Re: [PATCH] crypto: geode-aes - convert to skcipher API and make thread-safe

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Op 11-10-2019 om 06:51 schreef Eric Biggers:
From: Eric Biggers <ebiggers@xxxxxxxxxx>

The geode AES driver is heavily broken because it stores per-request
state in the transform context.  So it will crash or produce the wrong
result if used by any of the many places in the kernel that issue
concurrent requests for the same transform object.

This driver is also implemented using the deprecated blkcipher API,
which makes it difficult to fix, and puts it among the drivers
preventing that API from being removed.

Convert this driver to use the skcipher API, and change it to not store
per-request state in the transform context.

Fixes: 9fe757b0cfce ("[PATCH] crypto: Add support for the Geode LX AES hardware")
Signed-off-by: Eric Biggers <ebiggers@xxxxxxxxxx>
---

NOTE: I don't have the hardware to test this patch.  Anyone who does,
please check whether it passes CONFIG_CRYPTO_MANAGER_EXTRA_TESTS=y, and
whether it still works for anything else you're using it for.

Yes, it seems to work on ALIX 2C2 on Linux 5.4-rc3.
No errors in /proc/crypto and dmesg, including CONFIG_CRYPTO_MANAGER_EXTRA_TESTS. I also tried (among other things) simultaneous openssl + dm-crypt benchmarks.
Those reach the higher speeds and give no errors.
Thanks!
Gert



[Index of Archives]     [Kernel]     [Gnu Classpath]     [Gnu Crypto]     [DM Crypt]     [Netfilter]     [Bugtraq]

  Powered by Linux