* [bug report] crypto: atmel-aes - Fix saving of IV for CTR mode
@ 2019-12-13 12:38 Dan Carpenter
2019-12-13 14:45 ` [PATCH] crypto: atmel-aes - Fix CTR counter overflow when multiple fragments Tudor.Ambarus
0 siblings, 1 reply; 3+ messages in thread
From: Dan Carpenter @ 2019-12-13 12:38 UTC (permalink / raw)
To: tudor.ambarus; +Cc: linux-crypto
Hello Tudor Ambarus,
The patch 371731ec2179: "crypto: atmel-aes - Fix saving of IV for CTR
mode" from Dec 5, 2019, leads to the following static checker warning:
drivers/crypto/atmel-aes.c:1058 atmel_aes_ctr_transfer()
warn: right shifting more than type allows 16 vs 16
drivers/crypto/atmel-aes.c
1044 /* Check for transfer completion. */
1045 ctx->offset += dd->total;
1046 if (ctx->offset >= req->cryptlen)
1047 return atmel_aes_transfer_complete(dd);
1048
1049 /* Compute data length. */
1050 datalen = req->cryptlen - ctx->offset;
1051 ctx->blocks = DIV_ROUND_UP(datalen, AES_BLOCK_SIZE);
1052 ctr = be32_to_cpu(ctx->iv[3]);
1053
1054 /* Check 16bit counter overflow. */
1055 start = ctr & 0xffff;
1056 end = start + ctx->blocks - 1;
1057
1058 if (ctx->blocks >> 16 || end < start) {
^^^^^^^^^^^^^^^^^
Impossible condition.
1059 ctr |= 0xffff;
1060 datalen = AES_BLOCK_SIZE * (0x10000 - start);
1061 fragmented = true;
1062 }
regards,
dan carpenter
^ permalink raw reply [flat|nested] 3+ messages in thread* [PATCH] crypto: atmel-aes - Fix CTR counter overflow when multiple fragments
2019-12-13 12:38 [bug report] crypto: atmel-aes - Fix saving of IV for CTR mode Dan Carpenter
@ 2019-12-13 14:45 ` Tudor.Ambarus
2019-12-20 7:08 ` Herbert Xu
0 siblings, 1 reply; 3+ messages in thread
From: Tudor.Ambarus @ 2019-12-13 14:45 UTC (permalink / raw)
To: herbert, dan.carpenter
Cc: Nicolas.Ferre, alexandre.belloni, Ludovic.Desroches,
linux-crypto, linux-arm-kernel, Tudor.Ambarus
From: Tudor Ambarus <tudor.ambarus@microchip.com>
The CTR transfer works in fragments of data of maximum 1 MByte because
of the 16 bit CTR counter embedded in the IP. Fix the CTR counter
overflow handling for messages larger than 1 MByte.
Reported-by: Dan Carpenter <dan.carpenter@oracle.com>
Fixes: 781a08d9740a ("crypto: atmel-aes - Fix counter overflow in CTR mode")
Signed-off-by: Tudor Ambarus <tudor.ambarus@microchip.com>
---
Thanks, Dan.
drivers/crypto/atmel-aes.c | 8 +++++++-
1 file changed, 7 insertions(+), 1 deletion(-)
diff --git a/drivers/crypto/atmel-aes.c b/drivers/crypto/atmel-aes.c
index 245d45f93b61..b001fdcd9d95 100644
--- a/drivers/crypto/atmel-aes.c
+++ b/drivers/crypto/atmel-aes.c
@@ -120,7 +120,7 @@ struct atmel_aes_ctr_ctx {
size_t offset;
struct scatterlist src[2];
struct scatterlist dst[2];
- u16 blocks;
+ u32 blocks;
};
struct atmel_aes_gcm_ctx {
@@ -527,6 +527,12 @@ static void atmel_aes_ctr_update_req_iv(struct atmel_aes_dev *dd)
unsigned int ivsize = crypto_skcipher_ivsize(skcipher);
int i;
+ /*
+ * The CTR transfer works in fragments of data of maximum 1 MByte
+ * because of the 16 bit CTR counter embedded in the IP. When reaching
+ * here, ctx->blocks contains the number of blocks of the last fragment
+ * processed, there is no need to explicit cast it to u16.
+ */
for (i = 0; i < ctx->blocks; i++)
crypto_inc((u8 *)ctx->iv, AES_BLOCK_SIZE);
--
2.20.1
^ permalink raw reply related [flat|nested] 3+ messages in thread* Re: [PATCH] crypto: atmel-aes - Fix CTR counter overflow when multiple fragments
2019-12-13 14:45 ` [PATCH] crypto: atmel-aes - Fix CTR counter overflow when multiple fragments Tudor.Ambarus
@ 2019-12-20 7:08 ` Herbert Xu
0 siblings, 0 replies; 3+ messages in thread
From: Herbert Xu @ 2019-12-20 7:08 UTC (permalink / raw)
To: Tudor.Ambarus
Cc: dan.carpenter, Nicolas.Ferre, alexandre.belloni,
Ludovic.Desroches, linux-crypto, linux-arm-kernel
On Fri, Dec 13, 2019 at 02:45:44PM +0000, Tudor.Ambarus@microchip.com wrote:
> From: Tudor Ambarus <tudor.ambarus@microchip.com>
>
> The CTR transfer works in fragments of data of maximum 1 MByte because
> of the 16 bit CTR counter embedded in the IP. Fix the CTR counter
> overflow handling for messages larger than 1 MByte.
>
> Reported-by: Dan Carpenter <dan.carpenter@oracle.com>
> Fixes: 781a08d9740a ("crypto: atmel-aes - Fix counter overflow in CTR mode")
> Signed-off-by: Tudor Ambarus <tudor.ambarus@microchip.com>
> ---
> Thanks, Dan.
>
> drivers/crypto/atmel-aes.c | 8 +++++++-
> 1 file changed, 7 insertions(+), 1 deletion(-)
Patch applied. Thanks.
--
Email: Herbert Xu <herbert@gondor.apana.org.au>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt
^ permalink raw reply [flat|nested] 3+ messages in thread
end of thread, other threads:[~2019-12-20 7:08 UTC | newest]
Thread overview: 3+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2019-12-13 12:38 [bug report] crypto: atmel-aes - Fix saving of IV for CTR mode Dan Carpenter
2019-12-13 14:45 ` [PATCH] crypto: atmel-aes - Fix CTR counter overflow when multiple fragments Tudor.Ambarus
2019-12-20 7:08 ` Herbert Xu
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).