Commit d91a3159 authored by Devulapally Shiva Krishna's avatar Devulapally Shiva Krishna Committed by David S. Miller

Crypto/chcr: fix gcm-aes and rfc4106-gcm failed tests

This patch fixes two issues observed during self tests with
CONFIG_CRYPTO_MANAGER_EXTRA_TESTS enabled.

1. gcm(aes) hang issue , that happens during decryption.
2. rfc4106-gcm-aes-chcr encryption unexpectedly succeeded.

For gcm-aes decryption , authtag is not mapped due to
sg_nents_for_len(upto size: assoclen+ cryptlen - authsize).
So fix it by dma_mapping authtag.
Also replaced sg_nents() to sg_nents_for_len() in case of aead_dma_unmap().

For rfc4106-gcm-aes-chcr, used crypto_ipsec_check_assoclen() for checking
the validity of assoclen.
Signed-off-by: default avatarAyush Sawal <ayush.sawal@chelsio.com>
Signed-off-by: default avatarDevulapally Shiva Krishna <shiva@chelsio.com>
Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
parent 33395f4a
...@@ -2556,7 +2556,7 @@ int chcr_aead_dma_map(struct device *dev, ...@@ -2556,7 +2556,7 @@ int chcr_aead_dma_map(struct device *dev,
int dst_size; int dst_size;
dst_size = req->assoclen + req->cryptlen + (op_type ? dst_size = req->assoclen + req->cryptlen + (op_type ?
-authsize : authsize); 0 : authsize);
if (!req->cryptlen || !dst_size) if (!req->cryptlen || !dst_size)
return 0; return 0;
reqctx->iv_dma = dma_map_single(dev, reqctx->iv, (IV + reqctx->b0_len), reqctx->iv_dma = dma_map_single(dev, reqctx->iv, (IV + reqctx->b0_len),
...@@ -2603,15 +2603,16 @@ void chcr_aead_dma_unmap(struct device *dev, ...@@ -2603,15 +2603,16 @@ void chcr_aead_dma_unmap(struct device *dev,
int dst_size; int dst_size;
dst_size = req->assoclen + req->cryptlen + (op_type ? dst_size = req->assoclen + req->cryptlen + (op_type ?
-authsize : authsize); 0 : authsize);
if (!req->cryptlen || !dst_size) if (!req->cryptlen || !dst_size)
return; return;
dma_unmap_single(dev, reqctx->iv_dma, (IV + reqctx->b0_len), dma_unmap_single(dev, reqctx->iv_dma, (IV + reqctx->b0_len),
DMA_BIDIRECTIONAL); DMA_BIDIRECTIONAL);
if (req->src == req->dst) { if (req->src == req->dst) {
dma_unmap_sg(dev, req->src, sg_nents(req->src), dma_unmap_sg(dev, req->src,
DMA_BIDIRECTIONAL); sg_nents_for_len(req->src, dst_size),
DMA_BIDIRECTIONAL);
} else { } else {
dma_unmap_sg(dev, req->src, sg_nents(req->src), dma_unmap_sg(dev, req->src, sg_nents(req->src),
DMA_TO_DEVICE); DMA_TO_DEVICE);
...@@ -3702,6 +3703,13 @@ static int chcr_aead_op(struct aead_request *req, ...@@ -3702,6 +3703,13 @@ static int chcr_aead_op(struct aead_request *req,
return -ENOSPC; return -ENOSPC;
} }
if (get_aead_subtype(tfm) == CRYPTO_ALG_SUB_TYPE_AEAD_RFC4106 &&
crypto_ipsec_check_assoclen(req->assoclen) != 0) {
pr_err("RFC4106: Invalid value of assoclen %d\n",
req->assoclen);
return -EINVAL;
}
/* Form a WR from req */ /* Form a WR from req */
skb = create_wr_fn(req, u_ctx->lldi.rxq_ids[reqctx->rxqidx], size); skb = create_wr_fn(req, u_ctx->lldi.rxq_ids[reqctx->rxqidx], size);
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment