From: Gilad Ben-Yossef <gilad@benyossef.com>
To: Herbert Xu <herbert@gondor.apana.org.au>,
"David S. Miller" <davem@davemloft.net>
Cc: Ofir Drang <ofir.drang@arm.com>,
linux-crypto@vger.kernel.org, linux-kernel@vger.kernel.org
Subject: [PATCH 22/35] crypto: ccree: simplify fragment ICV detection
Date: Thu, 18 Apr 2019 16:38:57 +0300 [thread overview]
Message-ID: <20190418133913.9122-23-gilad@benyossef.com> (raw)
In-Reply-To: <20190418133913.9122-1-gilad@benyossef.com>
The code detecting whether the ICV is fragmented was overly
complex and limited the number of fragments an ICV may be
comprised of with no reason in the current code, casuing the
new testmgr tests to fail.
This patch removes this legacy limitation and greatly simplifies
the code.
Signed-off-by: Gilad Ben-Yossef <gilad@benyossef.com>
---
drivers/crypto/ccree/cc_buffer_mgr.c | 106 ++++++---------------------
drivers/crypto/ccree/cc_driver.h | 1 -
2 files changed, 21 insertions(+), 86 deletions(-)
diff --git a/drivers/crypto/ccree/cc_buffer_mgr.c b/drivers/crypto/ccree/cc_buffer_mgr.c
index 09d352591a30..8269474cb9fa 100644
--- a/drivers/crypto/ccree/cc_buffer_mgr.c
+++ b/drivers/crypto/ccree/cc_buffer_mgr.c
@@ -602,55 +602,10 @@ void cc_unmap_aead_request(struct device *dev, struct aead_request *req)
}
}
-static int cc_get_aead_icv_nents(struct device *dev, struct scatterlist *sgl,
- unsigned int sgl_nents, unsigned int authsize,
- u32 last_entry_data_size,
- bool *is_icv_fragmented)
+static bool cc_is_icv_frag(unsigned int sgl_nents, unsigned int authsize,
+ u32 last_entry_data_size)
{
- unsigned int icv_max_size = 0;
- unsigned int icv_required_size = authsize > last_entry_data_size ?
- (authsize - last_entry_data_size) :
- authsize;
- unsigned int nents;
- unsigned int i;
-
- if (sgl_nents < MAX_ICV_NENTS_SUPPORTED) {
- *is_icv_fragmented = false;
- return 0;
- }
-
- for (i = 0 ; i < (sgl_nents - MAX_ICV_NENTS_SUPPORTED) ; i++) {
- if (!sgl)
- break;
- sgl = sg_next(sgl);
- }
-
- if (sgl)
- icv_max_size = sgl->length;
-
- if (last_entry_data_size > authsize) {
- /* ICV attached to data in last entry (not fragmented!) */
- nents = 0;
- *is_icv_fragmented = false;
- } else if (last_entry_data_size == authsize) {
- /* ICV placed in whole last entry (not fragmented!) */
- nents = 1;
- *is_icv_fragmented = false;
- } else if (icv_max_size > icv_required_size) {
- nents = 1;
- *is_icv_fragmented = true;
- } else if (icv_max_size == icv_required_size) {
- nents = 2;
- *is_icv_fragmented = true;
- } else {
- dev_err(dev, "Unsupported num. of ICV fragments (> %d)\n",
- MAX_ICV_NENTS_SUPPORTED);
- nents = -1; /*unsupported*/
- }
- dev_dbg(dev, "is_frag=%s icv_nents=%u\n",
- (*is_icv_fragmented ? "true" : "false"), nents);
-
- return nents;
+ return ((sgl_nents > 1) && (last_entry_data_size < authsize));
}
static int cc_aead_chain_iv(struct cc_drvdata *drvdata,
@@ -817,16 +772,15 @@ static void cc_prepare_aead_data_dlli(struct aead_request *req,
}
}
-static int cc_prepare_aead_data_mlli(struct cc_drvdata *drvdata,
- struct aead_request *req,
- struct buffer_array *sg_data,
- u32 *src_last_bytes, u32 *dst_last_bytes,
- bool is_last_table)
+static void cc_prepare_aead_data_mlli(struct cc_drvdata *drvdata,
+ struct aead_request *req,
+ struct buffer_array *sg_data,
+ u32 *src_last_bytes, u32 *dst_last_bytes,
+ bool is_last_table)
{
struct aead_req_ctx *areq_ctx = aead_request_ctx(req);
enum drv_crypto_direction direct = areq_ctx->gen_ctx.op_type;
unsigned int authsize = areq_ctx->req_authsize;
- int rc = 0, icv_nents;
struct device *dev = drvdata_to_dev(drvdata);
