On Fri, Feb 03, 2023 at 09:04:59AM +0800, Herbert Xu wrote:
> On Wed, Feb 01, 2023 at 03:59:44PM +0000, Giovanni Cabiddu wrote:
> .
> > @@ -435,8 +435,8 @@ static void qat_alg_skcipher_init_com(struct qat_alg_skcipher_ctx *ctx,
> > } else if (aes_v2_capable && mode == ICP_QAT_HW_CIPHER_CTR_MODE) {
> > ICP_QAT_FW_LA_SLICE_TYPE_SET(header->serv_specif_flags,
> > ICP_QAT_FW_LA_USE_UCS_SLICE_TYPE);
> > - keylen = round_up(keylen, 16);
> > memcpy(cd->ucs_aes.key, key, keylen);
> > + keylen = round_up(keylen, 16);
>
> Now cd->ucs_aes.key contains potentially unitialised data, should
> we zero them?
The content descriptor structure (cd) is already initialized to zero
before the function qat_alg_skcipher_init_com() is called.
This is done in
(1) qat_alg_skcipher_newkey() implicitly by dma_alloc_coherent(),
the first time setkey() is called for a tfm or
(2) qat_alg_skcipher_rekey() explicitly, for subsequent calls to
sekey().
Regards,
--
Giovanni
