Hi Ovidiu, Thanks for spotting and fixing this. On Fri, 2021-01-15 at 22:46 +0200, Ovidiu Panait wrote: > src_size and aad_size are defined as u32, so the following > expressions are > currently being evaluated using 32-bit arithmetic: > > bit_len = src_size * 8; > ... > bit_len = aad_size * 8; > > However, bit_len is used afterwards in a context that expects a valid > 64-bit value (the lower and upper 32-bit words of bit_len are > extracted > and written to hw). > > In order to make sure the correct bit length is generated and the 32- > bit > multiplication does not wrap around, cast src_size and aad_size to > u64. > > Signed-off-by: Ovidiu Panait <ovidiu.panait@xxxxxxxxxxxxx> Acked-by: Daniele Alessandrelli <daniele.alessandrelli@xxxxxxxxx> > --- > drivers/crypto/keembay/ocs-aes.c | 4 ++-- > 1 file changed, 2 insertions(+), 2 deletions(-) > > diff --git a/drivers/crypto/keembay/ocs-aes.c > b/drivers/crypto/keembay/ocs-aes.c > index cc286adb1c4a..b85c89477afa 100644 > --- a/drivers/crypto/keembay/ocs-aes.c > +++ b/drivers/crypto/keembay/ocs-aes.c > @@ -958,14 +958,14 @@ int ocs_aes_gcm_op(struct ocs_aes_dev *aes_dev, > ocs_aes_write_last_data_blk_len(aes_dev, src_size); > > /* Write ciphertext bit length */ > - bit_len = src_size * 8; > + bit_len = (u64)src_size * 8; > val = bit_len & 0xFFFFFFFF; > iowrite32(val, aes_dev->base_reg + AES_MULTIPURPOSE2_0_OFFSET); > val = bit_len >> 32; > iowrite32(val, aes_dev->base_reg + AES_MULTIPURPOSE2_1_OFFSET); > > /* Write aad bit length */ > - bit_len = aad_size * 8; > + bit_len = (u64)aad_size * 8; > val = bit_len & 0xFFFFFFFF; > iowrite32(val, aes_dev->base_reg + AES_MULTIPURPOSE2_2_OFFSET); > val = bit_len >> 32;
