From: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
To: linux-kernel@vger.kernel.org
Cc: Greg Kroah-Hartman <gregkh@linuxfoundation.org>,
stable@vger.kernel.org,
Christophe Leroy <christophe.leroy@c-s.fr>,
Herbert Xu <herbert@gondor.apana.org.au>
Subject: [PATCH 4.9 30/74] crypto: talitos - Do not modify req->cryptlen on decryption.
Date: Fri, 20 Sep 2019 00:03:43 +0200 [thread overview]
Message-ID: <20190919214807.971753602@linuxfoundation.org> (raw)
In-Reply-To: <20190919214800.519074117@linuxfoundation.org>
From: Christophe Leroy <christophe.leroy@c-s.fr>
commit 7ede4c36cf7c6516986ee9d75b197c8bf73ea96f upstream.
For decrypt, req->cryptlen includes the size of the authentication
part while all functions of the driver expect cryptlen to be
the size of the encrypted data.
As it is not expected to change req->cryptlen, this patch
implements local calculation of cryptlen.
Signed-off-by: Christophe Leroy <christophe.leroy@c-s.fr>
Fixes: 9c4a79653b35 ("crypto: talitos - Freescale integrated security engine (SEC) driver")
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
---
drivers/crypto/talitos.c | 31 +++++++++++++++++--------------
1 file changed, 17 insertions(+), 14 deletions(-)
--- a/drivers/crypto/talitos.c
+++ b/drivers/crypto/talitos.c
@@ -943,11 +943,13 @@ static void talitos_sg_unmap(struct devi
static void ipsec_esp_unmap(struct device *dev,
struct talitos_edesc *edesc,
- struct aead_request *areq)
+ struct aead_request *areq, bool encrypt)
{
struct crypto_aead *aead = crypto_aead_reqtfm(areq);
struct talitos_ctx *ctx = crypto_aead_ctx(aead);
unsigned int ivsize = crypto_aead_ivsize(aead);
+ unsigned int authsize = crypto_aead_authsize(aead);
+ unsigned int cryptlen = areq->cryptlen - (encrypt ? 0 : authsize);
if (edesc->desc.hdr & DESC_HDR_TYPE_IPSEC_ESP)
unmap_single_talitos_ptr(dev, &edesc->desc.ptr[6],
@@ -956,7 +958,7 @@ static void ipsec_esp_unmap(struct devic
unmap_single_talitos_ptr(dev, &edesc->desc.ptr[2], DMA_TO_DEVICE);
unmap_single_talitos_ptr(dev, &edesc->desc.ptr[0], DMA_TO_DEVICE);
- talitos_sg_unmap(dev, edesc, areq->src, areq->dst, areq->cryptlen,
+ talitos_sg_unmap(dev, edesc, areq->src, areq->dst, cryptlen,
areq->assoclen);
if (edesc->dma_len)
@@ -967,7 +969,7 @@ static void ipsec_esp_unmap(struct devic
unsigned int dst_nents = edesc->dst_nents ? : 1;
sg_pcopy_to_buffer(areq->dst, dst_nents, ctx->iv, ivsize,
- areq->assoclen + areq->cryptlen - ivsize);
+ areq->assoclen + cryptlen - ivsize);
}
}
@@ -988,7 +990,7 @@ static void ipsec_esp_encrypt_done(struc
edesc = container_of(desc, struct talitos_edesc, desc);
- ipsec_esp_unmap(dev, edesc, areq);
+ ipsec_esp_unmap(dev, edesc, areq, true);
/* copy the generated ICV to dst */
if (edesc->icv_ool) {
@@ -1020,7 +1022,7 @@ static void ipsec_esp_decrypt_swauth_don
edesc = container_of(desc, struct talitos_edesc, desc);
- ipsec_esp_unmap(dev, edesc, req);
+ ipsec_esp_unmap(dev, edesc, req, false);
if (!err) {
char icvdata[SHA512_DIGEST_SIZE];