struct scatterlist *sg;
@@ -837,14 +791,9 @@ static int cc_prepare_aead_data_mlli(struct cc_drvdata *drvdata,
areq_ctx->src_offset, is_last_table,
&areq_ctx->src.mlli_nents);
- icv_nents = cc_get_aead_icv_nents(dev, areq_ctx->src_sgl,
- areq_ctx->src.nents,
- authsize, *src_last_bytes,
- &areq_ctx->is_icv_fragmented);
- if (icv_nents < 0) {
- rc = -ENOTSUPP;
- goto prepare_data_mlli_exit;
- }
+ areq_ctx->is_icv_fragmented =
+ cc_is_icv_frag(areq_ctx->src.nents, authsize,
+ *src_last_bytes);
if (areq_ctx->is_icv_fragmented) {
/* Backup happens only when ICV is fragmented, ICV
@@ -886,16 +835,11 @@ static int cc_prepare_aead_data_mlli(struct cc_drvdata *drvdata,
areq_ctx->dst_offset, is_last_table,
&areq_ctx->dst.mlli_nents);
- icv_nents = cc_get_aead_icv_nents(dev, areq_ctx->src_sgl,
- areq_ctx->src.nents,
- authsize, *src_last_bytes,
- &areq_ctx->is_icv_fragmented);
- if (icv_nents < 0) {
- rc = -ENOTSUPP;
- goto prepare_data_mlli_exit;
- }
-
+ areq_ctx->is_icv_fragmented =
+ cc_is_icv_frag(areq_ctx->src.nents, authsize,
+ *src_last_bytes);
/* Backup happens only when ICV is fragmented, ICV
+
* verification is made by CPU compare in order to simplify
* MAC verification upon request completion
*/
@@ -923,14 +867,9 @@ static int cc_prepare_aead_data_mlli(struct cc_drvdata *drvdata,
areq_ctx->src_offset, is_last_table,
&areq_ctx->src.mlli_nents);
- icv_nents = cc_get_aead_icv_nents(dev, areq_ctx->dst_sgl,
- areq_ctx->dst.nents,
- authsize, *dst_last_bytes,
- &areq_ctx->is_icv_fragmented);
- if (icv_nents < 0) {
- rc = -ENOTSUPP;
- goto prepare_data_mlli_exit;
- }
+ areq_ctx->is_icv_fragmented =
+ cc_is_icv_frag(areq_ctx->dst.nents, authsize,
+ *dst_last_bytes);
if (!areq_ctx->is_icv_fragmented) {
sg = &areq_ctx->dst_sgl[areq_ctx->dst.nents - 1];
@@ -944,9 +883,6 @@ static int cc_prepare_aead_data_mlli(struct cc_drvdata *drvdata,
areq_ctx->icv_virt_addr = areq_ctx->mac_buf;
}
}
-
-prepare_data_mlli_exit:
- return rc;
}
static int cc_aead_chain_data(struct cc_drvdata *drvdata,
@@ -1053,9 +989,9 @@ static int cc_aead_chain_data(struct cc_drvdata *drvdata,
dst_mapped_nents > 1 ||
do_chain) {
areq_ctx->data_buff_type = CC_DMA_BUF_MLLI;
- rc = cc_prepare_aead_data_mlli(drvdata, req, sg_data,
- &src_last_bytes,
- &dst_last_bytes, is_last_table);
+ cc_prepare_aead_data_mlli(drvdata, req, sg_data,
+ &src_last_bytes, &dst_last_bytes,
+ is_last_table);
} else {
areq_ctx->data_buff_type = CC_DMA_BUF_DLLI;
cc_prepare_aead_data_dlli(req, &src_last_bytes,
diff --git a/drivers/crypto/ccree/cc_driver.h b/drivers/crypto/ccree/cc_driver.h
index d21e0f0b5218..935ae0ba75c0 100644
--- a/drivers/crypto/ccree/cc_driver.h
+++ b/drivers/crypto/ccree/cc_driver.h
@@ -108,7 +108,6 @@ enum cc_std_body {
#define MAX_REQUEST_QUEUE_SIZE 4096
#define MAX_MLLI_BUFF_SIZE 2080
-#define MAX_ICV_NENTS_SUPPORTED 2
/* Definitions for HW descriptors DIN/DOUT fields */
#define NS_BIT 1
--
2.21.0
next prev parent reply other threads:[~2019-04-18 13:41 UTC|newest]
Thread overview: 43+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-04-18 13:38 [PATCH 00/35] crypto: ccree: features and bug fixes for 5.2 Gilad Ben-Yossef
2019-04-18 13:38 ` [PATCH 01/35] crypto: testmgr: add missing self test entries for protected keys Gilad Ben-Yossef
2019-04-18 13:38 ` [PATCH 02/35] crypto: ccree: move key load desc. before flow desc Gilad Ben-Yossef
2019-04-18 13:38 ` [PATCH 03/35] crypto: ccree: move MLLI desc. before key load Gilad Ben-Yossef
2019-04-18 13:38 ` [PATCH 04/35] crypto: ccree: add support for sec disabled mode Gilad Ben-Yossef
