[+Cc the person with a Cc tag in the patch, who I accidentally didn't Cc... Original message was https://lkml.kernel.org/linux-crypto/20191231031938.241705-2-ebiggers@xxxxxxxxxx/] On Mon, Dec 30, 2019 at 09:19:31PM -0600, Eric Biggers wrote: > From: Eric Biggers <ebiggers@xxxxxxxxxx> > > The chelsio crypto driver is casting 'struct crypto_aead' directly to > 'struct crypto_tfm', which is incorrect because the crypto_tfm isn't the > first field of 'struct crypto_aead'. Consequently, the calls to > crypto_tfm_set_flags() are modifying some other field in the struct. > > Also, the driver is setting CRYPTO_TFM_RES_BAD_KEY_LEN in > ->setauthsize(), not just in ->setkey(). This is incorrect since this > flag is for bad key lengths, not for bad authentication tag lengths. > > Fix these bugs by removing the broken crypto_tfm_set_flags() calls from > ->setauthsize() and by fixing them in ->setkey(). > > Fixes: 324429d74127 ("chcr: Support for Chelsio's Crypto Hardware") > Cc: <stable@xxxxxxxxxxxxxxx> # v4.9+ > Cc: Atul Gupta <atul.gupta@xxxxxxxxxxx> > Signed-off-by: Eric Biggers <ebiggers@xxxxxxxxxx> > --- > drivers/crypto/chelsio/chcr_algo.c | 16 +++------------- > 1 file changed, 3 insertions(+), 13 deletions(-) > > diff --git a/drivers/crypto/chelsio/chcr_algo.c b/drivers/crypto/chelsio/chcr_algo.c > index 586dbc69d0cd..5b7dbe7cdb17 100644 > --- a/drivers/crypto/chelsio/chcr_algo.c > +++ b/drivers/crypto/chelsio/chcr_algo.c > @@ -3196,9 +3196,6 @@ static int chcr_gcm_setauthsize(struct crypto_aead *tfm, unsigned int authsize) > aeadctx->mayverify = VERIFY_SW; > break; > default: > - > - crypto_tfm_set_flags((struct crypto_tfm *) tfm, > - CRYPTO_TFM_RES_BAD_KEY_LEN); > return -EINVAL; > } > return crypto_aead_setauthsize(aeadctx->sw_cipher, authsize); > @@ -3223,8 +3220,6 @@ static int chcr_4106_4309_setauthsize(struct crypto_aead *tfm, > aeadctx->mayverify = VERIFY_HW; > break; > default: > - crypto_tfm_set_flags((struct crypto_tfm *)tfm, > - CRYPTO_TFM_RES_BAD_KEY_LEN); > return -EINVAL; > } > return crypto_aead_setauthsize(aeadctx->sw_cipher, authsize); > @@ -3265,8 +3260,6 @@ static int chcr_ccm_setauthsize(struct crypto_aead *tfm, > aeadctx->mayverify = VERIFY_HW; > break; > default: > - crypto_tfm_set_flags((struct crypto_tfm *)tfm, > - CRYPTO_TFM_RES_BAD_KEY_LEN); > return -EINVAL; > } > return crypto_aead_setauthsize(aeadctx->sw_cipher, authsize); > @@ -3291,8 +3284,7 @@ static int chcr_ccm_common_setkey(struct crypto_aead *aead, > ck_size = CHCR_KEYCTX_CIPHER_KEY_SIZE_256; > mk_size = CHCR_KEYCTX_MAC_KEY_SIZE_256; > } else { > - crypto_tfm_set_flags((struct crypto_tfm *)aead, > - CRYPTO_TFM_RES_BAD_KEY_LEN); > + crypto_aead_set_flags(aead, CRYPTO_TFM_RES_BAD_KEY_LEN); > aeadctx->enckey_len = 0; > return -EINVAL; > } > @@ -3330,8 +3322,7 @@ static int chcr_aead_rfc4309_setkey(struct crypto_aead *aead, const u8 *key, > int error; > > if (keylen < 3) { > - crypto_tfm_set_flags((struct crypto_tfm *)aead, > - CRYPTO_TFM_RES_BAD_KEY_LEN); > + crypto_aead_set_flags(aead, CRYPTO_TFM_RES_BAD_KEY_LEN); > aeadctx->enckey_len = 0; > return -EINVAL; > } > @@ -3381,8 +3372,7 @@ static int chcr_gcm_setkey(struct crypto_aead *aead, const u8 *key, > } else if (keylen == AES_KEYSIZE_256) { > ck_size = CHCR_KEYCTX_CIPHER_KEY_SIZE_256; > } else { > - crypto_tfm_set_flags((struct crypto_tfm *)aead, > - CRYPTO_TFM_RES_BAD_KEY_LEN); > + crypto_aead_set_flags(aead, CRYPTO_TFM_RES_BAD_KEY_LEN); > pr_err("GCM: Invalid key length %d\n", keylen); > ret = -EINVAL; > goto out; > -- > 2.24.1 >
