514 537 515 /* 538 516 * Transform a key blob (of any type) into a protected key 539 517 */ 540 518 int pkey_keyblob2pkey(const u8 *key, u32 keylen, 541 - struct pkey_protkey *protkey) 519 + u8 *protkey, u32 *protkeylen, u32 *protkeytype) 542 520 { 543 521 struct keytoken_header *hdr = (struct keytoken_header *)key; 544 522 int rc; ··· 550 528 551 529 switch (hdr->type) { 552 530 case TOKTYPE_NON_CCA: 553 - rc = pkey_nonccatok2pkey(key, keylen, protkey); 531 + rc = pkey_nonccatok2pkey(key, keylen, 532 + protkey, protkeylen, protkeytype); 554 533 break; 555 534 case TOKTYPE_CCA_INTERNAL: 556 - rc = pkey_ccainttok2pkey(key, keylen, protkey); 535 + rc = pkey_ccainttok2pkey(key, keylen, 536 + protkey, protkeylen, protkeytype); 557 537 break; 558 538 default: 559 539 DEBUG_ERR("%s unknown/unsupported blob type %d\n", ··· 795 771 796 772 static int pkey_keyblob2pkey2(const struct pkey_apqn *apqns, size_t nr_apqns, 797 773 const u8 *key, size_t keylen, 798 - struct pkey_protkey *pkey) 774 + u8 *protkey, u32 *protkeylen, u32 *protkeytype) 799 775 { 800 776 struct keytoken_header *hdr = (struct keytoken_header *)key; 801 777 int i, card, dom, rc; ··· 830 806 if (ep11_check_aes_key(debug_info, 3, key, keylen, 1)) 831 807 return -EINVAL; 832 808 } else { 833 - return pkey_nonccatok2pkey(key, keylen, pkey); 809 + return pkey_nonccatok2pkey(key, keylen, 810 + protkey, protkeylen, 811 + protkeytype); 834 812 } 835 813 } else { 836 814 DEBUG_ERR("%s unknown/unsupported blob type %d\n", ··· 848 822 dom = apqns[i].domain; 849 823 if (hdr->type == TOKTYPE_CCA_INTERNAL && 850 824 hdr->version == TOKVER_CCA_AES) { 851 - rc = cca_sec2protkey(card, dom, key, pkey->protkey, 852 - &pkey->len, &pkey->type); 825 + rc = cca_sec2protkey(card, dom, key, 826 + protkey, protkeylen, protkeytype); 853 827 } else if (hdr->type == TOKTYPE_CCA_INTERNAL && 854 828 hdr->version == TOKVER_CCA_VLSC) { 855 - rc = cca_cipher2protkey(card, dom, key, pkey->protkey, 856 - &pkey->len, &pkey->type); 829 + rc = cca_cipher2protkey(card, dom, key, 830 + protkey, protkeylen, 831 + protkeytype); 857 832 } else { 858 833 /* EP11 AES secure key blob */ 859 834 struct ep11keyblob *kb = (struct ep11keyblob *)key; 860 835 861 - pkey->len = sizeof(pkey->protkey); 862 836 rc = ep11_kblob2protkey(card, dom, key, kb->head.len, 863 - pkey->protkey, &pkey->len, 864 - &pkey->type); 837 + protkey, protkeylen, 838 + protkeytype); 865 839 } 866 840 if (rc == 0) 867 841 break; ··· 1046 1020 } 1047 1021 1048 1022 static int pkey_keyblob2pkey3(const struct pkey_apqn *apqns, size_t nr_apqns, 1049 - const u8 *key, size_t keylen, u32 *protkeytype, 1050 - u8 *protkey, u32 *protkeylen) 1023 + const u8 *key, size_t keylen, 1024 + u8 *protkey, u32 *protkeylen, u32 *protkeytype) 1051 1025 { 1052 1026 struct keytoken_header *hdr = (struct keytoken_header *)key; 1053 1027 int i, card, dom, rc; ··· 1102 1076 if (cca_check_sececckeytoken(debug_info, 3, key, keylen, 1)) 1103 1077 return -EINVAL; 1104 1078 } else if (hdr->type == TOKTYPE_NON_CCA) { 1105 - struct pkey_protkey pkey; 1106 - 1107 - rc = pkey_nonccatok2pkey(key, keylen, &pkey); 1108 - if (rc) 1109 - return rc; 1110 - memcpy(protkey, pkey.protkey, pkey.len); 1111 - *protkeylen = pkey.len; 1112 - *protkeytype = pkey.type; 1113 - return 0; 1079 + return pkey_nonccatok2pkey(key, keylen, 1080 + protkey, protkeylen, protkeytype); 1114 1081 } else { 1115 1082 DEBUG_ERR("%s unknown/unsupported blob type %d\n", 1116 1083 __func__, hdr->type); ··· 1206 1187 1207 1188 if (copy_from_user(&ksp, usp, sizeof(ksp))) 1208 1189 return -EFAULT; 1190 + ksp.protkey.len = sizeof(ksp.protkey.protkey); 1209 1191 rc = cca_sec2protkey(ksp.cardnr, ksp.domain, 1210 1192 ksp.seckey.seckey, ksp.protkey.protkey, 1211 1193 &ksp.protkey.len, &ksp.protkey.type); ··· 1223 1203 1224 1204 if (copy_from_user(&kcp, ucp, sizeof(kcp))) 1225 1205 return -EFAULT; 1226 - rc = pkey_clr2protkey(kcp.keytype, 1227 - &kcp.clrkey, &kcp.protkey); 1206 + kcp.protkey.len = sizeof(kcp.protkey.protkey); 1207 + rc = pkey_clr2protkey(kcp.keytype, kcp.clrkey.clrkey, 1208 + kcp.protkey.protkey, 1209 + &kcp.protkey.len, &kcp.protkey.type); 1228 1210 DEBUG_DBG("%s pkey_clr2protkey()=%d\n", __func__, rc); 1229 1211 if (rc) 1230 1212 break; ··· 1256 1234 1257 1235 if (copy_from_user(&ksp, usp, sizeof(ksp))) 1258 1236 return -EFAULT; 1259 - rc = pkey_skey2pkey(ksp.seckey.seckey, &ksp.protkey); 1237 + ksp.protkey.len = sizeof(ksp.protkey.protkey); 1238 + rc = pkey_skey2pkey(ksp.seckey.seckey, ksp.protkey.protkey, 1239 + &ksp.protkey.len, &ksp.protkey.type); 1260 1240 DEBUG_DBG("%s pkey_skey2pkey()=%d\n", __func__, rc); 1261 1241 if (rc) 1262 1242 break; ··· 1287 1263 1288 1264 if (copy_from_user(&kgp, ugp, sizeof(kgp))) 1289 1265 return -EFAULT; 1290 - rc = pkey_genprotkey(kgp.keytype, &kgp.protkey); 1266 + kgp.protkey.len = sizeof(kgp.protkey.protkey); 1267 + rc = pkey_genprotkey(kgp.keytype, kgp.protkey.protkey, 1268 + &kgp.protkey.len, &kgp.protkey.type); 1291 1269 DEBUG_DBG("%s pkey_genprotkey()=%d\n", __func__, rc); 1292 1270 if (rc) 1293 1271 break; ··· 1303 1277 1304 1278 if (copy_from_user(&kvp, uvp, sizeof(kvp))) 1305 1279 return -EFAULT; 1306 - rc = pkey_verifyprotkey(&kvp.protkey); 1280 + rc = pkey_verifyprotkey(kvp.protkey.protkey, 1281 + kvp.protkey.len, kvp.protkey.type); 1307 1282 DEBUG_DBG("%s pkey_verifyprotkey()=%d\n", __func__, rc); 1308 1283 break; 1309 1284 } ··· 1318 1291 kkey = _copy_key_from_user(ktp.key, ktp.keylen); 1319 1292 if (IS_ERR(kkey)) 1320 1293 return PTR_ERR(kkey); 1321 - rc = pkey_keyblob2pkey(kkey, ktp.keylen, &ktp.protkey); 1294 + ktp.protkey.len = sizeof(ktp.protkey.protkey); 1295 + rc = pkey_keyblob2pkey(kkey, ktp.keylen, ktp.protkey.protkey, 1296 + &ktp.protkey.len, &ktp.protkey.type); 1322 1297 DEBUG_DBG("%s pkey_keyblob2pkey()=%d\n", __func__, rc); 1323 1298 memzero_explicit(kkey, ktp.keylen); 1324 1299 kfree(kkey); ··· 1452 1423 kfree(apqns); 1453 1424 return PTR_ERR(kkey); 1454 1425 } 1426 + ktp.protkey.len = sizeof(ktp.protkey.protkey); 1455 1427 rc = pkey_keyblob2pkey2(apqns, ktp.apqn_entries, 1456 - kkey, ktp.keylen, &ktp.protkey); 1428 + kkey, ktp.keylen, 1429 + ktp.protkey.protkey, &ktp.protkey.len, 1430 + &ktp.protkey.type); 1457 1431 DEBUG_DBG("%s pkey_keyblob2pkey2()=%d\n", __func__, rc); 1458 1432 kfree(apqns); 1459 1433 memzero_explicit(kkey, ktp.keylen); ··· 1581 1549 kfree(kkey); 1582 1550 return -ENOMEM; 1583 1551 } 1584 - rc = pkey_keyblob2pkey3(apqns, ktp.apqn_entries, kkey, 1585 - ktp.keylen, &ktp.pkeytype, 1586 - protkey, &protkeylen); 1552 + rc = pkey_keyblob2pkey3(apqns, ktp.apqn_entries, 1553 + kkey, ktp.keylen, 1554 + protkey, &protkeylen, &ktp.pkeytype); 1587 1555 DEBUG_DBG("%s pkey_keyblob2pkey3()=%d\n", __func__, rc); 1588 1556 kfree(apqns); 1589 1557 memzero_explicit(kkey, ktp.keylen); ··· 1644 1612 protkeytoken.version = TOKVER_PROTECTED_KEY; 1645 1613 protkeytoken.keytype = keytype; 1646 1614 1647 - rc = pkey_genprotkey(protkeytoken.keytype, &protkey); 1615 + protkey.len = sizeof(protkey.protkey); 1616 + rc = pkey_genprotkey(protkeytoken.keytype, 1617 + protkey.protkey, &protkey.len, &protkey.type); 1648 1618 if (rc) 1649 1619 return rc; 1650 1620 ··· 1656 1622 memcpy(buf, &protkeytoken, sizeof(protkeytoken)); 1657 1623 1658 1624 if (is_xts) { 1659 - rc = pkey_genprotkey(protkeytoken.keytype, &protkey); 1625 + /* xts needs a second protected key, reuse protkey struct */ 1626 + protkey.len = sizeof(protkey.protkey); 1627 + rc = pkey_genprotkey(protkeytoken.keytype, 1628 + protkey.protkey, &protkey.len, &protkey.type); 1660 1629 if (rc) 1661 1630 return rc; 1662 1631