iv/linux
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
c7556ff7e3
linux/drivers/crypto
History
Russell King c7556ff7e3 crypto: caam - fix non-block aligned hash calculation 
caam does not properly calculate the size of the retained state
when non-block aligned hashes are requested - it uses the wrong
buffer sizes, which results in errors such as:

caam_jr 2102000.jr1: 40000501: DECO: desc idx 5: SGT Length Error. The descriptor is trying to read more data than is contained in the SGT table.

We end up here with:

in_len 0x46 blocksize 0x40 last_bufsize 0x0 next_bufsize 0x6
to_hash 0x40 ctx_len 0x28 nbytes 0x20

which results in a job descriptor of:

jobdesc@889: ed03d918: b0861c08 3daa0080 f1400000 3d03d938
jobdesc@889: ed03d928: 00000068 f8400000 3cde2a40 00000028

where the word at 0xed03d928 is the expected data size (0x68), and a
scatterlist containing:

sg@892: ed03d938: 00000000 3cde2a40 00000028 00000000
sg@892: ed03d948: 00000000 3d03d100 00000006 00000000
sg@892: ed03d958: 00000000 7e8aa700 40000020 00000000

0x68 comes from 0x28 (the context size) plus the "in_len" rounded down
to a block size (0x40).  in_len comes from 0x26 bytes of unhashed data
from the previous operation, plus the 0x20 bytes from the latest
operation.

The fixed version would create:

sg@892: ed03d938: 00000000 3cde2a40 00000028 00000000
sg@892: ed03d948: 00000000 3d03d100 00000026 00000000
sg@892: ed03d958: 00000000 7e8aa700 40000020 00000000

which replaces the 0x06 length with the correct 0x26 bytes of previously
unhashed data.

This fixes a previous commit which erroneously "fixed" this due to a
DMA-API bug report; that commit indicates that the bug was caused via a
test_ahash_pnum() function in the tcrypt module.  No such function has
ever existed in the mainline kernel.  Given that the change in this
commit has been tested with DMA API debug enabled and shows no issue,
I can only conclude that test_ahash_pnum() was triggering that bad
behaviour by CAAM.

Fixes: 7d5196aba3 ("crypto: caam - Correct DMA unmap size in ahash_update_ctx()")
Signed-off-by: Russell King <rmk+kernel@arm.linux.org.uk>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2015-10-20 22:11:10 +08:00
..
amcc crypto: amcc - replace get_sg_count by sg_nents_for_len 2015-09-21 23:05:53 +08:00
caam crypto: caam - fix non-block aligned hash calculation 2015-10-20 22:11:10 +08:00
ccp crypto: ccp - Use module name in driver structures 2015-10-08 21:42:18 +08:00
marvell crypto: marvell/cesa - fix memory leak 2015-10-20 22:11:09 +08:00
nx crypto: 842 - Add CRC and validation support 2015-10-14 22:23:17 +08:00
qat crypto: qat - fix crypto_get_instance_node function 2015-10-20 22:10:47 +08:00
qce crypto: qce - dma_map_sg can handle chained SG 2015-10-08 21:42:19 +08:00
sunxi-ss crypto: sunxi-ss - Fix a possible driver hang with ciphers 2015-09-10 17:22:55 +08:00
ux500 crypto: ux500 - Use devm_xxx() managed function 2015-10-14 22:23:38 +08:00
vmx crypto: vmx - Fixing opcode issue 2015-08-24 22:07:43 +08:00
atmel-aes-regs.h crypto: atmel - add Atmel AES driver 2012-07-11 11:07:40 +08:00
atmel-aes.c crypto: atmel - use devm_xxx() managed function 2015-10-14 22:23:38 +08:00
atmel-sha-regs.h crypto: atmel-sha - add support for latest release of the IP (0x410) 2013-03-10 16:46:42 +08:00
atmel-sha.c crypto: atmel - use devm_xxx() managed function 2015-10-14 22:23:38 +08:00
atmel-tdes-regs.h crypto: atmel-tdes - add support for latest release of the IP (0x700) 2013-03-10 16:46:42 +08:00
atmel-tdes.c crypto: atmel - use devm_xxx() managed function 2015-10-14 22:23:38 +08:00
bfin_crc.c crypto: bfin_crc - replace sg_count by sg_nents 2015-09-21 23:05:53 +08:00
bfin_crc.h crypto: bfin_crc - access crc registers by readl and writel functions 2014-04-16 20:40:15 +08:00
geode-aes.c crypto: geode - Don't use tfm->__crt_alg->cra_name directly 2014-05-22 21:03:13 +08:00
geode-aes.h crypto: geode - Consistently use AES_KEYSIZE_128 2014-05-22 21:03:12 +08:00
hifn_795x.c crypto: use pci_zalloc_consistent 2014-08-08 15:57:28 -07:00
img-hash.c crypto: img-hash - fix spelling mistake in dev_err error message 2015-08-04 17:41:31 +08:00
ixp4xx_crypto.c crypto: aead - Remove CRYPTO_ALG_AEAD_NEW flag 2015-08-17 16:53:53 +08:00
Kconfig crypto: mxs-dcp - mxs-dcp is an stmp device 2015-10-14 22:23:37 +08:00
Makefile crypto: sunxi-ss - Add Allwinner Security System crypto accelerator 2015-07-20 15:54:08 +08:00
mv_cesa.c crypto: marvell/cesa - another fix up for of_get_named_gen_pool() rename 2015-07-03 11:37:02 -07:00
mv_cesa.h crypto: mv_cesa - Add missing #define 2014-08-29 21:46:36 +08:00
mxs-dcp.c crypto: mxs-dcp - fix type of ret for wait_for_completion_timeout 2015-02-28 23:31:36 +13:00
n2_asm.S
n2_core.c crypto: n2 - set array of const as const 2015-10-15 21:05:20 +08:00
n2_core.h
omap-aes.c crypto: omap-aes - Use BIT() macro 2015-07-08 15:18:46 +08:00
omap-des.c crypto: omap-des - Fix unmapping of dma channels 2015-07-06 16:20:37 +08:00
omap-sham.c crypto/omap-sham: remove an open coded access to ->page_link 2015-08-17 08:12:57 -06:00
padlock-aes.c x86/fpu: Rename i387.h to fpu/api.h 2015-05-19 15:47:30 +02:00
padlock-sha.c x86/fpu: Rename i387.h to fpu/api.h 2015-05-19 15:47:30 +02:00
picoxcell_crypto_regs.h
picoxcell_crypto.c crypto: picoxcell - Fix module autoload for OF platform driver 2015-09-21 22:00:36 +08:00
s5p-sss.c crypto: drop owner assignment from platform_drivers 2014-10-20 16:20:25 +02:00
sahara.c crypto: sahara - set array of const as const 2015-10-15 21:05:18 +08:00
talitos.c crypto: talitos - dma_map_sg can handle chained SG 2015-10-01 21:49:40 +08:00
talitos.h crypto: talitos - Prevent panic in probe error path 2015-08-10 23:19:05 +08:00