Received: by 2002:a25:ad19:0:0:0:0:0 with SMTP id y25csp4881976ybi; Tue, 30 Jul 2019 09:45:27 -0700 (PDT) X-Google-Smtp-Source: APXvYqyyIEa/95OaVnd3HEXyLdQGmQJRq0qltY+9H9Cp0Qzn5B3tTG2QdgMtDo03tdQz+w8sKrjp X-Received: by 2002:a63:3148:: with SMTP id x69mr23182106pgx.300.1564505127173; Tue, 30 Jul 2019 09:45:27 -0700 (PDT) ARC-Seal: i=2; a=rsa-sha256; t=1564505127; cv=pass; d=google.com; s=arc-20160816; b=0U+yVHT32sZUIbgN6oz6HDqiQYGL+xzbhXla4od9eI8pVV6dcL80SNsDg7UcplHN43 uRP/7g9HbAh2efWa/kndnVKZAuNKcSUenCrNhXNrkMySXNMFQ5riJNIpQaiEb2Pb/fZ+ JWy8D+0nVu3/+syI623E6bIpkw9emJM1seo8ZtHbz+p8oIcRjkyAsm7MTrl1Vpi5vmKV Gml14k8MTn0wh5kI3A4Z2JwLrDfAglTHn6caFyKmNzVOAp7atzOmtWv5UqeYl9pnx4GB sH0WQ58OVf07dHjbJVJXvT/oz1cQNOIpEREOIEFoV6+09649bVy81ygDiKiQFO/L7dgc 61yg== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:mime-version:content-transfer-encoding :content-id:content-language:accept-language:message-id:date :thread-index:thread-topic:subject:cc:to:from:dkim-signature; bh=OsQm5naWL7WBKGnf5KommxbrwRpFtL9MDcF5N9BAOOE=; b=ba4Qj0lONHUDGXbYMvA++GGAHc8po4snslwgE8c6QTrAKzAZj3wjMN1TKnVYiivVVL 4akFgm3ibvj0Enzqf97IHkIUfMrp0oHWXNDSghvglkpdlhaDx12n8qEGP7xg4URpMK3n tD1dKZ9UrSO03q9vWWA1FO+CtsAFlBAiDNhbYYDcAW59CfnYN8WLXHAs91oquq6iFs0G Im+fKvEhrBfe8nEnLateCd1lTXwhCmJ3KsrJW1B0xBd9iRtzOTohnQ3A9DjHu3nMIkZJ i9Lvk95THt8Ovekh4f2XRhK3Fu89LC1Bav78reWflZVVhOMIiEa0osS8Otl1IMk144pJ 8tUQ== ARC-Authentication-Results: i=2; mx.google.com; dkim=pass header.i=@amdcloud.onmicrosoft.com header.s=selector1-amdcloud-onmicrosoft-com header.b=fpo9XZ4f; arc=pass (i=1 spf=pass spfdomain=amd.com dkim=pass dkdomain=amd.com dmarc=pass fromdomain=amd.com); spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id h6si30003795pgc.202.2019.07.30.09.45.12; Tue, 30 Jul 2019 09:45:27 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@amdcloud.onmicrosoft.com header.s=selector1-amdcloud-onmicrosoft-com header.b=fpo9XZ4f; arc=pass (i=1 spf=pass spfdomain=amd.com dkim=pass dkdomain=amd.com dmarc=pass fromdomain=amd.com); spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1728361AbfG3QFK (ORCPT + 99 others); Tue, 30 Jul 2019 12:05:10 -0400 Received: from mail-eopbgr720055.outbound.protection.outlook.com ([40.107.72.55]:29696 "EHLO NAM05-CO1-obe.outbound.protection.outlook.com" rhost-flags-OK-OK-OK-FAIL) by vger.kernel.org with ESMTP id S1725908AbfG3QFJ (ORCPT ); Tue, 30 Jul 2019 12:05:09 -0400 ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=SePgVx0KW24MP56sD5p2tfrclsyKuX64mVssZjFI16/IhLVshkhfjjv7uaYNHvPvy7Vr0iuZS32FZFS2pHruTBFL8Hupjf8MvTotrljPZuwSqS34WgfqtkIoer4ERrYC+fL5hZ6MsHA5bOJZuMyMt8oLLdFlgOffNjUvyNbOUTyRStCH7vrbtkJwr5IR/M4+3eAFGBkc70F4ycdeTpNvzkaSHdKKNZdXXVVxAupipSC5TTH9L3b5FF72JvP2dAHSpb8QMumXRAOfQAmUS9RSJnMsV4ihX8+qly7OksOr6HX2JXY4P3oi9F/YKCL93dBxbP2V0WPJOjt1HYII3JGKdw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=OsQm5naWL7WBKGnf5KommxbrwRpFtL9MDcF5N9BAOOE=; b=goVCHnJ4+DsNYj3LoGl9/9mK8x8rAS296tBAigojTc98dK21obgMpxb95dmbhxJWJVr4uvjk2/L9fBk1r6IZ9jJ4E5owfSlgcW37PEHwCGho7hdkY9VKZlNqMjI/0nmiGOLZJGLugbsnGyHX39/7WByqipYM3b6+YVwELT6HgQHBGww2rCAeMfYxz8hGemI4JHzRrUF0YvqYRlYyNJHp1bQz2D9HY2MRWRavOupRInujOA77uU3A57DgH4A2pwDuIHHoN/+1qxTUmRsXIIZAopPhr3/oGzLOJRuCAMExtXwV482dvY4hYMKO7E1IGZ3FpcjAbvKNtfiFQDlSgJx+Tw== ARC-Authentication-Results: