Hello Pascal,
On Tue, Sep 10, 2019 at 04:38:13PM +0200, Pascal van Leeuwen wrote:
> @@ -43,8 +44,8 @@ struct safexcel_cipher_ctx {
>
> u32 mode;
> enum safexcel_cipher_alg alg;
> - bool aead;
> - int xcm; /* 0=authenc, 1=GCM, 2 reserved for CCM */
> + char aead; /* !=0=AEAD, 2=IPSec ESP AEAD */
> + char xcm; /* 0=authenc, 1=GCM, 2 reserved for CCM */
You could use an u8 instead. It also seems the aead comment has an
issue, I'll let you check that.
> - dev_err(priv->dev, "aead: unsupported hash algorithm\n");
> + dev_err(priv->dev, "aead: unsupported hash algorithmn");
You remove the '\' here.
> @@ -440,6 +459,17 @@ static int safexcel_context_control(struct safexcel_cipher_ctx *ctx,
> CONTEXT_CONTROL_DIGEST_XCM |
> ctx->hash_alg |
> CONTEXT_CONTROL_SIZE(ctrl_size);
> + } else if (ctx->alg == SAFEXCEL_CHACHA20) {
> + /* Chacha20-Poly1305 */
> + cdesc->control_data.control0 =
> + CONTEXT_CONTROL_KEY_EN |
> + CONTEXT_CONTROL_CRYPTO_ALG_CHACHA20 |
> + (sreq->direction == SAFEXCEL_ENCRYPT ?
> + CONTEXT_CONTROL_TYPE_ENCRYPT_HASH_OUT :
> + CONTEXT_CONTROL_TYPE_HASH_DECRYPT_IN) |
> + ctx->hash_alg |
> + CONTEXT_CONTROL_SIZE(ctrl_size);
I think you could use an if + |= for readability here.
> +static int safexcel_aead_chachapoly_crypt(struct aead_request *req,
> + enum safexcel_cipher_direction dir)
> +{
> + struct safexcel_cipher_req *creq = aead_request_ctx(req);
> + struct crypto_aead *aead = crypto_aead_reqtfm(req);
> + struct crypto_tfm *tfm = crypto_aead_tfm(aead);
> + struct safexcel_cipher_ctx *ctx = crypto_tfm_ctx(tfm);
> + struct aead_request *subreq = aead_request_ctx(req);
> + u32 key[CHACHA_KEY_SIZE / sizeof(u32) + 1];
Shouldn't you explicitly memzero the key at the end of the function?
Thanks!
Antoine
--
Antoine Ténart, Bootlin
Embedded Linux and Kernel engineering
https://bootlin.com
