From: Sasha Levin <sashal@kernel.org>
To: linux-kernel@vger.kernel.org, stable@vger.kernel.org
Cc: "Hook, Gary" <Gary.Hook@amd.com>, Gary R Hook <gary.hook@amd.com>,
Herbert Xu <herbert@gondor.apana.org.au>,
Sasha Levin <sashal@kernel.org>,
linux-crypto@vger.kernel.org
Subject: [PATCH AUTOSEL 4.14 211/371] crypto: ccp - Fix 3DES complaint from ccp-crypto module
Date: Thu, 16 Jan 2020 12:21:23 -0500
Message-ID: <20200116172403.18149-154-sashal@kernel.org> (raw)
In-Reply-To: <20200116172403.18149-1-sashal@kernel.org>
From: "Hook, Gary" <Gary.Hook@amd.com>
[ Upstream commit 89646fdda4cae203185444ac7988835f36a21ee1 ]
Crypto self-tests reveal an error:
alg: skcipher: cbc-des3-ccp encryption test failed (wrong output IV) on test vector 0, cfg="in-place"
The offset value should not be recomputed when retrieving the context.
Also, a code path exists which makes decisions based on older (version 3)
hardware; a v3 device deosn't support 3DES so remove this check.
Fixes: 990672d48515 ('crypto: ccp - Enable 3DES function on v5 CCPs')
Signed-off-by: Gary R Hook <gary.hook@amd.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Signed-off-by: Sasha Levin <sashal@kernel.org>
---
drivers/crypto/ccp/ccp-ops.c | 15 ++++-----------
1 file changed, 4 insertions(+), 11 deletions(-)
diff --git a/drivers/crypto/ccp/ccp-ops.c b/drivers/crypto/ccp/ccp-ops.c
index 1e2e42106dee..4b48b8523a40 100644
--- a/drivers/crypto/ccp/ccp-ops.c
+++ b/drivers/crypto/ccp/ccp-ops.c
@@ -1293,6 +1293,9 @@ static int ccp_run_des3_cmd(struct ccp_cmd_queue *cmd_q, struct ccp_cmd *cmd)
int ret;
/* Error checks */
+ if (cmd_q->ccp->vdata->version < CCP_VERSION(5, 0))
+ return -EINVAL;
+
if (!cmd_q->ccp->vdata->perform->des3)
return -EINVAL;
@@ -1375,8 +1378,6 @@ static int ccp_run_des3_cmd(struct ccp_cmd_queue *cmd_q, struct ccp_cmd *cmd)
* passthru option to convert from big endian to little endian.
*/
if (des3->mode != CCP_DES3_MODE_ECB) {
- u32 load_mode;
-
op.sb_ctx = cmd_q->sb_ctx;
ret = ccp_init_dm_workarea(&ctx, cmd_q,
@@ -1392,12 +1393,8 @@ static int ccp_run_des3_cmd(struct ccp_cmd_queue *cmd_q, struct ccp_cmd *cmd)
if (ret)
goto e_ctx;
- if (cmd_q->ccp->vdata->version == CCP_VERSION(3, 0))
- load_mode = CCP_PASSTHRU_BYTESWAP_NOOP;
- else
- load_mode = CCP_PASSTHRU_BYTESWAP_256BIT;
ret = ccp_copy_to_sb(cmd_q, &ctx, op.jobid, op.sb_ctx,
- load_mode);
+ CCP_PASSTHRU_BYTESWAP_256BIT);
if (ret) {
cmd->engine_error = cmd_q->cmd_error;
goto e_ctx;
@@ -1459,10 +1456,6 @@ static int ccp_run_des3_cmd(struct ccp_cmd_queue *cmd_q, struct ccp_cmd *cmd)
}
/* ...but we only need the last DES3_EDE_BLOCK_SIZE bytes */
- if (cmd_q->ccp->vdata->version == CCP_VERSION(3, 0))
- dm_offset = CCP_SB_BYTES - des3->iv_len;
- else
- dm_offset = 0;
ccp_get_dm_area(&ctx, dm_offset, des3->iv, 0,
DES3_EDE_BLOCK_SIZE);
}
--
2.20.1
next prev parent reply index
Thread overview: 9+ messages / expand[flat|nested] mbox.gz Atom feed top
[not found] <20200116172403.18149-1-sashal@kernel.org>
2020-01-16 17:18 ` [PATCH AUTOSEL 4.14 060/371] crypto: brcm - Fix some set-but-not-used warning Sasha Levin
2020-01-16 17:18 ` [PATCH AUTOSEL 4.14 061/371] crypto: tgr192 - fix unaligned memory access Sasha Levin
2020-01-16 17:19 ` [PATCH AUTOSEL 4.14 073/371] crypto: crypto4xx - Fix wrong ppc4xx_trng_probe()/ppc4xx_trng_remove() arguments Sasha Levin
2020-01-16 17:21 ` [PATCH AUTOSEL 4.14 196/371] crypto: caam - fix caam_dump_sg that iterates through scatterlist Sasha Levin
2020-01-16 17:21 ` [PATCH AUTOSEL 4.14 210/371] crypto: ccp - fix AES CFB error exposed by new test vectors Sasha Levin
2020-01-16 17:21 ` Sasha Levin [this message]
2020-01-16 17:22 ` [PATCH AUTOSEL 4.14 256/371] crypto: ccp - Reduce maximum stack usage Sasha Levin
2020-01-16 17:22 ` [PATCH AUTOSEL 4.14 263/371] crypto: caam - free resources in case caam_rng registration failed Sasha Levin
2020-01-16 17:23 ` [PATCH AUTOSEL 4.14 362/371] crypto: sun4i-ss - fix big endian issues Sasha Levin
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20200116172403.18149-154-sashal@kernel.org \
--to=sashal@kernel.org \
--cc=Gary.Hook@amd.com \
--cc=herbert@gondor.apana.org.au \
--cc=linux-crypto@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=stable@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Linux-Crypto Archive on lore.kernel.org
Archives are clonable:
git clone --mirror https://lore.kernel.org/linux-crypto/0 linux-crypto/git/0.git
# If you have public-inbox 1.1+ installed, you may
# initialize and index your mirror using the following commands:
public-inbox-init -V2 linux-crypto linux-crypto/ https://lore.kernel.org/linux-crypto \
linux-crypto@vger.kernel.org
public-inbox-index linux-crypto
Example config snippet for mirrors
Newsgroup available over NNTP:
nntp://nntp.lore.kernel.org/org.kernel.vger.linux-crypto
AGPL code for this site: git clone https://public-inbox.org/public-inbox.git