Received: by 2002:a25:8b12:0:0:0:0:0 with SMTP id i18csp1080243ybl; Wed, 14 Aug 2019 10:22:25 -0700 (PDT) X-Google-Smtp-Source: APXvYqwpznl54aT3HTP7td2LporxEmWDVEjwASYZAItg9SyU/Q8aMFrDA8em4LuKDDb3K30CKoJ7 X-Received: by 2002:a63:29c7:: with SMTP id p190mr253076pgp.124.1565803345070; Wed, 14 Aug 2019 10:22:25 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1565803345; cv=none; d=google.com; s=arc-20160816; b=U2Y+mAhKSaD8/CvCdg4J4ko7mBf9BP3zwp0SdWJ8P08wvpapmwrWk/h6b4YJEhHu8f hpvn71uQC6lkgbOMxXZJkfT20HJ/1c5jq1g9ZBh00SKRRdKNSpydoAGKKpI/Nczh+EOr QYvDre1+relrol6Nt9SGL1d0FOcdi+7oCbp6kwZrQN+6LnkJxpG8LBebok/8n1PfgSrg PR0w0TSvKYPDumR9Frn+ewFQNJDSosyXDnb9yh6k1g2Beht+vvNene3tqH6ELRumcjyl YbKPKDbvShg3ogC/Xw/qsdtmfD88g0ndKAR6Tuw3DQfE8cYgkDeyCFfYbZGnxedR8Euj Jc6A== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:mime-version :user-agent:references:in-reply-to:message-id:date:subject:cc:to :from:dkim-signature; bh=7tV0qQpKWvE9uMoM9ybIBxiRvXcNQl2ynaZCmAOKmnY=; b=OVEeefWM4MdSdd4iXSvXRSjl7mp9G5doum1AgqJpeAOYxty50HBaKi7nsBhop4Bnaq 6QaO4FYEgqf3+d9kL7gHPdogGFKvhCwiqIRMDY9Eh5IZcgfmSvHerhweOEEqMYO90a4d RlTjidlwt7NrRNmXOre3uHltZCLHPacfXIbJea5ZghxZ34opiPksEjd5EhM4lf4AkhGM UUTzRQebhDzDYN/ip8AyU4xujSqaXtvTYfFVj8dbvOFMJhLBG+6o/RfrZDGOCIFe6K85 JWiAjrQ0lm5Vfrsnq+A4HkeqvRwZO72Dn1t61WdhAJTAKELMZ1R70XvS7bHnMGq0w/B0 chtA== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@kernel.org header.s=default header.b=ujrPudUv; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id i18si84687pfq.58.2019.08.14.10.22.09; Wed, 14 Aug 2019 10:22:25 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@kernel.org header.s=default header.b=ujrPudUv; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1729118AbfHNRJk (ORCPT + 99 others); Wed, 14 Aug 2019 13:09:40 -0400 Received: from mail.kernel.org ([198.145.29.99]:60088 "EHLO mail.kernel.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1729625AbfHNRJi (ORCPT ); Wed, 14 Aug 2019 13:09:38 -0400 Received: from localhost (83-86-89-107.cable.dynamic.v4.ziggo.nl [83.86.89.107]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPSA id DE0872084D; Wed, 14 Aug 2019 17:09:36 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=default; t=1565802577; bh=afR9oa3kSoCxC4l8fCQGot8I+cJKctKLobT1GUTuKio=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=ujrPudUvWw9Umgi2R3cFZdLrurTBHD8hXj1nEKgD5wZfuF9JW2JC1X5vrhNTUly6p yN6oCAHJE4cKFJRkpa3F3q5aNDQoXnAxxu6it3H2qWgWaU6ko7ShE3B3u7Fd5FI++1 QEqFQnN8wz2XACfSjFMTokGypjIHGSGFNR9eLtLQ= From: Greg Kroah-Hartman To: linux-kernel@vger.kernel.org Cc: Greg Kroah-Hartman , stable@vger.kernel.org, Gary R Hook , Herbert Xu Subject: [PATCH 4.19 06/91] crypto: ccp - Add support for valid authsize values less than 16 Date: Wed, 14 Aug 2019 19:00:29 +0200 Message-Id: <20190814165749.355665426@linuxfoundation.org> X-Mailer: git-send-email 2.22.0 In-Reply-To: <20190814165748.991235624@linuxfoundation.org> References: <20190814165748.991235624@linuxfoundation.org> User-Agent: quilt/0.66 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org From: Gary R Hook commit 9f00baf74e4b6f79a3a3dfab44fb7bb2e797b551 upstream. AES GCM encryption allows for authsize values of 4, 8, and 12-16 bytes. Validate the requested