Re: [PATCH v2] crypto: caam - fix IV loading for authenc (giv)decryption

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On 8/26/2016 6:33 PM, Horia Geantă wrote:
> For algorithms that implement IV generators before the crypto ops,
> the IV needed for decryption is initially located in req->src
> scatterlist, not in req->iv.
> 
> Avoid copying the IV into req->iv by modifying the (givdecrypt)
> descriptors to load it directly from req->src.
> aead_givdecrypt() is no longer needed and goes away.
> 
> Cc: <stable@xxxxxxxxxxxxxxx> # 4.3+
> Fixes: 479bcc7c5b9e ("crypto: caam - Convert authenc to new AEAD interface")
> Signed-off-by: Horia Geantă <horia.geanta@xxxxxxx>
> ---
> 
>  drivers/crypto/caam/caamalg.c | 77 +++++++++++++++++++++----------------------
>  1 file changed, 37 insertions(+), 40 deletions(-)
> 
> diff --git a/drivers/crypto/caam/caamalg.c b/drivers/crypto/caam/caamalg.c
> index 6dc597126b79..775b8b524913 100644
> --- a/drivers/crypto/caam/caamalg.c
> +++ b/drivers/crypto/caam/caamalg.c
> @@ -556,7 +556,10 @@ skip_enc:
>  
>  	/* Read and write assoclen bytes */
>  	append_math_add(desc, VARSEQINLEN, ZERO, REG3, CAAM_CMD_SZ);
> -	append_math_add(desc, VARSEQOUTLEN, ZERO, REG3, CAAM_CMD_SZ);
> +	if (alg->caam.geniv)
> +		append_math_add_imm_u32(desc, VARSEQOUTLEN, REG3, IMM, ivsize);
> +	else
> +		append_math_add(desc, VARSEQOUTLEN, ZERO, REG3, CAAM_CMD_SZ);
>  
>  	/* Skip assoc data */
>  	append_seq_fifo_store(desc, 0, FIFOST_TYPE_SKIP | FIFOLDST_VLF);
> @@ -565,6 +568,14 @@ skip_enc:
>  	append_seq_fifo_load(desc, 0, FIFOLD_CLASS_CLASS2 | FIFOLD_TYPE_MSG |
>  			     KEY_VLF);
>  
> +	if (alg->caam.geniv) {
> +		append_seq_load(desc, ivsize, LDST_CLASS_1_CCB |
> +				LDST_SRCDST_BYTE_CONTEXT |
> +				(ctx1_iv_off << LDST_OFFSET_SHIFT));
> +		append_move(desc, MOVE_SRC_CLASS1CTX | MOVE_DEST_CLASS2INFIFO |
> +			    (ctx1_iv_off << MOVE_OFFSET_SHIFT) | ivsize);
> +	}
> +
>  	/* Load Counter into CONTEXT1 reg */
>  	if (is_rfc3686)
>  		append_load_imm_u32(desc, be32_to_cpu(1), LDST_IMM |
> @@ -2150,7 +2161,7 @@ static void init_authenc_job(struct aead_request *req,
>  
>  	init_aead_job(req, edesc, all_contig, encrypt);
>  
> -	if (ivsize && (is_rfc3686 || !(alg->caam.geniv && encrypt)))
> +	if (ivsize && !alg->caam.geniv)

This condition update is incorrect, since IV won't be loaded neither
here nor in the givencrypt aead descriptor for rfc3686 case.
I'll send v3 shortly.

>  		append_load_as_imm(desc, req->iv, ivsize,
>  				   LDST_CLASS_1_CCB |
>  				   LDST_SRCDST_BYTE_CONTEXT |
--
To unsubscribe from this list: send the line "unsubscribe linux-crypto" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html




[Index of Archives]     [Kernel]     [Gnu Classpath]     [Gnu Crypto]     [DM Crypt]     [Netfilter]     [Bugtraq]

  Powered by Linux