Received: by 2002:a5b:505:0:0:0:0:0 with SMTP id o5csp2091976ybp; Thu, 10 Oct 2019 02:03:10 -0700 (PDT) X-Google-Smtp-Source: APXvYqx36YxmHUFsndimfFtQUFSG870z32XKr2u77sLOydkntfbNpB8ywUwfd1lkvMNt1oaMZ65N X-Received: by 2002:a05:6402:2025:: with SMTP id ay5mr7071029edb.93.1570698190442; Thu, 10 Oct 2019 02:03:10 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1570698190; cv=none; d=google.com; s=arc-20160816; b=y3n9MdU6Igb/T3q2VLCn44y8MhfjF0UYQsRlq4mhRqowxQly2jqbRO6r3iH22gLAhB 3CVy4K+pEebStHCh79uQVZs0lH1Jn9dUYkSX3dyGPSI/x0J4cNSWVSw+AxQkDZmsxLgo 8TKRbSre/2Y2G8gtbTonuzQk04qd5lNApm75mJr31R5gcsxg3BSXj5xkt+SHDNTRGWic ywFUQU6pvvh0llrSLj/blRfW62aVyx0SSFCqY+jYVO0Vs51B1RsWiLtZ+mIYGc9iekav hrjT+bVXlj2V/LgwKL5cfs0PZOuX0UCc7Lytk6ss49fwmUQWA5tEzTEQbTLh8CbE25+E 6mOg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:mime-version :user-agent:references:in-reply-to:message-id:date:subject:cc:to :from:dkim-signature; bh=ju9vLbPhxutFW3pSev46iUHgPTHsIycD3uZFWwKNIls=; b=J3XwgM+7HsKHwPk9jgJ7FyqRO1KgFpn/Vft/snw5PVyQVCHRbDP/rt7/NrrRRWBnEw SUmf4tFFjfAMQClaNkk81qTCoN3XPL85IT59aHMA2Gfd/8090XQ5ygi1Z+vWezi6FuXz ZhcBI40Q5olgjAK0OL8Yy29n3bfZmoJds4WG0TLpyJofVwtL/HSuH8h4MbgYQdFsMJri MA0VrLgNWAZz5NfQE0tR69yEcxrpOBH+ss+m9Tl4aa72DwDxhWKbBoXNTisH2GSbjt8j RtnuWEmulSlD/NazOrYgDpECEswR7MjV0G+xbtopHa3/G9FaBg0fALsPzLcPlVQmXhKR OHLQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@kernel.org header.s=default header.b=vKWuZxPz; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id m12si2714030ejr.180.2019.10.10.02.02.47; Thu, 10 Oct 2019 02:03:10 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@kernel.org header.s=default header.b=vKWuZxPz; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S2387851AbfJJIjY (ORCPT + 99 others); Thu, 10 Oct 2019 04:39:24 -0400 Received: from mail.kernel.org ([198.145.29.99]:42848 "EHLO mail.kernel.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S2387796AbfJJIjW (ORCPT ); Thu, 10 Oct 2019 04:39:22 -0400 Received: from localhost (83-86-89-107.cable.dynamic.v4.ziggo.nl [83.86.89.107]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPSA id 9788121D6C; Thu, 10 Oct 2019 08:39:21 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=default; t=1570696762; bh=ExES3H8Fy25Gau5gp6ZsM/0aAoXfUHT2YM+s8DCJHL4=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=vKWuZxPzNqp5rNVylQrw0AxL/gWmerk5WB5FJhqZ43CqDwvc+6nM0FP4xO1u2ytQD pBKPynwkO9dGfxAXweX716sxyFhbqJNkxsjx3ci3njg3yef0Tph60qiF1ypLNBW6NS ui7BGKhYZFKjjwNX7VNMPcr+jtjV4eCkrj6cvBsI= From: Greg Kroah-Hartman To: linux-kernel@vger.kernel.org Cc: Greg Kroah-Hartman , stable@vger.kernel.org, =?UTF-8?q?Horia=20Geant=C4=83?= , Herbert Xu Subject: [PATCH 5.3 044/148] crypto: caam - fix concurrency issue in givencrypt descriptor Date: Thu, 10 Oct 2019 10:35:05 +0200 Message-Id: <20191010083613.812525450@linuxfoundation.org> X-Mailer: git-send-email 2.23.0 In-Reply-To: <20191010083609.660878383@linuxfoundation.org> References: <20191010083609.660878383@linuxfoundation.org> User-Agent: quilt/0.66 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org From: Horia Geantă commit 48f89d2a2920166c35b1c0b69917dbb0390ebec7 upstream. IV transfer from ofifo to class2 (set up at [29][30]) is not guaranteed to be