@@ -1066,7 +1068,7 @@ static void ipsec_esp_decrypt_hwauth_don
edesc = container_of(desc, struct talitos_edesc, desc);
- ipsec_esp_unmap(dev, edesc, req);
+ ipsec_esp_unmap(dev, edesc, req, false);
/* check ICV auth status */
if (!err && ((desc->hdr_lo & DESC_HDR_LO_ICCR1_MASK) !=
@@ -1173,6 +1175,7 @@ static int talitos_sg_map(struct device
* fill in and submit ipsec_esp descriptor
*/
static int ipsec_esp(struct talitos_edesc *edesc, struct aead_request *areq,
+ bool encrypt,
void (*callback)(struct device *dev,
struct talitos_desc *desc,
void *context, int error))
@@ -1182,7 +1185,7 @@ static int ipsec_esp(struct talitos_edes
struct talitos_ctx *ctx = crypto_aead_ctx(aead);
struct device *dev = ctx->dev;
struct talitos_desc *desc = &edesc->desc;
- unsigned int cryptlen = areq->cryptlen;
+ unsigned int cryptlen = areq->cryptlen - (encrypt ? 0 : authsize);
unsigned int ivsize = crypto_aead_ivsize(aead);
int tbl_off = 0;
int sg_count, ret;
@@ -1324,7 +1327,7 @@ static int ipsec_esp(struct talitos_edes
ret = talitos_submit(dev, ctx->ch, desc, callback, areq);
if (ret != -EINPROGRESS) {
- ipsec_esp_unmap(dev, edesc, areq);
+ ipsec_esp_unmap(dev, edesc, areq, encrypt);
kfree(edesc);
}
return ret;
@@ -1433,9 +1436,10 @@ static struct talitos_edesc *aead_edesc_
unsigned int authsize = crypto_aead_authsize(authenc);
struct talitos_ctx *ctx = crypto_aead_ctx(authenc);
unsigned int ivsize = crypto_aead_ivsize(authenc);
+ unsigned int cryptlen = areq->cryptlen - (encrypt ? 0 : authsize);
return talitos_edesc_alloc(ctx->dev, areq->src, areq->dst,
- iv, areq->assoclen, areq->cryptlen,
+ iv, areq->assoclen, cryptlen,
authsize, ivsize, icv_stashing,
areq->base.flags, encrypt);
}
@@ -1454,7 +1458,7 @@ static int aead_encrypt(struct aead_requ
/* set encrypt */
edesc->desc.hdr = ctx->desc_hdr_template | DESC_HDR_MODE0_ENCRYPT;
- return ipsec_esp(edesc, req, ipsec_esp_encrypt_done);
+ return ipsec_esp(edesc, req, true, ipsec_esp_encrypt_done);
}
static int aead_decrypt(struct aead_request *req)
@@ -1466,8 +1470,6 @@ static int aead_decrypt(struct aead_requ
struct talitos_edesc *edesc;
void *icvdata;
- req->cryptlen -= authsize;
-
/* allocate extended descriptor */
edesc = aead_edesc_alloc(req, req->iv, 1, false);
if (IS_ERR(edesc))
@@ -1485,7 +1487,8 @@ static int aead_decrypt(struct aead_requ
/* reset integrity check result bits */
edesc->desc.hdr_lo = 0;
- return ipsec_esp(edesc, req, ipsec_esp_decrypt_hwauth_done);
+ return ipsec_esp(edesc, req, false,
+ ipsec_esp_decrypt_hwauth_done);
}
/* Have to check the ICV with software */
@@ -1501,7 +1504,7 @@ static int aead_decrypt(struct aead_requ
sg_pcopy_to_buffer(req->src, edesc->src_nents ? : 1, icvdata, authsize,
req->assoclen + req->cryptlen - authsize);
- return ipsec_esp(edesc, req, ipsec_esp_decrypt_swauth_done);
+ return ipsec_esp(edesc, req, false, ipsec_esp_decrypt_swauth_done);
}
static int ablkcipher_setkey(struct crypto_ablkcipher *cipher,
next prev parent reply other threads:[~2019-09-19 22:19 UTC|newest]
