Commit 7f7216cf authored by Gary R Hook's avatar Gary R Hook Committed by Herbert Xu

crypto: ccp - Rework the unit-size check for XTS-AES

The CCP supports a limited set of unit-size values. Change the check
for this parameter such that acceptable values match the enumeration.
Then clarify the conditions under which we must use the fallback
implementation.
Signed-off-by: default avatarGary R Hook <gary.hook@amd.com>
Signed-off-by: default avatarHerbert Xu <herbert@gondor.apana.org.au>
parent 47f27f16
...@@ -39,46 +39,26 @@ struct ccp_unit_size_map { ...@@ -39,46 +39,26 @@ struct ccp_unit_size_map {
u32 value; u32 value;
}; };
static struct ccp_unit_size_map unit_size_map[] = { static struct ccp_unit_size_map xts_unit_sizes[] = {
{ {
.size = 4096, .size = 16,
.value = CCP_XTS_AES_UNIT_SIZE_4096, .value = CCP_XTS_AES_UNIT_SIZE_16,
},
{
.size = 2048,
.value = CCP_XTS_AES_UNIT_SIZE_2048,
},
{
.size = 1024,
.value = CCP_XTS_AES_UNIT_SIZE_1024,
}, },
{ {
.size = 512, .size = 512,
.value = CCP_XTS_AES_UNIT_SIZE_512, .value = CCP_XTS_AES_UNIT_SIZE_512,
}, },
{ {
.size = 256, .size = 1024,
.value = CCP_XTS_AES_UNIT_SIZE__LAST, .value = CCP_XTS_AES_UNIT_SIZE_1024,
},
{
.size = 128,
.value = CCP_XTS_AES_UNIT_SIZE__LAST,
},
{
.size = 64,
.value = CCP_XTS_AES_UNIT_SIZE__LAST,
},
{
.size = 32,
.value = CCP_XTS_AES_UNIT_SIZE__LAST,
}, },
{ {
.size = 16, .size = 2048,
.value = CCP_XTS_AES_UNIT_SIZE_16, .value = CCP_XTS_AES_UNIT_SIZE_2048,
}, },
{ {
.size = 1, .size = 4096,
.value = CCP_XTS_AES_UNIT_SIZE__LAST, .value = CCP_XTS_AES_UNIT_SIZE_4096,
}, },
}; };
...@@ -138,16 +118,19 @@ static int ccp_aes_xts_crypt(struct ablkcipher_request *req, ...@@ -138,16 +118,19 @@ static int ccp_aes_xts_crypt(struct ablkcipher_request *req,
if (!req->info) if (!req->info)
return -EINVAL; return -EINVAL;
/* Check conditions under which the CCP can fulfill a request. The
* device can handle input plaintext of a length that is a multiple
* of the unit_size, bug the crypto implementation only supports
* the unit_size being equal to the input length. This limits the
* number of scenarios we can handle.
*/
unit_size = CCP_XTS_AES_UNIT_SIZE__LAST; unit_size = CCP_XTS_AES_UNIT_SIZE__LAST;
if (req->nbytes <= unit_size_map[0].size) { for (unit = 0; unit < ARRAY_SIZE(xts_unit_sizes); unit++) {
for (unit = 0; unit < ARRAY_SIZE(unit_size_map); unit++) { if (req->nbytes == xts_unit_sizes[unit].size) {
if (!(req->nbytes & (unit_size_map[unit].size - 1))) { unit_size = unit;
unit_size = unit_size_map[unit].value; break;
break;
}
} }
} }
if ((unit_size == CCP_XTS_AES_UNIT_SIZE__LAST) || if ((unit_size == CCP_XTS_AES_UNIT_SIZE__LAST) ||
(ctx->u.aes.key_len != AES_KEYSIZE_128)) { (ctx->u.aes.key_len != AES_KEYSIZE_128)) {
SKCIPHER_REQUEST_ON_STACK(subreq, ctx->u.aes.tfm_skcipher); SKCIPHER_REQUEST_ON_STACK(subreq, ctx->u.aes.tfm_skcipher);
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment