Skip to content

Commit

Permalink
s390/paes: fix PKEY_TYPE_EP11_AES handling for secure keyblobs
Browse files Browse the repository at this point in the history 
[ Upstream commit cba33db ]

Commit 'fa6999e326fe ("s390/pkey: support CCA and EP11 secure ECC
private keys")' introduced PKEY_TYPE_EP11_AES securekey blobs as a
supplement to the PKEY_TYPE_EP11 (which won't work in environments
with session-bound keys). This new keyblobs has a different maximum
size, so fix paes crypto module to accept also these larger keyblobs.

Fixes: fa6999e ("s390/pkey: support CCA and EP11 secure ECC private keys")
Signed-off-by: Holger Dengler <dengler@linux.ibm.com>
Reviewed-by: Ingo Franzki <ifranzki@linux.ibm.com>
Signed-off-by: Heiko Carstens <hca@linux.ibm.com>
Signed-off-by: Sasha Levin <sashal@kernel.org>
  • Loading branch information
@holger-dengler @gregkh
holger-dengler authored and gregkh committed Sep 13, 2023
1 parent f326e37 commit 14e37e0
Showing 1 changed file with 1 addition and 1 deletion.
2 changes: 1 addition & 1 deletion arch/s390/crypto/paes_s390.c
View file
Expand Up @@ -35,7 +35,7 @@
* and padding is also possible, the limits need to be generous.
*/
#define PAES_MIN_KEYSIZE 16
#define PAES_MAX_KEYSIZE 320
#define PAES_MAX_KEYSIZE MAXEP11AESKEYBLOBSIZE

static u8 *ctrblk;
static DEFINE_MUTEX(ctrblk_lock);
Expand Down

0 comments on commit 14e37e0

Please sign in to comment.