From: Horia Geanta <horia.geanta@nxp.com>
To: Herbert Xu <herbert@gondor.apana.org.au>
Cc: "David S. Miller" <davem@davemloft.net>,
Aymen Sghaier <aymen.sghaier@nxp.com>,
"linux-crypto@vger.kernel.org" <linux-crypto@vger.kernel.org>,
dl-linux-imx <linux-imx@nxp.com>,
Iuliana Prodan <iuliana.prodan@nxp.com>
Subject: Re: [v2 PATCH] crypto: caam - fix DKP detection logic
Date: Mon, 6 May 2019 08:06:06 +0000 [thread overview]
Message-ID: <VI1PR0402MB3485B440F9D3F033F021307298300@VI1PR0402MB3485.eurprd04.prod.outlook.com> (raw)
In-Reply-To: 20190506063944.enwkbljhy42rcaqq@gondor.apana.org.au
On 5/6/2019 9:40 AM, Herbert Xu wrote:
> On Fri, May 03, 2019 at 03:05:48PM +0300, Horia Geantă wrote:
>> The detection whether DKP (Derived Key Protocol) is used relies on
>> the setkey callback.
>> Since "aead_setkey" was replaced in some cases with "des3_aead_setkey"
>> (for 3DES weak key checking), the logic has to be updated - otherwise
>> the DMA mapping direction is incorrect (leading to faults in case caam
>> is behind an IOMMU).
>>
>> Fixes: 1b52c40919e6 ("crypto: caam - Forbid 2-key 3DES in FIPS mode")
>> Signed-off-by: Horia Geantă <horia.geanta@nxp.com>
>> ---
>>
>> This issue was noticed when testing with previously submitted IOMMU support:
>> https://patchwork.kernel.org/project/linux-crypto/list/?series=110277&state=*
>
> Thanks for catching this Horia!
>
> My preference would be to encode this logic separately rather than
> relying on the setkey test. How about this patch?
>
This is probably more reliable.
> ---8<---
> The detection for DKP (Derived Key Protocol) relied on the value
> of the setkey function. This was broken by the recent change which
> added des3_aead_setkey.
>
> This patch fixes this by introducing a new flag for DKP and setting
> that where needed.
>
> Reported-by: Horia Geantă <horia.geanta@nxp.com>
> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Tested-by: Horia Geantă <horia.geanta@nxp.com>
Thanks,
Horia
next prev parent reply other threads:[~2019-05-06 8:06 UTC|newest]
Thread overview: 8+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-05-03 12:05 [PATCH] crypto: caam - fix DKP detection logic Horia Geantă
2019-05-06 6:39 ` [v2 PATCH] " Herbert Xu
2019-05-06 8:06 ` Horia Geanta [this message]
2019-05-30 11:36 ` Horia Geanta
2019-06-03 7:52 ` Greg Kroah-Hartman
2019-06-03 8:10 ` Horia Geanta
2019-06-03 8:42 ` Greg Kroah-Hartman
2019-06-03 12:07 ` Horia Geanta
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=VI1PR0402MB3485B440F9D3F033F021307298300@VI1PR0402MB3485.eurprd04.prod.outlook.com \
--to=horia.geanta@nxp.com \
--cc=aymen.sghaier@nxp.com \
--cc=davem@davemloft.net \
--cc=herbert@gondor.apana.org.au \
--cc=iuliana.prodan@nxp.com \
--cc=linux-crypto@vger.kernel.org \
--cc=linux-imx@nxp.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.