Thread overview: 81+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-09-19 22:03 [PATCH 4.9 00/74] 4.9.194-stable review Greg Kroah-Hartman
2019-09-19 22:03 ` [PATCH 4.9 01/74] bridge/mdb: remove wrong use of NLM_F_MULTI Greg Kroah-Hartman
2019-09-19 22:03 ` [PATCH 4.9 02/74] cdc_ether: fix rndis support for Mediatek based smartphones Greg Kroah-Hartman
2019-09-19 22:03 ` [PATCH 4.9 03/74] ipv6: Fix the link time qualifier of ping_v6_proc_exit_net() Greg Kroah-Hartman
2019-09-19 22:03 ` [PATCH 4.9 04/74] isdn/capi: check message length in capi_write() Greg Kroah-Hartman
2019-09-19 22:03 ` [PATCH 4.9 05/74] net: Fix null de-reference of device refcount Greg Kroah-Hartman
2019-09-19 22:03 ` [PATCH 4.9 06/74] net: gso: Fix skb_segment splat when splitting gso_size mangled skb having linear-headed frag_list Greg Kroah-Hartman
2019-09-19 22:03 ` [PATCH 4.9 07/74] sch_hhf: ensure quantum and hhf_non_hh_weight are non-zero Greg Kroah-Hartman
2019-09-19 22:03 ` [PATCH 4.9 08/74] sctp: Fix the link time qualifier of sctp_ctrlsock_exit() Greg Kroah-Hartman
2019-09-19 22:03 ` [PATCH 4.9 09/74] sctp: use transport pf_retrans in sctp_do_8_2_transport_strike Greg Kroah-Hartman
2019-09-19 22:03 ` [PATCH 4.9 10/74] tcp: fix tcp_ecn_withdraw_cwr() to clear TCP_ECN_QUEUE_CWR Greg Kroah-Hartman
2019-09-19 22:03 ` [PATCH 4.9 11/74] tipc: add NULL pointer check before calling kfree_rcu Greg Kroah-Hartman
2019-09-19 22:03 ` [PATCH 4.9 12/74] tun: fix use-after-free when register netdev failed Greg Kroah-Hartman
2019-09-19 22:03 ` [PATCH 4.9 13/74] Revert "MIPS: SiByte: Enable swiotlb for SWARM, LittleSur and BigSur" Greg Kroah-Hartman
2019-09-19 22:03 ` [PATCH 4.9 14/74] gpio: fix line flag validation in linehandle_create Greg Kroah-Hartman
2019-09-19 22:03 ` [PATCH 4.9 15/74] gpio: fix line flag validation in lineevent_create Greg Kroah-Hartman
2019-09-19 22:03 ` [PATCH 4.9 16/74] Btrfs: fix assertion failure during fsync and use of stale transaction Greg Kroah-Hartman
2019-09-19 22:03 ` [PATCH 4.9 17/74] genirq: Prevent NULL pointer dereference in resend_irqs() Greg Kroah-Hartman
2019-09-19 22:03 ` [PATCH 4.9 18/74] KVM: s390: Do not leak kernel stack data in the KVM_S390_INTERRUPT ioctl Greg Kroah-Hartman
2019-09-19 22:03 ` [PATCH 4.9 19/74] KVM: x86: work around leak of uninitialized stack contents Greg Kroah-Hartman
2019-09-19 22:03 ` [PATCH 4.9 20/74] KVM: nVMX: handle page fault in vmread Greg Kroah-Hartman
2019-09-19 22:03 ` [PATCH 4.9 21/74] MIPS: VDSO: Prevent use of smp_processor_id() Greg Kroah-Hartman
2019-09-19 22:03 ` [PATCH 4.9 22/74] MIPS: VDSO: Use same -m%-float cflag as the kernel proper Greg Kroah-Hartman
2019-09-19 22:03 ` [PATCH 4.9 23/74] clk: rockchip: Dont yell about bad mmc phases when getting Greg Kroah-Hartman
2019-09-19 22:03 ` [PATCH 4.9 24/74] mtd: rawnand: mtk: Fix wrongly assigned OOB buffer pointer issue Greg Kroah-Hartman
2019-09-19 22:03 ` [PATCH 4.9 25/74] driver core: Fix use-after-free and double free on glue directory Greg Kroah-Hartman
