• Jan Stancek's avatar
    crypto: nx - respect sg limit bounds when building sg lists for SHA · d3392f41
    Jan Stancek authored
    Commit 00085111 changed sha256/512 update functions to
    pass more data to nx_build_sg_list(), which ends with
    sg list overflows and usually with update functions failing
    for data larger than max_sg_len * NX_PAGE_SIZE.
    
    This happens because:
    - both "total" and "to_process" are updated, which leads to
      "to_process" getting overflowed for some data lengths
      For example:
        In first iteration "total" is 50, and let's assume "to_process"
        is 30 due to sg limits. At the end of first iteration "total" is
        set to 20. At start of 2nd iteration "to_process" overflows on:
          to_process = total - to_process;
    - "in_sg" is not reset to nx_ctx->in_sg after each iteration
    - nx_build_sg_list() is hitting overflow because the amount of data
      passed to it would require more than sgmax elements
    - as consequence of previous item, data stored in overflowed sg list
      may no longer be aligned to SHA*_BLOCK_SIZE
    
    This patch changes sha256/512 update functions so that "to_process"
    respects sg limits and never tries to pass more data to
    nx_build_sg_list() to avoid overflows. "to_process" is calculated
    as minimum of "total" and sg limits at start of every iteration.
    
    Fixes: 00085111 ("crypto: nx - Fix SHA concurrence issue and sg
    		      limit bounds")
    Signed-off-by: default avatarJan Stancek <jstancek@redhat.com>
    Cc: stable@vger.kernel.org
    Cc: Leonidas Da Silva Barbosa <leosilva@linux.vnet.ibm.com>
    Cc: Marcelo Henrique Cerri <mhcerri@linux.vnet.ibm.com>
    Cc: Fionnuala Gunter <fin@linux.vnet.ibm.com>
    Cc: "David S. Miller" <davem@davemloft.net>
    Signed-off-by: default avatarHerbert Xu <herbert@gondor.apana.org.au>
    d3392f41
nx-sha256.c 8.17 KB