On Tue, 10 Sep 2019 at 02:42, Herbert Xu <herbert@xxxxxxxxxxxxxxxxxxx> wrote:
>
> When algif_skcipher does a partial operation it always process data
> that is a multiple of blocksize. However, for algorithms such as
> CTR this is wrong because even though it can process any number of
> bytes overall, the partial block must come at the very end and not
> in the middle.
>
> This is exactly what chunksize is meant to describe so this patch
> changes blocksize to chunksize.
>
> Fixes: 8ff590903d5f ("crypto: algif_skcipher - User-space...")
> Signed-off-by: Herbert Xu <herbert@xxxxxxxxxxxxxxxxxxx>
Acked-by: Ard Biesheuvel <ard.biesheuvel@xxxxxxxxxx>
>
> diff --git a/crypto/algif_skcipher.c b/crypto/algif_skcipher.c
> index c1601edd70e3..e2c8ab408bed 100644
> --- a/crypto/algif_skcipher.c
> +++ b/crypto/algif_skcipher.c
> @@ -56,7 +56,7 @@ static int _skcipher_recvmsg(struct socket *sock, struct msghdr *msg,
> struct alg_sock *pask = alg_sk(psk);
> struct af_alg_ctx *ctx = ask->private;
> struct crypto_skcipher *tfm = pask->private;
> - unsigned int bs = crypto_skcipher_blocksize(tfm);
> + unsigned int bs = crypto_skcipher_chunksize(tfm);
> struct af_alg_async_req *areq;
> int err = 0;
> size_t len = 0;
> diff --git a/include/crypto/internal/skcipher.h b/include/crypto/internal/skcipher.h
> index 734b6f7081b8..3175dfeaed2c 100644
> --- a/include/crypto/internal/skcipher.h
> +++ b/include/crypto/internal/skcipher.h
> @@ -205,19 +205,6 @@ static inline unsigned int crypto_skcipher_alg_max_keysize(
> return alg->max_keysize;
> }
>
> -static inline unsigned int crypto_skcipher_alg_chunksize(
> - struct skcipher_alg *alg)
> -{
> - if ((alg->base.cra_flags & CRYPTO_ALG_TYPE_MASK) ==
> - CRYPTO_ALG_TYPE_BLKCIPHER)
> - return alg->base.cra_blocksize;
> -
> - if (alg->base.cra_ablkcipher.encrypt)
> - return alg->base.cra_blocksize;
> -
> - return alg->chunksize;
> -}
> -
> static inline unsigned int crypto_skcipher_alg_walksize(
> struct skcipher_alg *alg)
> {
> @@ -231,23 +218,6 @@ static inline unsigned int crypto_skcipher_alg_walksize(
> return alg->walksize;
> }
>
> -/**
> - * crypto_skcipher_chunksize() - obtain chunk size
> - * @tfm: cipher handle
> - *
> - * The block size is set to one for ciphers such as CTR. However,
> - * you still need to provide incremental updates in multiples of
> - * the underlying block size as the IV does not have sub-block
> - * granularity. This is known in this API as the chunk size.
> - *
> - * Return: chunk size in bytes
> - */
> -static inline unsigned int crypto_skcipher_chunksize(
> - struct crypto_skcipher *tfm)
> -{
> - return crypto_skcipher_alg_chunksize(crypto_skcipher_alg(tfm));
> -}
> -
> /**
> * crypto_skcipher_walksize() - obtain walk size
> * @tfm: cipher handle
> diff --git a/include/crypto/skcipher.h b/include/crypto/skcipher.h
> index 37c164234d97..aada87916918 100644
> --- a/include/crypto/skcipher.h
> +++ b/include/crypto/skcipher.h
> @@ -304,6 +304,36 @@ static inline unsigned int crypto_skcipher_blocksize(
> return crypto_tfm_alg_blocksize(crypto_skcipher_tfm(tfm));
> }
>
> +static inline unsigned int crypto_skcipher_alg_chunksize(
> + struct skcipher_alg *alg)
> +{
> + if ((alg->base.cra_flags & CRYPTO_ALG_TYPE_MASK) ==
> + CRYPTO_ALG_TYPE_BLKCIPHER)
> + return alg->base.cra_blocksize;
> +
> + if (alg->base.cra_ablkcipher.encrypt)
> + return alg->base.cra_blocksize;
> +
> + return alg->chunksize;
> +}
> +
> +/**
> + * crypto_skcipher_chunksize() - obtain chunk size
> + * @tfm: cipher handle
> + *
> + * The block size is set to one for ciphers such as CTR. However,
> + * you still need to provide incremental updates in multiples of
> + * the underlying block size as the IV does not have sub-block
> + * granularity. This is known in this API as the chunk size.
> + *
> + * Return: chunk size in bytes
> + */
> +static inline unsigned int crypto_skcipher_chunksize(
> + struct crypto_skcipher *tfm)
> +{
> + return crypto_skcipher_alg_chunksize(crypto_skcipher_alg(tfm));
> +}
> +
> static inline unsigned int crypto_sync_skcipher_blocksize(
> struct crypto_sync_skcipher *tfm)
> {
> --
> Email: Herbert Xu <herbert@xxxxxxxxxxxxxxxxxxx>
> Home Page: http://gondor.apana.org.au/~herbert/
> PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt
