On 7/18/2019 5:45 PM, Iuliana Prodan wrote: > From: Horia Geantă <horia.geanta@xxxxxxx> > > skcipher encryption might fail and in some cases, like (invalid) input > length smaller then block size, updating the IV would lead to panic > due to copying from a negative offset (req->cryptlen - ivsize). > The commit message is no longer in sync with the code base. More exactly, after commit 334d37c9e263 ("crypto: caam - update IV using HW support") there shouldn't be any panic, only a useless IV copy in case HW issued an error. > Signed-off-by: Horia Geantă <horia.geanta@xxxxxxx> > Signed-off-by: Iuliana Prodan <iuliana.prodan@xxxxxxx> > --- > drivers/crypto/caam/caamalg.c | 5 ++--- > drivers/crypto/caam/caamalg_qi.c | 4 +++- > drivers/crypto/caam/caamalg_qi2.c | 8 ++++++-- > 3 files changed, 11 insertions(+), 6 deletions(-) > > diff --git a/drivers/crypto/caam/caamalg.c b/drivers/crypto/caam/caamalg.c > index 06b4f2d..28d55a0 100644 > --- a/drivers/crypto/caam/caamalg.c > +++ b/drivers/crypto/caam/caamalg.c > @@ -990,10 +990,9 @@ static void skcipher_encrypt_done(struct device *jrdev, u32 *desc, u32 err, > * ciphertext block (CBC mode) or last counter (CTR mode). > * This is used e.g. by the CTS mode. > */ > - if (ivsize) { > + if (ivsize && !ecode) { > memcpy(req->iv, (u8 *)edesc->sec4_sg + edesc->sec4_sg_bytes, > ivsize); > - > print_hex_dump_debug("dstiv @"__stringify(__LINE__)": ", > DUMP_PREFIX_ADDRESS, 16, 4, req->iv, > edesc->src_nents > 1 ? 100 : ivsize, 1); > @@ -1030,7 +1029,7 @@ static void skcipher_decrypt_done(struct device *jrdev, u32 *desc, u32 err, > * ciphertext block (CBC mode) or last counter (CTR mode). > * This is used e.g. by the CTS mode. > */ > - if (ivsize) { > + if (ivsize && !ecode) { > memcpy(req->iv, (u8 *)edesc->sec4_sg + edesc->sec4_sg_bytes, > ivsize); > > diff --git a/drivers/crypto/caam/caamalg_qi.c b/drivers/crypto/caam/caamalg_qi.c > index ab263b1..66531d6 100644 > --- a/drivers/crypto/caam/caamalg_qi.c > +++ b/drivers/crypto/caam/caamalg_qi.c > @@ -1201,7 +1201,9 @@ static void skcipher_done(struct caam_drv_req *drv_req, u32 status) > * ciphertext block (CBC mode) or last counter (CTR mode). > * This is used e.g. by the CTS mode. > */ > - memcpy(req->iv, (u8 *)&edesc->sgt[0] + edesc->qm_sg_bytes, ivsize); > + if (!ecode) > + memcpy(req->iv, (u8 *)&edesc->sgt[0] + edesc->qm_sg_bytes, > + ivsize); > > qi_cache_free(edesc); > skcipher_request_complete(req, ecode); > diff --git a/drivers/crypto/caam/caamalg_qi2.c b/drivers/crypto/caam/caamalg_qi2.c > index 2681581..bc370af 100644 > --- a/drivers/crypto/caam/caamalg_qi2.c > +++ b/drivers/crypto/caam/caamalg_qi2.c > @@ -1358,7 +1358,9 @@ static void skcipher_encrypt_done(void *cbk_ctx, u32 status) > * ciphertext block (CBC mode) or last counter (CTR mode). > * This is used e.g. by the CTS mode. > */ > - memcpy(req->iv, (u8 *)&edesc->sgt[0] + edesc->qm_sg_bytes, ivsize); > + if (!ecode) > + memcpy(req->iv, (u8 *)&edesc->sgt[0] + edesc->qm_sg_bytes, > + ivsize); > > qi_cache_free(edesc); > skcipher_request_complete(req, ecode); > @@ -1394,7 +1396,9 @@ static void skcipher_decrypt_done(void *cbk_ctx, u32 status) > * ciphertext block (CBC mode) or last counter (CTR mode). > * This is used e.g. by the CTS mode. > */ > - memcpy(req->iv, (u8 *)&edesc->sgt[0] + edesc->qm_sg_bytes, ivsize); > + if (!ecode) > + memcpy(req->iv, (u8 *)&edesc->sgt[0] + edesc->qm_sg_bytes, > + ivsize); > > qi_cache_free(edesc); > skcipher_request_complete(req, ecode); >