Received: by 2002:a25:d7c1:0:0:0:0:0 with SMTP id o184csp231536ybg;
        Thu, 17 Oct 2019 22:02:55 -0700 (PDT)
X-Google-Smtp-Source: APXvYqzCgsFUvWg+9bZ50M+VHzWJbs1fEBjvK+1YXk8QDE+bajtcsN4T9Nwe34ZCBwdUvWiRm/zy
X-Received: by 2002:a17:907:365:: with SMTP id rs5mr7011113ejb.121.1571374975771;
        Thu, 17 Oct 2019 22:02:55 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1571374975; cv=none;
        d=google.com; s=arc-20160816;
        b=l3J40O/AuPgk0HJ81vOACF8e6gv/UePu3koAvLLKl/hitg6Csm6DiHPriEhHf2qUwj
         dCHgzeMbGWspsUnQNhXKhtBx7aM9oj17m/9uDBcIgaREQv72w9k0z4dGtMl/CNkN+umv
         Vtc6KoD8w5vLUxmJ/axFZe3C6zxluODl8zZamaYyFH+qcONNjB1lUB7VZqy0q7s+/NbU
         SLAzaURglp5SKWuLtIzKjIt6IJAmC6fH4zteMqSh63BT2dIMhgKUakmIfrEanjF2YAfH
         GOHi1KoSQ94XlFbwlqWpP+LHxCZnk2HRGu+qnxBCkRaeTYGfnHlhyJJwk1i7IkJHhd+q
         eMpA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:sender:content-transfer-encoding:mime-version
         :user-agent:references:in-reply-to:message-id:date:subject:cc:to
         :from:dkim-signature;
        bh=j7Zxrs4uVOe8dY6cz3qB/T0cYyb28ARUSWBzc5DnPTQ=;
        b=GMpat4p4pvlNXhB4END5aPEdnPdTscvOd5ScoERgS0Kixeza11XTSc0TfeCDxvFFkQ
         xOgZm3cz4Sh7P2CZ8o/JWZCTrkwl0RGR2tw/glyJY/rMd+ACv7SrdTizGCsHURVePNh0
         N///DUVt+y1mcnlmDNU8a39nZfZuvR4ksMquKbO8bAvClGxG/65Vjhhw/Tip54RRnKKS
         pxnuRX1N0tQN49TcsuRweZJik/9Wom1eu6No2/L5CWH3GZdYoS3B1o2cNc4juuEbgoSQ
         A/j3WPOgkYm0QP7QskMw5HPT2os03AyZL+f8eIHYPIaLsfjDf4f6ZkK1kxEkZ3d2+FS4
         vrTQ==
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=pass header.i=@kernel.org header.s=default header.b=VHL9gfO8;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67])
        by mx.google.com with ESMTP id i38si3190799eda.64.2019.10.17.22.02.32;
        Thu, 17 Oct 2019 22:02:55 -0700 (PDT)
Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67;
Authentication-Results: mx.google.com;
       dkim=pass header.i=@kernel.org header.s=default header.b=VHL9gfO8;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S2392308AbfJPWSc (ORCPT <rfc822;wxiaokuan@gmail.com> + 99 others);
        Wed, 16 Oct 2019 18:18:32 -0400
Received: from mail.kernel.org ([198.145.29.99]:44320 "EHLO mail.kernel.org"
        rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP
        id S2394989AbfJPVyZ (ORCPT <rfc822;linux-kernel@vger.kernel.org>);
        Wed, 16 Oct 2019 17:54:25 -0400
Received: from localhost (unknown [192.55.54.58])
        (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
        (No client certificate requested)
        by mail.kernel.org (Postfix) with ESMTPSA id 9723C21A49;
        Wed, 16 Oct 2019 21:54:24 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org;
        s=default; t=1571262864;
        bh=kSRLvh1VGKPe24MHdjufCBfj8tkZ+ksvQLTkai6Q4+c=;
        h=From:To:Cc:Subject:Date:In-Reply-To:References:From;
        b=VHL9gfO8w4xT+2TBq6sMwCc+SCOjiC7iUo7Ci8GtWgAXb4KPimszI0IlBwTcgRjAU
         rUqgPpiDQt7g4F5y448JRsj+xzITzOoef/VSm1D7FHzZ9luez8gSEZ+4SgOmo2VEzR
         rkNZVccWkjSOWs7u97iPSh9SY/InNGZl1pFvDJqk=
From:   Greg Kroah-Hartman <gregkh@linuxfoundation.org>
To:     linux-kernel@vger.kernel.org
Cc:     Greg Kroah-Hartman <gregkh@linuxfoundation.org>,
        stable@vger.kernel.org, Herbert Xu <herbert@gondor.apana.org.au>,
        =?UTF-8?q?Horia=20Geant=C4=83?= <horia.geanta@nxp.com>
Subject: [PATCH 4.9 30/92] crypto: caam - fix concurrency issue in givencrypt descriptor
Date:   Wed, 16 Oct 2019 14:50:03 -0700
Message-Id: <20191016214825.237765068@linuxfoundation.org>
X-Mailer: git-send-email 2.23.0
In-Reply-To: <20191016214759.600329427@linuxfoundation.org>
References: <20191016214759.600329427@linuxfoundation.org>
User-Agent: quilt/0.66
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Sender: linux-kernel-owner@vger.kernel.org
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

From: Horia Geantă <horia.geanta@nxp.com>

commit 48f89d2a2920166c35b1c0b69917dbb0390ebec7 upstream.