2019-09-19 22:03 ` [PATCH 4.9 26/74] crypto: talitos - check AES key size Greg Kroah-Hartman
2019-09-19 22:03 ` [PATCH 4.9 27/74] crypto: talitos - fix CTR alg blocksize Greg Kroah-Hartman
2019-09-19 22:03 ` [PATCH 4.9 28/74] crypto: talitos - check data blocksize in ablkcipher Greg Kroah-Hartman
2019-09-19 22:03 ` [PATCH 4.9 29/74] crypto: talitos - fix ECB algs ivsize Greg Kroah-Hartman
2019-09-19 22:03 ` Greg Kroah-Hartman [this message]
2019-09-19 22:03 ` [PATCH 4.9 31/74] crypto: talitos - HMAC SNOOP NO AFEU mode requires SW icv checking Greg Kroah-Hartman
2019-09-19 22:03 ` [PATCH 4.9 32/74] drm/mediatek: mtk_drm_drv.c: Add of_node_put() before goto Greg Kroah-Hartman
2019-09-19 22:03 ` [PATCH 4.9 33/74] nvmem: Use the same permissions for eeprom as for nvmem Greg Kroah-Hartman
2019-09-19 22:03 ` [PATCH 4.9 34/74] x86/build: Add -Wnoaddress-of-packed-member to REALMODE_CFLAGS, to silence GCC9 build warning Greg Kroah-Hartman
2019-09-19 22:03 ` [PATCH 4.9 35/74] USB: usbcore: Fix slab-out-of-bounds bug during device reset Greg Kroah-Hartman
2019-09-19 22:03 ` [PATCH 4.9 36/74] media: tm6000: double free if usb disconnect while streaming Greg Kroah-Hartman
2019-09-19 22:03 ` [PATCH 4.9 37/74] powerpc/mm/radix: Use the right page size for vmemmap mapping Greg Kroah-Hartman
2019-09-19 22:03 ` [PATCH 4.9 38/74] x86/boot: Add missing bootparam that breaks boot on some platforms Greg Kroah-Hartman
2019-09-19 22:03 ` [PATCH 4.9 39/74] xen-netfront: do not assume sk_buff_head list is empty in error handling Greg Kroah-Hartman
2019-09-19 22:03 ` [PATCH 4.9 40/74] KVM: coalesced_mmio: add bounds checking Greg Kroah-Hartman
2019-09-19 22:03 ` [PATCH 4.9 41/74] serial: sprd: correct the wrong sequence of arguments Greg Kroah-Hartman
2019-09-19 22:03 ` [PATCH 4.9 42/74] tty/serial: atmel: reschedule TX after RX was started Greg Kroah-Hartman
2019-09-19 22:03 ` [PATCH 4.9 43/74] mwifiex: Fix three heap overflow at parsing element in cfg80211_ap_settings Greg Kroah-Hartman
2019-09-19 22:03 ` [PATCH 4.9 44/74] ARM: OMAP2+: Fix missing SYSC_HAS_RESET_STATUS for dra7 epwmss Greg Kroah-Hartman
2019-09-19 22:03 ` [PATCH 4.9 45/74] s390/bpf: fix lcgr instruction encoding Greg Kroah-Hartman
2019-09-19 22:03 ` [PATCH 4.9 46/74] ARM: OMAP2+: Fix omap4 errata warning on other SoCs Greg Kroah-Hartman
2019-09-19 22:04 ` [PATCH 4.9 47/74] s390/bpf: use 32-bit index for tail calls Greg Kroah-Hartman
2019-09-19 22:04 ` [PATCH 4.9 48/74] NFSv4: Fix return values for nfs4_file_open() Greg Kroah-Hartman
2019-09-19 22:04 ` [PATCH 4.9 49/74] NFS: Fix initialisation of I/O result struct in nfs_pgio_rpcsetup Greg Kroah-Hartman
2019-09-19 22:04 ` [PATCH 4.9 50/74] Kconfig: Fix the reference to the IDT77105 Phy driver in the description of ATM_NICSTAR_USE_IDT77105 Greg Kroah-Hartman
2019-09-19 22:04 ` [PATCH 4.9 51/74] qed: Add cleanup in qed_slowpath_start() Greg Kroah-Hartman