i=1; mx.microsoft.com 1;spf=pass smtp.mailfrom=amd.com;dmarc=pass action=none header.from=amd.com;dkim=pass header.d=amd.com;arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amdcloud.onmicrosoft.com; s=selector1-amdcloud-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=OsQm5naWL7WBKGnf5KommxbrwRpFtL9MDcF5N9BAOOE=; b=fpo9XZ4fBedFNP2Q6w6PzcQxvbaDbfXLnFBFm/J7XrdpiC/lTNaGJ/bw+MqoNYv1wZ/OApdV4ErEzx/PFW2nx7T+Zt6qZ5J/fQcOcBE/IRwwTDse4vXt40paOqGEnEAcN7nPEbEcSTZ623dkvZv28f4pr0xtoqwZOaDuqJpNL6Y= Received: from DM5PR12MB1449.namprd12.prod.outlook.com (10.172.40.14) by DM5PR12MB1292.namprd12.prod.outlook.com (10.168.236.137) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2115.15; Tue, 30 Jul 2019 16:05:07 +0000 Received: from DM5PR12MB1449.namprd12.prod.outlook.com ([fe80::58b8:4b33:20a5:5e3a]) by DM5PR12MB1449.namprd12.prod.outlook.com ([fe80::58b8:4b33:20a5:5e3a%8]) with mapi id 15.20.2115.005; Tue, 30 Jul 2019 16:05:07 +0000 From: "Hook, Gary" To: "linux-crypto@vger.kernel.org" CC: "herbert@gondor.apana.org.au" , "davem@davemloft.net" , "Lendacky, Thomas" , "Hook, Gary" Subject: [PATCH 0/3] AES GCM fixes for the CCP crypto driver Thread-Topic: [PATCH 0/3] AES GCM fixes for the CCP crypto driver Thread-Index: AQHVRvCO2D+3N7PooU2EzkinmOTkLg== Date: Tue, 30 Jul 2019 16:05:07 +0000 Message-ID: <20190730160454.7617-1-gary.hook@amd.com> Accept-Language: en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: x-clientproxiedby: SN1PR12CA0069.namprd12.prod.outlook.com (2603:10b6:802:20::40) To DM5PR12MB1449.namprd12.prod.outlook.com (2603:10b6:4:10::14) authentication-results: spf=none (sender IP is ) smtp.mailfrom=Gary.Hook@amd.com; x-ms-exchange-messagesentrepresentingtype: 1 x-mailer: git-send-email 2.17.1 x-originating-ip: [165.204.78.2] x-ms-publictraffictype: Email x-ms-office365-filtering-correlation-id: 7404bf6d-734a-44a0-3fa2-08d71507b0a5 x-ms-office365-filtering-ht: Tenant x-microsoft-antispam: BCL:0;PCL:0;RULEID:(2390118)(7020095)(4652040)(8989299)(4534185)(4627221)(201703031133081)(201702281549075)(8990200)(5600148)(711020)(4605104)(1401327)(4618075)(2017052603328)(7193020);SRVR:DM5PR12MB1292; x-ms-traffictypediagnostic: DM5PR12MB1292: x-microsoft-antispam-prvs: x-ms-oob-tlc-oobclassifiers: OLM:9508; x-forefront-prvs: 0114FF88F6 x-forefront-antispam-report: SFV:NSPM;SFS:(10009020)(4636009)(396003)(366004)(376002)(136003)(39860400002)(346002)(199004)(189003)(2501003)(26005)(386003)(8936002)(50226002)(1076003)(2906002)(478600001)(66066001)(6506007)(71200400001)(256004)(486006)(3846002)(186003)(6916009)(81156014)(81166006)(68736007)(71190400001)(476003)(102836004)(14454004)(8676002)(52116002)(86362001)(99286004)(2616005)(6116002)(7736002)(6512007)(53936002)(54906003)(66556008)(66476007)(64756008)(66446008)(2351001)(66946007)(36756003)(6436002)(5640700003)(6486002)(5660300002)(316002)(4326008)(25786009)(305945005);DIR:OUT;SFP:1101;SCL:1;SRVR:DM5PR12MB1292;H:DM5PR12MB1449.namprd12.prod.outlook.com;FPR:;SPF:None;LANG:en;PTR:InfoNoRecords;A:1;MX:1; received-spf: None (protection.outlook.com: amd.com does not designate permitted sender hosts) x-ms-exchange-senderadcheck: 1 x-microsoft-antispam-message-info: xrNrczdNWzXtYZhH2pA0I6QVlxCeyixBoe47X2UFLF+f2iSvKuKGbzAO9oj1HU+4B1HTOIglXTnn0/h2f99vNj7SXIm7vkx9rAV7ZF5ElQKWfGrEqBv9GijV6Btu8EBxUjVaSNuewYtBbCFFL3Luq22uSzxAbitYY6DsdVweCnOyxTv8BOhUaklfLV4xcVNxKl+30qZToRcGGFB4+oc6pLvEKpuOzCGqgJnjjd4UCPclL48Mpsc4dLmVG1DBHn9X/EAjlO0BUr52YQO+Sll1ni6iO90MhjasEGpYsc8k66DeFsxdGLrlOKeOMfLBg2DeFyc5K4qIV3PioBYUSrabXF7P9rGpJWWKkZTOu/nMntKn33ci32gEZ6qFc9DG4rdzpWcW8mPYjZyE0cHrdK/4dz3Roep/PFupMvyROQ8+bdM= Content-Type: text/plain; charset="iso-8859-1" Content-ID: <44C6B0C41C3D834A9056E0A5020B1EE4@namprd12.prod.outlook.com> Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-Network-Message-Id: 7404bf6d-734a-44a0-3fa2-08d71507b0a5 X-MS-Exchange-CrossTenant-originalarrivaltime: 30 Jul 2019 16:05:07.2802 (UTC) X-MS-Exchange-CrossTenant-fromentityheader: Hosted X-MS-Exchange-CrossTenant-id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-mailboxtype: HOSTED X-MS-Exchange-CrossTenant-userprincipalname: ghook@amd.com X-MS-Exchange-Transport-CrossTenantHeadersStamped: DM5PR12MB1292 Sender: linux-crypto-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org Additional testing features added to the crypto framework (including fuzzy probing and variations of the lengths of input parameters such as AAD and authsize) expose some gaps in robustness and function in the CCP driver. Address these gaps: Input text is allowed to be zero bytes in length. In this case no encryption/decryption occurs, and certain data structures are not allocated. Don't clean up what doesn't exist. Valid auth tag sizes are 4, 8, 12, 13, 14, 15 or 16 bytes. Note: since the CCP driver has been designed to be used directly, add validation of the authsize parameter at this layer. AES GCM defines the input text for decryption as the concatenation of the AAD, the ciphertext, and the tag. Only the cipher text needs to be decrypted; the tag is simple used for comparison. Gary R Hook (3): crypto: ccp - Fix oops by properly managing allocated structures crypto: ccp - Add support for valid authsize values less than 16 crypto: ccp - Ignore tag length when decrypting GCM ciphertext drivers/crypto/ccp/ccp-crypto-aes-galois.c | 14 +++++++++ drivers/crypto/ccp/ccp-ops.c | 33 ++++++++++++++++------ include/linux/ccp.h | 2 ++ 3 files changed, 40 insertions(+), 9 deletions(-) --=20 2.17.1