* [PATCH 1/2] crypto: ccree: use the full crypt length value
2019-07-29 10:40 [PATCH 0/2] crypto: ccree: aead fixes Gilad Ben-Yossef
@ 2019-07-29 10:40 ` Gilad Ben-Yossef
2019-07-29 10:40 ` [PATCH 2/2] crypto: ccree: use std api sg_zero_buffer Gilad Ben-Yossef
2019-08-09 6:09 ` [PATCH 0/2] crypto: ccree: aead fixes Herbert Xu
2 siblings, 0 replies; 4+ messages in thread
From: Gilad Ben-Yossef @ 2019-07-29 10:40 UTC (permalink / raw)
To: Herbert Xu, David S. Miller
Cc: Ofir Drang, stable, linux-crypto, linux-kernel
In case of AEAD decryption verifcation error we were using the
wrong value to zero out the plaintext buffer leaving the end of
the buffer with the false plaintext.
Signed-off-by: Gilad Ben-Yossef <gilad@benyossef.com>
Fixes: ff27e85a85bb ("crypto: ccree - add AEAD support")
CC: stable@vger.kernel.org # v4.17+
---
drivers/crypto/ccree/cc_aead.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/drivers/crypto/ccree/cc_aead.c b/drivers/crypto/ccree/cc_aead.c
index 19abb872329c..8a6c825d40e8 100644
--- a/drivers/crypto/ccree/cc_aead.c
+++ b/drivers/crypto/ccree/cc_aead.c
@@ -268,7 +268,7 @@ static void cc_aead_complete(struct device *dev, void *cc_req, int err)
/* In case of payload authentication failure, MUST NOT
* revealed the decrypted message --> zero its memory.
*/
- cc_zero_sgl(areq->dst, areq_ctx->cryptlen);
+ cc_zero_sgl(areq->dst, areq->cryptlen);
err = -EBADMSG;
}
/*ENCRYPT*/
--
2.21.0
^ permalink raw reply related [flat|nested] 4+ messages in thread
* [PATCH 2/2] crypto: ccree: use std api sg_zero_buffer
2019-07-29 10:40 [PATCH 0/2] crypto: ccree: aead fixes Gilad Ben-Yossef
2019-07-29 10:40 ` [PATCH 1/2] crypto: ccree: use the full crypt length value Gilad Ben-Yossef
@ 2019-07-29 10:40 ` Gilad Ben-Yossef
2019-08-09 6:09 ` [PATCH 0/2] crypto: ccree: aead fixes Herbert Xu
2 siblings, 0 replies; 4+ messages in thread
From: Gilad Ben-Yossef @ 2019-07-29 10:40 UTC (permalink / raw)
To: Herbert Xu, David S. Miller; +Cc: Ofir Drang, linux-crypto, linux-kernel
Replace internal cc_zero_sgl() with kernel API of the same function
sg_zero_buffer().
Signed-off-by: Gilad Ben-Yossef <gilad@benyossef.com>
---
drivers/crypto/ccree/cc_aead.c | 3 ++-
drivers/crypto/ccree/cc_buffer_mgr.c | 21 ---------------------
drivers/crypto/ccree/cc_buffer_mgr.h | 2 --
3 files changed, 2 insertions(+), 24 deletions(-)
diff --git a/drivers/crypto/ccree/cc_aead.c b/drivers/crypto/ccree/cc_aead.c
index 8a6c825d40e8..f807875b541f 100644
--- a/drivers/crypto/ccree/cc_aead.c
+++ b/drivers/crypto/ccree/cc_aead.c
@@ -268,7 +268,8 @@ static void cc_aead_complete(struct device *dev, void *cc_req, int err)
/* In case of payload authentication failure, MUST NOT
* revealed the decrypted message --> zero its memory.
*/
- cc_zero_sgl(areq->dst, areq->cryptlen);
+ sg_zero_buffer(areq->dst, sg_nents(areq->dst),
+ areq->cryptlen, 0);
err = -EBADMSG;
}
/*ENCRYPT*/
diff --git a/drivers/crypto/ccree/cc_buffer_mgr.c b/drivers/crypto/ccree/cc_buffer_mgr.c
index c81ad33f9115..a72586eccd81 100644
--- a/drivers/crypto/ccree/cc_buffer_mgr.c
+++ b/drivers/crypto/ccree/cc_buffer_mgr.c
@@ -99,27 +99,6 @@ static unsigned int cc_get_sgl_nents(struct device *dev,
return nents;
}
-/**
- * cc_zero_sgl() - Zero scatter scatter list data.
- *
- * @sgl:
- */
-void cc_zero_sgl(struct scatterlist *sgl, u32 data_len)
-{
- struct scatterlist *current_sg = sgl;
- int sg_index = 0;
-
- while (sg_index <= data_len) {
- if (!current_sg) {
- /* reached the end of the sgl --> just return back */
- return;
- }
- memset(sg_virt(current_sg), 0, current_sg->length);
- sg_index += current_sg->length;
- current_sg = sg_next(current_sg);
- }
-}
-
/**
* cc_copy_sg_portion() - Copy scatter list data,
* from to_skip to end, to dest and vice versa
diff --git a/drivers/crypto/ccree/cc_buffer_mgr.h b/drivers/crypto/ccree/cc_buffer_mgr.h
index a726016bdbc1..af434872c6ff 100644
--- a/drivers/crypto/ccree/cc_buffer_mgr.h
+++ b/drivers/crypto/ccree/cc_buffer_mgr.h
@@ -66,6 +66,4 @@ void cc_unmap_hash_request(struct device *dev, void *ctx,
void cc_copy_sg_portion(struct device *dev, u8 *dest, struct scatterlist *sg,
u32 to_skip, u32 end, enum cc_sg_cpy_direct direct);
-void cc_zero_sgl(struct scatterlist *sgl, u32 data_len);
-
#endif /*__BUFFER_MGR_H__*/
--
2.21.0
^ permalink raw reply related [flat|nested] 4+ messages in thread