2019-09-19 22:04 ` [PATCH 4.9 52/74] ARM: 8874/1: mm: only adjust sections of valid mm structures Greg Kroah-Hartman
2019-09-19 22:04 ` [PATCH 4.9 53/74] batman-adv: Only read OGM2 tvlv_len after buffer len check Greg Kroah-Hartman
2019-09-19 22:04 ` [PATCH 4.9 54/74] r8152: Set memory to all 0xFFs on failed reg reads Greg Kroah-Hartman
2019-09-19 22:04 ` [PATCH 4.9 55/74] x86/apic: Fix arch_dynirq_lower_bound() bug for DT enabled machines Greg Kroah-Hartman
2019-09-19 22:04 ` [PATCH 4.9 56/74] netfilter: nf_conntrack_ftp: Fix debug output Greg Kroah-Hartman
2019-09-19 22:04 ` [PATCH 4.9 57/74] NFSv2: Fix eof handling Greg Kroah-Hartman
2019-09-19 22:04 ` [PATCH 4.9 58/74] NFSv2: Fix write regression Greg Kroah-Hartman
2019-09-19 22:04 ` [PATCH 4.9 59/74] cifs: set domainName when a domain-key is used in multiuser Greg Kroah-Hartman
2019-09-19 22:04 ` [PATCH 4.9 60/74] cifs: Use kzfree() to zero out the password Greg Kroah-Hartman
2019-09-19 22:04 ` [PATCH 4.9 61/74] ARM: 8901/1: add a criteria for pfn_valid of arm Greg Kroah-Hartman
2019-09-19 22:04 ` [PATCH 4.9 62/74] sky2: Disable MSI on yet another ASUS boards (P6Xxxx) Greg Kroah-Hartman
2019-09-19 22:04 ` [PATCH 4.9 63/74] perf/x86/intel: Restrict period on Nehalem Greg Kroah-Hartman
2019-09-19 22:04 ` [PATCH 4.9 64/74] perf/x86/amd/ibs: Fix sample bias for dispatched micro-ops Greg Kroah-Hartman
2019-09-19 22:04 ` [PATCH 4.9 65/74] tools/power turbostat: fix buffer overrun Greg Kroah-Hartman
2019-09-19 22:04 ` [PATCH 4.9 66/74] net: seeq: Fix the function used to release some memory in an error handling path Greg Kroah-Hartman
2019-09-19 22:04 ` [PATCH 4.9 67/74] dmaengine: ti: dma-crossbar: Fix a memory leak bug Greg Kroah-Hartman
2019-09-19 22:04 ` [PATCH 4.9 68/74] dmaengine: ti: omap-dma: Add cleanup in omap_dma_probe() Greg Kroah-Hartman
2019-09-19 22:04 ` [PATCH 4.9 69/74] x86/uaccess: Dont leak the AC flags into __get_user() argument evaluation Greg Kroah-Hartman
2019-09-19 22:04 ` [PATCH 4.9 70/74] keys: Fix missing null pointer check in request_key_auth_describe() Greg Kroah-Hartman
2019-09-19 22:04 ` [PATCH 4.9 71/74] iommu/amd: Fix race in increase_address_space() Greg Kroah-Hartman
2019-09-19 22:04 ` [PATCH 4.9 72/74] floppy: fix usercopy direction Greg Kroah-Hartman
2019-09-19 22:04 ` [PATCH 4.9 73/74] media: technisat-usb2: break out of loop at end of buffer Greg Kroah-Hartman
2019-09-19 22:04 ` [PATCH 4.9 74/74] ARC: export "abort" for modules Greg Kroah-Hartman
2019-09-20 3:19 ` [PATCH 4.9 00/74] 4.9.194-stable review kernelci.org bot
2019-09-20 6:48 ` Naresh Kamboju
2019-09-20 13:42 ` Guenter Roeck
2019-09-20 13:47 ` Jon Hunter
2019-09-20 13:47 ` Jon Hunter
2019-09-20 21:28 ` shuah
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20190919214807.971753602@linuxfoundation.org \
--to=gregkh@linuxfoundation.org \
--cc=christophe.leroy@c-s.fr \
--cc=herbert@gondor.apana.org.au \
--cc=linux-kernel@vger.kernel.org \
--cc=stable@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.