IV transfer from ofifo to class2 (set up at [29][30]) is not guaranteed
to be scheduled before the data transfer from ofifo to external memory
(set up at [38]:

[29] 10FA0004           ld: ind-nfifo (len=4) imm
[30] 81F00010               <nfifo_entry: ofifo->class2 type=msg len=16>
[31] 14820004           ld: ccb2-datasz len=4 offs=0 imm
[32] 00000010               data:0x00000010
[33] 8210010D    operation: cls1-op aes cbc init-final enc
[34] A8080B04         math: (seqin + math0)->vseqout len=4
[35] 28000010    seqfifold: skip len=16
[36] A8080A04         math: (seqin + math0)->vseqin len=4
[37] 2F1E0000    seqfifold: both msg1->2-last2-last1 len=vseqinsz
[38] 69300000   seqfifostr: msg len=vseqoutsz
[39] 5C20000C      seqstr: ccb2 ctx len=12 offs=0

If ofifo -> external memory transfer happens first, DECO will hang
(issuing a Watchdog Timeout error, if WDOG is enabled) waiting for
data availability in ofifo for the ofifo -> c2 ififo transfer.

Make sure IV transfer happens first by waiting for all CAAM internal
transfers to end before starting payload transfer.

New descriptor with jump command inserted at [37]:

[..]
[36] A8080A04         math: (seqin + math0)->vseqin len=4
[37] A1000401         jump: jsl1 all-match[!nfifopend] offset=[01] local->[38]
[38] 2F1E0000    seqfifold: both msg1->2-last2-last1 len=vseqinsz
[39] 69300000   seqfifostr: msg len=vseqoutsz
[40] 5C20000C      seqstr: ccb2 ctx len=12 offs=0

[Note: the issue is present in the descriptor from the very beginning
(cf. Fixes tag). However I've marked it v4.19+ since it's the oldest
maintained kernel that the patch applies clean against.]

Cc: <stable@vger.kernel.org> # v4.19+
Fixes: 1acebad3d8db8 ("crypto: caam - faster aead implementation")
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
[Horia: backport to v4.4, v4.9]
Signed-off-by: Horia Geantă <horia.geanta@nxp.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>

---
 drivers/crypto/caam/caamalg.c |   11 ++++++++++-
 1 file changed, 10 insertions(+), 1 deletion(-)

--- a/drivers/crypto/caam/caamalg.c
+++ b/drivers/crypto/caam/caamalg.c
@@ -75,7 +75,7 @@
 #define DESC_AEAD_BASE			(4 * CAAM_CMD_SZ)
 #define DESC_AEAD_ENC_LEN		(DESC_AEAD_BASE + 11 * CAAM_CMD_SZ)
 #define DESC_AEAD_DEC_LEN		(DESC_AEAD_BASE + 15 * CAAM_CMD_SZ)
-#define DESC_AEAD_GIVENC_LEN		(DESC_AEAD_ENC_LEN + 9 * CAAM_CMD_SZ)
+#define DESC_AEAD_GIVENC_LEN		(DESC_AEAD_ENC_LEN + 10 * CAAM_CMD_SZ)
 
 /* Note: Nonce is counted in enckeylen */
 #define DESC_AEAD_CTR_RFC3686_LEN	(4 * CAAM_CMD_SZ)
@@ -474,6 +474,7 @@ static int aead_set_sh_desc(struct crypt
 	u32 geniv, moveiv;
 	u32 ctx1_iv_off = 0;
 	u32 *desc;
+	u32 *wait_cmd;
 	const bool ctr_mode = ((ctx->class1_alg_type & OP_ALG_AAI_MASK) ==
 			       OP_ALG_AAI_CTR_MOD128);
 	const bool is_rfc3686 = alg->caam.rfc3686;
@@ -736,6 +737,14 @@ copy_iv:
 
 	/* Will read cryptlen */
 	append_math_add(desc, VARSEQINLEN, SEQINLEN, REG0, CAAM_CMD_SZ);
+
+	/*
+	 * Wait for IV transfer (ofifo -> class2) to finish before starting
+	 * ciphertext transfer (ofifo -> external memory).
+	 */
+	wait_cmd = append_jump(desc, JUMP_JSL | JUMP_TEST_ALL | JUMP_COND_NIFP);
+	set_jump_tgt_here(desc, wait_cmd);
+
 	append_seq_fifo_load(desc, 0, FIFOLD_CLASS_BOTH | KEY_VLF |
 			     FIFOLD_TYPE_MSG1OUT2 | FIFOLD_TYPE_LASTBOTH);
 	append_seq_fifo_store(desc, 0, FIFOST_TYPE_MESSAGE_DATA | KEY_VLF);