From: Horia Geanta <horia.geanta@nxp.com>
To: Iuliana Prodan <iuliana.prodan@nxp.com>,
Herbert Xu <herbert@gondor.apana.org.au>,
Aymen Sghaier <aymen.sghaier@nxp.com>
Cc: "David S. Miller" <davem@davemloft.net>,
"linux-crypto@vger.kernel.org" <linux-crypto@vger.kernel.org>,
"linux-kernel@vger.kernel.org" <linux-kernel@vger.kernel.org>,
dl-linux-imx <linux-imx@nxp.com>
Subject: Re: [PATCH v2 06/14] crypto: caam - check assoclen
Date: Fri, 19 Jul 2019 15:06:38 +0000 [thread overview]
Message-ID: <VI1PR0402MB34850ACE9BD5CC43A150085798CB0@VI1PR0402MB3485.eurprd04.prod.outlook.com> (raw)
In-Reply-To: 1563494276-3993-7-git-send-email-iuliana.prodan@nxp.com
On 7/19/2019 2:58 AM, Iuliana Prodan wrote:
[...]
> --- a/drivers/crypto/caam/common_if.c
> +++ b/drivers/crypto/caam/common_if.c
> @@ -66,6 +66,23 @@ int check_rfc4106_authsize(unsigned int authsize)
> }
> EXPORT_SYMBOL(check_rfc4106_authsize);
>
> +/*
> + * validate assoclen for RFC4106/RFC4543
> + */
> +int check_ipsec_assoclen(unsigned int assoclen)
> +{
> + switch (assoclen) {
> + case 16:
> + case 20:
> + break;
> + default:
> + return -EINVAL;
> + }
> +
> + return 0;
> +}
> +EXPORT_SYMBOL(check_ipsec_assoclen);
> +
It's probably worth making this function (and even the other ones
in common_if) inline.
Herbert, is it worth having these checks moved to crypto API,
so they could be shared b/w all implementations?
This would also provide clear guidance wrt. rules related to
input parameters length.
Thanks,
Horia
next prev parent reply other threads:[~2019-07-19 15:06 UTC|newest]
Thread overview: 26+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-07-18 23:57 [PATCH v2 00/14] crypto: caam - fixes for kernel v5.3 Iuliana Prodan
2019-07-18 23:57 ` [PATCH v2 01/14] crypto: caam/qi - fix error handling in ERN handler Iuliana Prodan
2019-07-18 23:57 ` [PATCH v2 02/14] crypto: caam - fix return code in completion callbacks Iuliana Prodan
2019-07-18 23:57 ` [PATCH v2 03/14] crypto: caam - update IV only when crypto operation succeeds Iuliana Prodan
2019-07-18 23:57 ` [PATCH v2 04/14] crypto: caam - check key length Iuliana Prodan
2019-07-19 14:38 ` Horia Geanta
2019-07-18 23:57 ` [PATCH v2 05/14] crypto: caam - check authsize Iuliana Prodan
2019-07-19 14:49 ` Horia Geanta
2019-07-18 23:57 ` [PATCH v2 06/14] crypto: caam - check assoclen Iuliana Prodan
2019-07-19 15:06 ` Horia Geanta [this message]
2019-07-19 15:15 ` Herbert Xu
2019-07-18 23:57 ` [PATCH v2 07/14] crypto: caam - check zero-length input Iuliana Prodan
2019-07-19 15:11 ` Horia Geanta
2019-07-18 23:57 ` [PATCH v2 08/14] crypto: caam - update rfc4106 sh desc to support zero length input Iuliana Prodan
2019-07-19 15:38 ` Horia Geanta
2019-07-18 23:57 ` [PATCH v2 09/14] crypto: caam - keep both virtual and dma key addresses Iuliana Prodan
2019-07-19 10:08 ` Horia Geanta
2019-07-18 23:57 ` [PATCH v2 10/14] crypto: caam - fix DKP for certain key lengths Iuliana Prodan
2019-07-18 23:57 ` [PATCH v2 11/14] crypto: caam - free resources in case caam_rng registration failed Iuliana Prodan
2019-07-19 15:53 ` Horia Geanta
2019-07-18 23:57 ` [PATCH v2 12/14] crypto: caam - execute module exit point only if necessary Iuliana Prodan
2019-07-19 16:02 ` Horia Geanta
2019-07-18 23:57 ` [PATCH v2 13/14] crypto: caam - unregister algorithm only if the registration succeeded Iuliana Prodan
2019-07-19 16:22 ` Horia Geanta
2019-07-18 23:57 ` [PATCH v2 14/14] crypto: caam - change return value in case CAAM has no MDHA Iuliana Prodan
2019-07-19 16:26 ` Horia Geanta
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=VI1PR0402MB34850ACE9BD5CC43A150085798CB0@VI1PR0402MB3485.eurprd04.prod.outlook.com \
--to=horia.geanta@nxp.com \
--cc=aymen.sghaier@nxp.com \
--cc=davem@davemloft.net \
--cc=herbert@gondor.apana.org.au \
--cc=iuliana.prodan@nxp.com \
--cc=linux-crypto@vger.kernel.org \
--cc=linux-imx@nxp.com \
--cc=linux-kernel@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).