On 4/27/2017 6:46 PM, Martin Hicks wrote: > > The max keysize for both of these is 128, not 96. Before, with keysizes > over 96, the memcpy in ahash_setkey() would overwrite memory beyond the > key field. > While here, what about aead_setkey()? AFAICT, TALITOS_MAX_KEY_SIZE value has been incorrect since forever; it does not cover the maximum values of encryption key + authentication key for authenc algorithms. So, based on algorithms currently registered, I think this should be: #define TALITOS_MAX_KEY_SIZE (AES_MAX_KEY_SIZE + \ SHA512_BLOCK_SIZE) > Signed-off-by: Martin Hicks <mort@xxxxxxxx> Cc: stable@xxxxxxxxxxxxxxx # 3.6+ Fixes: 357fb60502ede ("crypto: talitos - add sha224, sha384 and sha512 to existing AEAD algorithms") > --- > drivers/crypto/talitos.c | 2 +- > 1 file changed, 1 insertion(+), 1 deletion(-) > > diff --git a/drivers/crypto/talitos.c b/drivers/crypto/talitos.c > index 0bba6a1..97dc85e 100644 > --- a/drivers/crypto/talitos.c > +++ b/drivers/crypto/talitos.c > @@ -816,7 +816,7 @@ static void talitos_unregister_rng(struct device *dev) > * HMAC_SNOOP_NO_AFEA (HSNA) instead of type IPSEC_ESP > */ > #define TALITOS_CRA_PRIORITY_AEAD_HSNA (TALITOS_CRA_PRIORITY - 1) > -#define TALITOS_MAX_KEY_SIZE 96 > +#define TALITOS_MAX_KEY_SIZE SHA512_BLOCK_SIZE /* SHA512 has the largest keysize input */ > #define TALITOS_MAX_IV_LENGTH 16 /* max of AES_BLOCK_SIZE, DES3_EDE_BLOCK_SIZE */ > > struct talitos_ctx { >