Re: [PATCH v2] crypto: ccp - memset structure fields to zero before reuse

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Wed, Jul 10, 2019 at 03:59:05PM +0000, Gary R Hook wrote:
> On 7/9/19 8:57 PM, Eric Biggers wrote:
> > On Wed, Jul 10, 2019 at 12:09:22AM +0000, Hook, Gary wrote:
> >> The AES GCM function reuses an 'op' data structure, which members
> >> contain values that must be cleared for each (re)use.
> >>
> >> This fix resolves a crypto self-test failure:
> >> alg: aead: gcm-aes-ccp encryption test failed (wrong result) on test vector 2, cfg="two even aligned splits"
> >>
> >> Fixes: 36cf515b9bbe ("crypto: ccp - Enable support for AES GCM on v5 CCPs")
> >>
> >> Signed-off-by: Gary R Hook <gary.hook@xxxxxxx>
> > 
> > FYI, with this patch applied I'm still seeing another test failure:
> > 
> > [    2.140227] alg: aead: gcm-aes-ccp setauthsize unexpectedly succeeded on test vector "random: alen=264 plen=161 authsize=6 klen=32"; expected_error=-22
> > 
> > Are you aware of that one too, and are you planning to fix it?
> > 
> > - Eric
> > 
> 
> I just pulled the latest on the master branch of cryptodev-2.6, built, 
> booted, and loaded our module. And I don't see that error. It must be new?

Did you have CONFIG_CRYPTO_MANAGER_EXTRA_TESTS enabled?  This failure was with a
test vector that was generated randomly by the fuzz tests, so
CONFIG_CRYPTO_MANAGER_EXTRA_TESTS=y is needed to reproduce it.

You probably just need to update ccp_aes_gcm_setauthsize() to validate the
authentication tag size.

> 
> In any event, if a test failure occurs, it gets fixed.
> 

Good to hear.

- Eric



[Index of Archives]     [Kernel]     [Gnu Classpath]     [Gnu Crypto]     [DM Crypt]     [Netfilter]     [Bugtraq]

  Powered by Linux