On 8/26/2016 6:33 PM, Horia Geantă wrote: > For algorithms that implement IV generators before the crypto ops, > the IV needed for decryption is initially located in req->src > scatterlist, not in req->iv. > > Avoid copying the IV into req->iv by modifying the (givdecrypt) > descriptors to load it directly from req->src. > aead_givdecrypt() is no longer needed and goes away. > > Cc: <stable@xxxxxxxxxxxxxxx> # 4.3+ > Fixes: 479bcc7c5b9e ("crypto: caam - Convert authenc to new AEAD interface") > Signed-off-by: Horia Geantă <horia.geanta@xxxxxxx> > --- > > drivers/crypto/caam/caamalg.c | 77 +++++++++++++++++++++---------------------- > 1 file changed, 37 insertions(+), 40 deletions(-) > > diff --git a/drivers/crypto/caam/caamalg.c b/drivers/crypto/caam/caamalg.c > index 6dc597126b79..775b8b524913 100644 > --- a/drivers/crypto/caam/caamalg.c > +++ b/drivers/crypto/caam/caamalg.c > @@ -556,7 +556,10 @@ skip_enc: > > /* Read and write assoclen bytes */ > append_math_add(desc, VARSEQINLEN, ZERO, REG3, CAAM_CMD_SZ); > - append_math_add(desc, VARSEQOUTLEN, ZERO, REG3, CAAM_CMD_SZ); > + if (alg->caam.geniv) > + append_math_add_imm_u32(desc, VARSEQOUTLEN, REG3, IMM, ivsize); > + else > + append_math_add(desc, VARSEQOUTLEN, ZERO, REG3, CAAM_CMD_SZ); > > /* Skip assoc data */ > append_seq_fifo_store(desc, 0, FIFOST_TYPE_SKIP | FIFOLDST_VLF); > @@ -565,6 +568,14 @@ skip_enc: > append_seq_fifo_load(desc, 0, FIFOLD_CLASS_CLASS2 | FIFOLD_TYPE_MSG | > KEY_VLF); > > + if (alg->caam.geniv) { > + append_seq_load(desc, ivsize, LDST_CLASS_1_CCB | > + LDST_SRCDST_BYTE_CONTEXT | > + (ctx1_iv_off << LDST_OFFSET_SHIFT)); > + append_move(desc, MOVE_SRC_CLASS1CTX | MOVE_DEST_CLASS2INFIFO | > + (ctx1_iv_off << MOVE_OFFSET_SHIFT) | ivsize); > + } > + > /* Load Counter into CONTEXT1 reg */ > if (is_rfc3686) > append_load_imm_u32(desc, be32_to_cpu(1), LDST_IMM | > @@ -2150,7 +2161,7 @@ static void init_authenc_job(struct aead_request *req, > > init_aead_job(req, edesc, all_contig, encrypt); > > - if (ivsize && (is_rfc3686 || !(alg->caam.geniv && encrypt))) > + if (ivsize && !alg->caam.geniv) This condition update is incorrect, since IV won't be loaded neither here nor in the givencrypt aead descriptor for rfc3686 case. I'll send v3 shortly. > append_load_as_imm(desc, req->iv, ivsize, > LDST_CLASS_1_CCB | > LDST_SRCDST_BYTE_CONTEXT | -- To unsubscribe from this list: send the line "unsubscribe linux-crypto" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html