On Tue, 10 Sep 2019 at 02:42, Herbert Xu <herbert@xxxxxxxxxxxxxxxxxxx> wrote: > > When algif_skcipher does a partial operation it always process data > that is a multiple of blocksize. However, for algorithms such as > CTR this is wrong because even though it can process any number of > bytes overall, the partial block must come at the very end and not > in the middle. > > This is exactly what chunksize is meant to describe so this patch > changes blocksize to chunksize. > > Fixes: 8ff590903d5f ("crypto: algif_skcipher - User-space...") > Signed-off-by: Herbert Xu <herbert@xxxxxxxxxxxxxxxxxxx> Acked-by: Ard Biesheuvel <ard.biesheuvel@xxxxxxxxxx> > > diff --git a/crypto/algif_skcipher.c b/crypto/algif_skcipher.c > index c1601edd70e3..e2c8ab408bed 100644 > --- a/crypto/algif_skcipher.c > +++ b/crypto/algif_skcipher.c > @@ -56,7 +56,7 @@ static int _skcipher_recvmsg(struct socket *sock, struct msghdr *msg, > struct alg_sock *pask = alg_sk(psk); > struct af_alg_ctx *ctx = ask->private; > struct crypto_skcipher *tfm = pask->private; > - unsigned int bs = crypto_skcipher_blocksize(tfm); > + unsigned int bs = crypto_skcipher_chunksize(tfm); > struct af_alg_async_req *areq; > int err = 0; > size_t len = 0; > diff --git a/include/crypto/internal/skcipher.h b/include/crypto/internal/skcipher.h > index 734b6f7081b8..3175dfeaed2c 100644 > --- a/include/crypto/internal/skcipher.h > +++ b/include/crypto/internal/skcipher.h > @@ -205,19 +205,6 @@ static inline unsigned int crypto_skcipher_alg_max_keysize( > return alg->max_keysize; > } > > -static inline unsigned int crypto_skcipher_alg_chunksize( > - struct skcipher_alg *alg) > -{ > - if ((alg->base.cra_flags & CRYPTO_ALG_TYPE_MASK) == > - CRYPTO_ALG_TYPE_BLKCIPHER) > - return alg->base.cra_blocksize; > - > - if (alg->base.cra_ablkcipher.encrypt) > - return alg->base.cra_blocksize; > - > - return alg->chunksize; > -} > - > static inline unsigned int crypto_skcipher_alg_walksize( > struct skcipher_alg *alg) > { > @@ -231,23 +218,6 @@ static inline unsigned int crypto_skcipher_alg_walksize( > return alg->walksize; > } > > -/** > - * crypto_skcipher_chunksize() - obtain chunk size > - * @tfm: cipher handle > - * > - * The block size is set to one for ciphers such as CTR. However, > - * you still need to provide incremental updates in multiples of > - * the underlying block size as the IV does not have sub-block > - * granularity. This is known in this API as the chunk size. > - * > - * Return: chunk size in bytes > - */ > -static inline unsigned int crypto_skcipher_chunksize( > - struct crypto_skcipher *tfm) > -{ > - return crypto_skcipher_alg_chunksize(crypto_skcipher_alg(tfm)); > -} > - > /** > * crypto_skcipher_walksize() - obtain walk size > * @tfm: cipher handle > diff --git a/include/crypto/skcipher.h b/include/crypto/skcipher.h > index 37c164234d97..aada87916918 100644 > --- a/include/crypto/skcipher.h > +++ b/include/crypto/skcipher.h > @@ -304,6 +304,36 @@ static inline unsigned int crypto_skcipher_blocksize( > return crypto_tfm_alg_blocksize(crypto_skcipher_tfm(tfm)); > } > > +static inline unsigned int crypto_skcipher_alg_chunksize( > + struct skcipher_alg *alg) > +{ > + if ((alg->base.cra_flags & CRYPTO_ALG_TYPE_MASK) == > + CRYPTO_ALG_TYPE_BLKCIPHER) > + return alg->base.cra_blocksize; > + > + if (alg->base.cra_ablkcipher.encrypt) > + return alg->base.cra_blocksize; > + > + return alg->chunksize; > +} > + > +/** > + * crypto_skcipher_chunksize() - obtain chunk size > + * @tfm: cipher handle > + * > + * The block size is set to one for ciphers such as CTR. However, > + * you still need to provide incremental updates in multiples of > + * the underlying block size as the IV does not have sub-block > + * granularity. This is known in this API as the chunk size. > + * > + * Return: chunk size in bytes > + */ > +static inline unsigned int crypto_skcipher_chunksize( > + struct crypto_skcipher *tfm) > +{ > + return crypto_skcipher_alg_chunksize(crypto_skcipher_alg(tfm)); > +} > + > static inline unsigned int crypto_sync_skcipher_blocksize( > struct crypto_sync_skcipher *tfm) > { > -- > Email: Herbert Xu <herbert@xxxxxxxxxxxxxxxxxxx> > Home Page: http://gondor.apana.org.au/~herbert/ > PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt