s390/pkey: fix/harmonize internal keyblob headers

Commit 'fa6999e326fe ("s390/pkey: support CCA and EP11 secure ECC
private keys")' introduced PKEY_TYPE_EP11_AES as a supplement to
PKEY_TYPE_EP11. All pkeys have an internal header/payload structure,
which is opaque to the userspace. The header structures for
PKEY_TYPE_EP11 and PKEY_TYPE_EP11_AES are nearly identical and there
is no reason, why different structures are used. In preparation to fix
the keyversion handling in the broken PKEY IOCTLs, the same header
structure is used for PKEY_TYPE_EP11 and PKEY_TYPE_EP11_AES. This
reduces the number of different code paths and increases the
readability.

Fixes: fa6999e326fe ("s390/pkey: support CCA and EP11 secure ECC private keys")
Signed-off-by: Holger Dengler <dengler@linux.ibm.com>
Reviewed-by: Ingo Franzki <ifranzki@linux.ibm.com>
Signed-off-by: Heiko Carstens <hca@linux.ibm.com>

diff --git a/drivers/s390/crypto/pkey_api.c b/drivers/s390/crypto/pkey_api.c
index e58bfd2253231d93203d8fe09b2a926bc7d85cd9..ba8581e0809cd39f72ec7364fc95f1d318f128e7 100644 (file)
--- a/drivers/s390/crypto/pkey_api.c
+++ b/drivers/s390/crypto/pkey_api.c
@@ -895,7 +895,7 @@ static int pkey_verifykey2(const u8 *key, size_t keylen,
                if (ktype)
                        *ktype = PKEY_TYPE_EP11;
                if (ksize)
-                       *ksize = kb->head.keybitlen;
+                       *ksize = kb->head.bitlen;
 
                rc = ep11_findcard2(&_apqns, &_nr_apqns, *cardnr, *domain,
                                    ZCRYPT_CEX7, EP11_API_V, kb->wkvp);

diff --git a/drivers/s390/crypto/zcrypt_ep11misc.c b/drivers/s390/crypto/zcrypt_ep11misc.c
index 958f5ee47f1b093b70c6f4d4500215dec43a988c..d7ecd6ce5b7a7ff2b5864fde7b3d60965e469b4e 100644 (file)
--- a/drivers/s390/crypto/zcrypt_ep11misc.c
+++ b/drivers/s390/crypto/zcrypt_ep11misc.c
@@ -787,7 +787,7 @@ int ep11_genaeskey(u16 card, u16 domain, u32 keybitsize, u32 keygenflags,
        kb->head.type = TOKTYPE_NON_CCA;
        kb->head.len = rep_pl->data_len;
        kb->head.version = TOKVER_EP11_AES;
-       kb->head.keybitlen = keybitsize;
+       kb->head.bitlen = keybitsize;
 
 out:
        kfree(req);
@@ -1055,7 +1055,7 @@ static int ep11_unwrapkey(u16 card, u16 domain,
        kb->head.type = TOKTYPE_NON_CCA;
        kb->head.len = rep_pl->data_len;
        kb->head.version = TOKVER_EP11_AES;
-       kb->head.keybitlen = keybitsize;
+       kb->head.bitlen = keybitsize;
 
 out:
        kfree(req);

diff --git a/drivers/s390/crypto/zcrypt_ep11misc.h b/drivers/s390/crypto/zcrypt_ep11misc.h
index a3eddf51242dafb32df802f508287f936c27c306..67cc80d71ba3beffd0fb184d6e12e3c58146f170 100644 (file)
--- a/drivers/s390/crypto/zcrypt_ep11misc.h
+++ b/drivers/s390/crypto/zcrypt_ep11misc.h
@@ -29,14 +29,7 @@ struct ep11keyblob {
        union {
                u8 session[32];
                /* only used for PKEY_TYPE_EP11: */
-               struct {
-                       u8  type;      /* 0x00 (TOKTYPE_NON_CCA) */
-                       u8  res0;      /* unused */
-                       u16 len;       /* total length in bytes of this blob */
-                       u8  version;   /* 0x03 (TOKVER_EP11_AES) */
-                       u8  res1;      /* unused */
-                       u16 keybitlen; /* clear key bit len, 0 for unknown */
-               } head;
+               struct ep11kblob_header head;
        };
        u8  wkvp[16];  /* wrapping key verification pattern */
        u64 attr;      /* boolean key attributes */