authsize, and retain it to save in the request context. Fixes: 36cf515b9bbe2 ("crypto: ccp - Enable support for AES GCM on v5 CCPs") Cc: Signed-off-by: Gary R Hook Signed-off-by: Herbert Xu Signed-off-by: Greg Kroah-Hartman --- drivers/crypto/ccp/ccp-crypto-aes-galois.c | 14 ++++++++++++++ drivers/crypto/ccp/ccp-ops.c | 26 +++++++++++++++++++++----- include/linux/ccp.h | 2 ++ 3 files changed, 37 insertions(+), 5 deletions(-) --- a/drivers/crypto/ccp/ccp-crypto-aes-galois.c +++ b/drivers/crypto/ccp/ccp-crypto-aes-galois.c @@ -61,6 +61,19 @@ static int ccp_aes_gcm_setkey(struct cry static int ccp_aes_gcm_setauthsize(struct crypto_aead *tfm, unsigned int authsize) { + switch (authsize) { + case 16: + case 15: + case 14: + case 13: + case 12: + case 8: + case 4: + break; + default: + return -EINVAL; + } + return 0; } @@ -107,6 +120,7 @@ static int ccp_aes_gcm_crypt(struct aead memset(&rctx->cmd, 0, sizeof(rctx->cmd)); INIT_LIST_HEAD(&rctx->cmd.entry); rctx->cmd.engine = CCP_ENGINE_AES; + rctx->cmd.u.aes.authsize = crypto_aead_authsize(tfm); rctx->cmd.u.aes.type = ctx->u.aes.type; rctx->cmd.u.aes.mode = ctx->u.aes.mode; rctx->cmd.u.aes.action = encrypt; --- a/drivers/crypto/ccp/ccp-ops.c +++ b/drivers/crypto/ccp/ccp-ops.c @@ -625,6 +625,7 @@ static int ccp_run_aes_gcm_cmd(struct cc unsigned long long *final; unsigned int dm_offset; + unsigned int authsize; unsigned int jobid; unsigned int ilen; bool in_place = true; /* Default value */ @@ -646,6 +647,21 @@ static int ccp_run_aes_gcm_cmd(struct cc if (!aes->key) /* Gotta have a key SGL */ return -EINVAL; + /* Zero defaults to 16 bytes, the maximum size */ + authsize = aes->authsize ? aes->authsize : AES_BLOCK_SIZE; + switch (authsize) { + case 16: + case 15: + case 14: + case 13: + case 12: + case 8: + case 4: + break; + default: + return -EINVAL; + } + /* First, decompose the source buffer into AAD & PT, * and the destination buffer into AAD, CT & tag, or * the input into CT & tag. @@ -660,7 +676,7 @@ static int ccp_run_aes_gcm_cmd(struct cc p_tag = scatterwalk_ffwd(sg_tag, p_outp, ilen); } else { /* Input length for decryption includes tag */ - ilen = aes->src_len - AES_BLOCK_SIZE; + ilen = aes->src_len - authsize; p_tag = scatterwalk_ffwd(sg_tag, p_inp, ilen); } @@ -842,19 +858,19 @@ static int ccp_run_aes_gcm_cmd(struct cc if (aes->action == CCP_AES_ACTION_ENCRYPT) { /* Put the ciphered tag after the ciphertext. */ - ccp_get_dm_area(&final_wa, 0, p_tag, 0, AES_BLOCK_SIZE); + ccp_get_dm_area(&final_wa, 0, p_tag, 0, authsize); } else { /* Does this ciphered tag match the input? */ - ret = ccp_init_dm_workarea(&tag, cmd_q, AES_BLOCK_SIZE, + ret = ccp_init_dm_workarea(&tag, cmd_q, authsize, DMA_BIDIRECTIONAL); if (ret) goto e_tag; - ret = ccp_set_dm_area(&tag, 0, p_tag, 0, AES_BLOCK_SIZE); + ret = ccp_set_dm_area(&tag, 0, p_tag, 0, authsize); if (ret) goto e_tag; ret = crypto_memneq(tag.address, final_wa.address, - AES_BLOCK_SIZE) ? -EBADMSG : 0; + authsize) ? -EBADMSG : 0; ccp_dm_free(&tag); } --- a/include/linux/ccp.h +++ b/include/linux/ccp.h @@ -173,6 +173,8 @@ struct ccp_aes_engine { enum ccp_aes_mode mode; enum ccp_aes_action action; + u32 authsize; + struct scatterlist *key; u32 key_len; /* In bytes */