Commit 3fed9baa authored by Nagadheeraj Rottela's avatar Nagadheeraj Rottela Committed by Herbert Xu

crypto: cavium/nitrox - check assoclen and authsize for gcm(aes) cipher

Check if device supports assoclen to solve hung task timeout error when
extra tests are enabled. Return -EINVAL if assoclen is not supported.
Check authsize to return -EINVAL if authentication tag size is invalid.
Change blocksize to 1 to match with generic implementation.
Signed-off-by: default avatarNagadheeraj Rottela <rnagadheeraj@marvell.com>
Reported-by: default avatarMallesham Jatharakonda <mallesham.jatharakonda@oneconvergence.com>
Suggested-by: default avatarMallesham Jatharakonda <mallesham.jatharakonda@oneconvergence.com>
Reviewed-by: default avatarSrikanth Jampala <jsrikanth@marvell.com>
Signed-off-by: default avatarHerbert Xu <herbert@gondor.apana.org.au>
parent bac5c49e
...@@ -74,6 +74,25 @@ static int nitrox_aead_setauthsize(struct crypto_aead *aead, ...@@ -74,6 +74,25 @@ static int nitrox_aead_setauthsize(struct crypto_aead *aead,
return 0; return 0;
} }
static int nitrox_aes_gcm_setauthsize(struct crypto_aead *aead,
unsigned int authsize)
{
switch (authsize) {
case 4:
case 8:
case 12:
case 13:
case 14:
case 15:
case 16:
break;
default:
return -EINVAL;
}
return nitrox_aead_setauthsize(aead, authsize);
}
static int alloc_src_sglist(struct nitrox_kcrypt_request *nkreq, static int alloc_src_sglist(struct nitrox_kcrypt_request *nkreq,
struct scatterlist *src, char *iv, int ivsize, struct scatterlist *src, char *iv, int ivsize,
int buflen) int buflen)
...@@ -186,6 +205,14 @@ static void nitrox_aead_callback(void *arg, int err) ...@@ -186,6 +205,14 @@ static void nitrox_aead_callback(void *arg, int err)
areq->base.complete(&areq->base, err); areq->base.complete(&areq->base, err);
} }
static inline bool nitrox_aes_gcm_assoclen_supported(unsigned int assoclen)
{
if (assoclen <= 512)
return true;
return false;
}
static int nitrox_aes_gcm_enc(struct aead_request *areq) static int nitrox_aes_gcm_enc(struct aead_request *areq)
{ {
struct crypto_aead *aead = crypto_aead_reqtfm(areq); struct crypto_aead *aead = crypto_aead_reqtfm(areq);
...@@ -195,6 +222,9 @@ static int nitrox_aes_gcm_enc(struct aead_request *areq) ...@@ -195,6 +222,9 @@ static int nitrox_aes_gcm_enc(struct aead_request *areq)
struct flexi_crypto_context *fctx = nctx->u.fctx; struct flexi_crypto_context *fctx = nctx->u.fctx;
int ret; int ret;
if (!nitrox_aes_gcm_assoclen_supported(areq->assoclen))
return -EINVAL;
memcpy(fctx->crypto.iv, areq->iv, GCM_AES_SALT_SIZE); memcpy(fctx->crypto.iv, areq->iv, GCM_AES_SALT_SIZE);
rctx->cryptlen = areq->cryptlen; rctx->cryptlen = areq->cryptlen;
...@@ -226,6 +256,9 @@ static int nitrox_aes_gcm_dec(struct aead_request *areq) ...@@ -226,6 +256,9 @@ static int nitrox_aes_gcm_dec(struct aead_request *areq)
struct flexi_crypto_context *fctx = nctx->u.fctx; struct flexi_crypto_context *fctx = nctx->u.fctx;
int ret; int ret;
if (!nitrox_aes_gcm_assoclen_supported(areq->assoclen))
return -EINVAL;
memcpy(fctx->crypto.iv, areq->iv, GCM_AES_SALT_SIZE); memcpy(fctx->crypto.iv, areq->iv, GCM_AES_SALT_SIZE);
rctx->cryptlen = areq->cryptlen - aead->authsize; rctx->cryptlen = areq->cryptlen - aead->authsize;
...@@ -492,13 +525,13 @@ static struct aead_alg nitrox_aeads[] = { { ...@@ -492,13 +525,13 @@ static struct aead_alg nitrox_aeads[] = { {
.cra_driver_name = "n5_aes_gcm", .cra_driver_name = "n5_aes_gcm",
.cra_priority = PRIO, .cra_priority = PRIO,
.cra_flags = CRYPTO_ALG_ASYNC, .cra_flags = CRYPTO_ALG_ASYNC,
.cra_blocksize = AES_BLOCK_SIZE, .cra_blocksize = 1,
.cra_ctxsize = sizeof(struct nitrox_crypto_ctx), .cra_ctxsize = sizeof(struct nitrox_crypto_ctx),
.cra_alignmask = 0, .cra_alignmask = 0,
.cra_module = THIS_MODULE, .cra_module = THIS_MODULE,
}, },
.setkey = nitrox_aes_gcm_setkey, .setkey = nitrox_aes_gcm_setkey,
.setauthsize = nitrox_aead_setauthsize, .setauthsize = nitrox_aes_gcm_setauthsize,
.encrypt = nitrox_aes_gcm_enc, .encrypt = nitrox_aes_gcm_enc,
.decrypt = nitrox_aes_gcm_dec, .decrypt = nitrox_aes_gcm_dec,
.init = nitrox_aes_gcm_init, .init = nitrox_aes_gcm_init,
...@@ -511,7 +544,7 @@ static struct aead_alg nitrox_aeads[] = { { ...@@ -511,7 +544,7 @@ static struct aead_alg nitrox_aeads[] = { {
.cra_driver_name = "n5_rfc4106", .cra_driver_name = "n5_rfc4106",
.cra_priority = PRIO, .cra_priority = PRIO,
.cra_flags = CRYPTO_ALG_ASYNC, .cra_flags = CRYPTO_ALG_ASYNC,
.cra_blocksize = AES_BLOCK_SIZE, .cra_blocksize = 1,
.cra_ctxsize = sizeof(struct nitrox_crypto_ctx), .cra_ctxsize = sizeof(struct nitrox_crypto_ctx),
.cra_alignmask = 0, .cra_alignmask = 0,
.cra_module = THIS_MODULE, .cra_module = THIS_MODULE,
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment