Received: by 2002:a25:ad19:0:0:0:0:0 with SMTP id y25csp5961806ybi; Wed, 31 Jul 2019 06:09:23 -0700 (PDT) X-Google-Smtp-Source: APXvYqxhhdnr3RbqF9jJ003axlwVpdsRe+I+WGXp+CsSPf93vIVrqSS9nYNOSCHA/lDnVdNuJwxP X-Received: by 2002:a63:c008:: with SMTP id h8mr112588910pgg.427.1564578563062; Wed, 31 Jul 2019 06:09:23 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1564578563; cv=none; d=google.com; s=arc-20160816; b=qN2Ixi014n08y/9/jy6Edzvtf2ND8leY86GP+7/greOIb/BS4JqjRAZD/DizYMpeVI x1/b3mzV1huB15g8czsaaJMfaBAi75E6bqqK6Np8Tk/yt15iR8QjdTMBymviluKcAb70 96dAsBCrex1+el+YYPV3z0ukyqSnaxDxWwC4EUxTVjjDEYIpTMjAe/QUliuxtANzasmi fo6xwc9sr74JrMa3DAGrjTG9/pdMyvuHG1GsD3TyN7Djz6avBaPBdZNR36a/CT+td/MB qVT0G4EWlY2QCUKRMnJbnOL8hiJsjA1nxaUgN5C9dsEzoZ6dSgi9MVDiDSK/C/9SUPU+ CsUQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:references:in-reply-to:message-id:date :subject:cc:to:from; bh=p4wSsl5GyPCiUDPCua8tw7r5Wy0J/tflNBM5simhU60=; b=cp97jtkxFO+YTFpzEFx2oUGOYjIbY5P+EyJTDCWU8Hcm3tzkitVtcxGCBoRzTDp4qJ +qMcr3RAqGQPugkM1VjvgNGQqeTszu4aMaUDF++8n+BlVG5BurTqPxv7oGnW6MU3wecE 4mDBBdAIEnFOmtwL/l2TIZ3AzTe0bpI4c4Hd4CGGAlkXCXfqWWqdTzERm0AVhdJwOFyX THzCTKy/7zAWLClPH9bNjuHR0EMDaNjZHdg741ed36jboBmuimoTy0KWUSd1sByRf+IW n+TFYWXcff13K+c2lEE4PnRXuGl2WkV8qVeBMltxPiCC1VM9yz/9ZXUaSMF2zCthdXwO bdJQ== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=nxp.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id s24si33588234pgq.372.2019.07.31.06.09.09; Wed, 31 Jul 2019 06:09:23 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=nxp.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S2388166AbfGaNI0 (ORCPT + 99 others); Wed, 31 Jul 2019 09:08:26 -0400 Received: from inva020.nxp.com ([92.121.34.13]:35178 "EHLO inva020.nxp.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1729240AbfGaNI0 (ORCPT ); Wed, 31 Jul 2019 09:08:26 -0400 Received: from inva020.nxp.com (localhost [127.0.0.1]) by inva020.eu-rdc02.nxp.com (Postfix) with ESMTP id 49FD81A09D5; Wed, 31 Jul 2019 15:08:23 +0200 (CEST) Received: from inva024.eu-rdc02.nxp.com (inva024.eu-rdc02.nxp.com [134.27.226.22]) by inva020.eu-rdc02.nxp.com (Postfix) with ESMTP id 3D74A1A09D1; Wed, 31 Jul 2019 15:08:23 +0200 (CEST) Received: from lorenz.ea.freescale.net (lorenz.ea.freescale.net [10.171.71.5]) by inva024.eu-rdc02.nxp.com (Postfix) with ESMTP id DE4CF205F3; Wed, 31 Jul 2019 15:08:22 +0200 (CEST) From: Iuliana Prodan To: Herbert Xu , Horia Geanta , Aymen Sghaier Cc: "David S. Miller" , linux-crypto@vger.kernel.org, linux-kernel@vger.kernel.org, linux-imx Subject: [PATCH v5 06/14] crypto: caam - check assoclen Date: Wed, 31 Jul 2019 16:08:07 +0300 Message-Id: <1564578495-9883-7-git-send-email-iuliana.prodan@nxp.com> X-Mailer: git-send-email 2.1.0 In-Reply-To: <1564578495-9883-1-git-send-email-iuliana.prodan@nxp.com> References: <1564578495-9883-1-git-send-email-iuliana.prodan@nxp.com> X-Virus-Scanned: ClamAV using ClamSMTP Sender: linux-crypto-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org Check assoclen to solve the extra tests that expect -EINVAL to be returned when the associated data size is not valid. Validated assoclen for RFC4106 and RFC4543 which expects an assoclen of 16 or 20. Based on seqiv, IPsec ESP and RFC4543/RFC4106 the assoclen is sizeof IP Header (spi, seq_no, extended seq_no) and IV len. This can be 16 or 20 bytes. Signed-off-by: Iuliana Prodan Reviewed-by: Horia Geanta --- drivers/crypto/caam/caamalg.c | 10 ++-------- drivers/crypto/caam/caamalg_qi.c | 12 ++++-------- drivers/crypto/caam/caamalg_qi2.c | 10 ++-------- 3 files changed, 8 insertions(+), 24 deletions(-) diff --git a/drivers/crypto/caam/caamalg.c b/drivers/crypto/caam/caamalg.c index 5919069..f832491 100644 --- a/drivers/crypto/caam/caamalg.c +++ b/drivers/crypto/caam/caamalg.c @@ -1598,10 +1598,7 @@ static int chachapoly_decrypt(struct aead_request *req) static int ipsec_gcm_encrypt(struct aead_request *req) { - if (req->assoclen < 8) - return -EINVAL; - - return gcm_encrypt(req); + return crypto_ipsec_check_assoclen(req->assoclen) ? : gcm_encrypt(req); } static int aead_encrypt(struct aead_request *req) @@ -1675,10 +1672,7 @@ static int gcm_decrypt(struct aead_request *req) static int ipsec_gcm_decrypt(struct aead_request *req) { - if (req->assoclen < 8) - return -EINVAL; - - return gcm_decrypt(req); + return crypto_ipsec_check_assoclen(req->assoclen) ? : gcm_decrypt(req); } static int aead_decrypt(struct aead_request *req) diff --git a/drivers/crypto/caam/caamalg_qi.c b/drivers/crypto/caam/caamalg_qi.c index 6c69f54..2158020 100644 --- a/drivers/crypto/caam/caamalg_qi.c +++ b/drivers/crypto/caam/caamalg_qi.c @@ -1237,18 +1237,14 @@ static int aead_decrypt(struct aead_request *req) static int ipsec_gcm_encrypt(struct aead_request *req) { - if (req->assoclen < 8) - return -EINVAL; - - return aead_crypt(req, true); + return crypto_ipsec_check_assoclen(req->assoclen) ? : aead_crypt(req, + true); } static int ipsec_gcm_decrypt(struct aead_request *req) { - if (req->assoclen < 8) - return -EINVAL; - - return aead_crypt(req, false); + return crypto_ipsec_check_assoclen(req->assoclen) ? : aead_crypt(req, + false); } static void skcipher_done(struct caam_drv_req *drv_req, u32 status) diff --git a/drivers/crypto/caam/caamalg_qi2.c b/drivers/crypto/caam/caamalg_qi2.c index b5baa17..0aed1e6 100644 --- a/drivers/crypto/caam/caamalg_qi2.c +++ b/drivers/crypto/caam/caamalg_qi2.c @@ -1406,18 +1406,12 @@ static int aead_decrypt(struct aead_request *req) static int ipsec_gcm_encrypt(struct aead_request *req) { - if (req->assoclen < 8) - return -EINVAL; - - return aead_encrypt(req); + return crypto_ipsec_check_assoclen(req->assoclen) ? : aead_encrypt(req); } static int ipsec_gcm_decrypt(struct aead_request *req) { - if (req->assoclen < 8) - return -EINVAL; - - return aead_decrypt(req); + return crypto_ipsec_check_assoclen(req->assoclen) ? : aead_decrypt(req); } static void skcipher_encrypt_done(void *cbk_ctx, u32 status) -- 2.1.0