2019-04-18 13:38 ` [PATCH 05/35] crypto: ccree: add CPP completion handling Gilad Ben-Yossef
2019-04-18 13:38 ` [PATCH 06/35] crypto: ccree: add remaining logic for CPP Gilad Ben-Yossef
2019-04-18 13:38 ` [PATCH 07/35] crypto: ccree: add SM4 protected keys support Gilad Ben-Yossef
2019-04-18 13:38 ` [PATCH 08/35] crypto: ccree: adapt CPP descriptor to new HW Gilad Ben-Yossef
2019-04-18 13:38 ` [PATCH 09/35] crypto: ccree: read next IV from HW Gilad Ben-Yossef
2019-04-18 13:38 ` [PATCH 10/35] crypto: ccree: add CID and PID support Gilad Ben-Yossef
2019-04-18 13:38 ` [PATCH 11/35] crypto: ccree: fix backlog notifications Gilad Ben-Yossef
2019-04-18 13:38 ` [PATCH 12/35] crypto: ccree: use proper callback completion api Gilad Ben-Yossef
2019-04-18 13:38 ` [PATCH 13/35] crypto: ccree: remove special handling of chained sg Gilad Ben-Yossef
2019-04-18 13:38 ` [PATCH 14/35] crypto: ccree: fix typo in debugfs error path Gilad Ben-Yossef
2019-04-18 13:38 ` [PATCH 15/35] crypto: ccree: fix mem leak on " Gilad Ben-Yossef
2019-04-18 13:38 ` [PATCH 16/35] crypto: ccree: use devm_kzalloc for device data Gilad Ben-Yossef
2019-04-18 13:38 ` [PATCH 17/35] crypto: ccree: use std api when possible Gilad Ben-Yossef
2019-04-18 13:38 ` [PATCH 18/35] crypto: ccree: copyright header update Gilad Ben-Yossef
2019-04-18 13:38 ` [PATCH 19/35] crypto: ccree: zero out internal struct before use Gilad Ben-Yossef
2019-04-18 13:38 ` [PATCH 20/35] crypto: ccree: do not copy zero size MLLI table Gilad Ben-Yossef
2019-04-18 13:38 ` [PATCH 21/35] crypto: ccree: remove unused defines Gilad Ben-Yossef
2019-04-18 13:38 ` Gilad Ben-Yossef [this message]
2019-04-18 13:38 ` [PATCH 23/35] crypto: ccree: simplify AEAD ICV addr calculation Gilad Ben-Yossef
2019-04-18 13:38 ` [PATCH 24/35] crypto: ccree: don't mangle the request assoclen Gilad Ben-Yossef
2019-04-18 13:39 ` [PATCH 25/35] crypto: ccree: make AEAD sgl iterator well behaved Gilad Ben-Yossef
2019-04-18 13:39 ` [PATCH 26/35] crypto: ccree: zap entire sg on aead request unmap Gilad Ben-Yossef
2019-04-18 13:39 ` [PATCH 27/35] crypto: ccree: use correct internal state sizes for export Gilad Ben-Yossef
2019-04-18 13:39 ` [PATCH 28/35] crypto: ccree: allow more AEAD assoc data fragments Gilad Ben-Yossef
2019-04-18 13:39 ` [PATCH 29/35] crypto: ccree: don't map MAC key on stack Gilad Ben-Yossef
2019-04-18 13:39 ` [PATCH 30/35] crypto: ccree: don't map AEAD key and IV " Gilad Ben-Yossef
2019-04-18 13:39 ` [PATCH 31/35] crypto: ccree: pm resume first enable the source clk Gilad Ben-Yossef
2019-04-18 13:39 ` [PATCH 32/35] crypto: ccree: remove cc7x3 obsoleted AXIM configs Gilad Ben-Yossef
2019-04-18 13:39 ` [PATCH 33/35] crypto: ccree: HOST_POWER_DOWN_EN should be the last CC access during suspend Gilad Ben-Yossef
2019-04-18 13:39 ` [PATCH 34/35] crypto: ccree: add function to handle cryptocell tee fips error Gilad Ben-Yossef
2019-04-18 13:39 ` [PATCH 35/35] crypto: ccree: handle tee fips error during power management resume Gilad Ben-Yossef
2019-04-21 8:52 ` [PATCH 00/35] crypto: ccree: features and bug fixes for 5.2 Gilad Ben-Yossef
2019-05-17 14:52 ` Greg KH
2019-05-18 7:36 ` Gilad Ben-Yossef
2019-05-19 8:28 ` Gilad Ben-Yossef
2019-05-20 9:30 ` Greg KH
2019-05-20 11:51 ` Gilad Ben-Yossef
2019-04-25 7:50 ` Herbert Xu
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20190418133913.9122-23-gilad@benyossef.com \
--to=gilad@benyossef.com \
--cc=davem@davemloft.net \
--cc=herbert@gondor.apana.org.au \
--cc=linux-crypto@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=ofir.drang@arm.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).