scheduled before the data transfer from ofifo to external memory (set up at [38]: [29] 10FA0004 ld: ind-nfifo (len=4) imm [30] 81F00010 class2 type=msg len=16> [31] 14820004 ld: ccb2-datasz len=4 offs=0 imm [32] 00000010 data:0x00000010 [33] 8210010D operation: cls1-op aes cbc init-final enc [34] A8080B04 math: (seqin + math0)->vseqout len=4 [35] 28000010 seqfifold: skip len=16 [36] A8080A04 math: (seqin + math0)->vseqin len=4 [37] 2F1E0000 seqfifold: both msg1->2-last2-last1 len=vseqinsz [38] 69300000 seqfifostr: msg len=vseqoutsz [39] 5C20000C seqstr: ccb2 ctx len=12 offs=0 If ofifo -> external memory transfer happens first, DECO will hang (issuing a Watchdog Timeout error, if WDOG is enabled) waiting for data availability in ofifo for the ofifo -> c2 ififo transfer. Make sure IV transfer happens first by waiting for all CAAM internal transfers to end before starting payload transfer. New descriptor with jump command inserted at [37]: [..] [36] A8080A04 math: (seqin + math0)->vseqin len=4 [37] A1000401 jump: jsl1 all-match[!nfifopend] offset=[01] local->[38] [38] 2F1E0000 seqfifold: both msg1->2-last2-last1 len=vseqinsz [39] 69300000 seqfifostr: msg len=vseqoutsz [40] 5C20000C seqstr: ccb2 ctx len=12 offs=0 [Note: the issue is present in the descriptor from the very beginning (cf. Fixes tag). However I've marked it v4.19+ since it's the oldest maintained kernel that the patch applies clean against.] Cc: # v4.19+ Fixes: 1acebad3d8db8 ("crypto: caam - faster aead implementation") Signed-off-by: Horia Geantă Signed-off-by: Herbert Xu Signed-off-by: Greg Kroah-Hartman --- drivers/crypto/caam/caamalg_desc.c | 9 +++++++++ drivers/crypto/caam/caamalg_desc.h | 2 +- 2 files changed, 10 insertions(+), 1 deletion(-) --- a/drivers/crypto/caam/caamalg_desc.c +++ b/drivers/crypto/caam/caamalg_desc.c @@ -503,6 +503,7 @@ void cnstr_shdsc_aead_givencap(u32 * con const bool is_qi, int era) { u32 geniv, moveiv; + u32 *wait_cmd; /* Note: Context registers are saved. */ init_sh_desc_key_aead(desc, cdata, adata, is_rfc3686, nonce, era); @@ -598,6 +599,14 @@ copy_iv: /* Will read cryptlen */ append_math_add(desc, VARSEQINLEN, SEQINLEN, REG0, CAAM_CMD_SZ); + + /* + * Wait for IV transfer (ofifo -> class2) to finish before starting + * ciphertext transfer (ofifo -> external memory). + */ + wait_cmd = append_jump(desc, JUMP_JSL | JUMP_TEST_ALL | JUMP_COND_NIFP); + set_jump_tgt_here(desc, wait_cmd); + append_seq_fifo_load(desc, 0, FIFOLD_CLASS_BOTH | KEY_VLF | FIFOLD_TYPE_MSG1OUT2 | FIFOLD_TYPE_LASTBOTH); append_seq_fifo_store(desc, 0, FIFOST_TYPE_MESSAGE_DATA | KEY_VLF); --- a/drivers/crypto/caam/caamalg_desc.h +++ b/drivers/crypto/caam/caamalg_desc.h @@ -12,7 +12,7 @@ #define DESC_AEAD_BASE (4 * CAAM_CMD_SZ) #define DESC_AEAD_ENC_LEN (DESC_AEAD_BASE + 11 * CAAM_CMD_SZ) #define DESC_AEAD_DEC_LEN (DESC_AEAD_BASE + 15 * CAAM_CMD_SZ) -#define DESC_AEAD_GIVENC_LEN (DESC_AEAD_ENC_LEN + 7 * CAAM_CMD_SZ) +#define DESC_AEAD_GIVENC_LEN (DESC_AEAD_ENC_LEN + 8 * CAAM_CMD_SZ) #define DESC_QI_AEAD_ENC_LEN (DESC_AEAD_ENC_LEN + 3 * CAAM_CMD_SZ) #define DESC_QI_AEAD_DEC_LEN (DESC_AEAD_DEC_LEN + 3 * CAAM_CMD_SZ) #define DESC_QI_AEAD_GIVENC_LEN (DESC_AEAD_GIVENC_LEN + 3 * CAAM_CMD_SZ)