Received: by 2002:a05:6a10:22f:0:0:0:0 with SMTP id 15csp3731619pxk;
        Tue, 8 Sep 2020 00:26:14 -0700 (PDT)
X-Google-Smtp-Source: ABdhPJxc2ZHYoxTxJyCFIErrAVnjhJ5RSmxdN0OFV85zRi+waCcTwLT8wMCqriKCZ2nN02V//4ft
X-Received: by 2002:a50:bf08:: with SMTP id f8mr24541622edk.207.1599549974688;
        Tue, 08 Sep 2020 00:26:14 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1599549974; cv=none;
        d=google.com; s=arc-20160816;
        b=E7IByK0Tu+e1E4ArrWVxSm3rIyl6kdsOu3sw3YC3UYLwBjyei8Q5gNCqjhTGhZPd53
         6zzCBDwZLIBLzd7Twkoc0ScvRMdIz0Gz0dojWM6hYaXPuMccK0OmG0ZIVoPYk0e+7RsN
         at2gUoaQ0MBpyv9gZLiBJG2jvCqUE0Bc26AXM1Ot1ZytWPSeL4SbTjm0y5P/i8wzw3R8
         1Gpyv1GroA2caW0rvlAYnzoS7AoQvYkL++0/OiDh3VlGPXeedqixJrMTLNQlVmr8z0we
         gLD9+mTzNPIste+WlMsODSGVt3m/vnj+QAFYjs7mMRjHMouoyHH2C44rFeeG0MrfvUb+
         BrSg==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:sender:feedback-id:message-id:date:subject:cc:to
         :from:dkim-signature;
        bh=mjvoj2cJS3KtUSnsRTLsMSA6ltmZsG84o6Eqw/kSdDE=;
        b=YYAivdCZz74dZa0sfJ3Ocgth52vFHLio5veq9ApDYb18IMsqK9Qobc3BL7tttPDRKF
         2OiWatq0uHEbDI3AP4x3Dth92x1La1BI/XNAvdl5/D8IcPtUaA9rT5LkhX5PE0lMl+pL
         U04LurpboQDsL52KV822OWqmAYLpLd4qJI+uzFXc+cfKPKb5JV13jZ2sEsfusukrEyEO
         anVM3mTsGEcO8vzOIqVJ+w6uGTC7YVHuDnJ5u3GPkyyX2iWWCjSQVUlZpumJHSp3ZFH8
         gFe2+CDIqhspMueymoq6yeQ+FOo1Fo4DGCK+lsuFaNrlsN/EASECKfAqQYSvxsW39npB
         x8cg==
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=fail header.i=@smtpservice.net header.s=mcg8n0.a1-4.dyn header.b=zq5dqjSU;
       spf=pass (google.com: domain of linux-crypto-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org
Return-Path: <linux-crypto-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18])
        by mx.google.com with ESMTP id g7si11363771edp.272.2020.09.08.00.25.40;
        Tue, 08 Sep 2020 00:26:14 -0700 (PDT)
Received-SPF: pass (google.com: domain of linux-crypto-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18;
Authentication-Results: mx.google.com;
       dkim=fail header.i=@smtpservice.net header.s=mcg8n0.a1-4.dyn header.b=zq5dqjSU;
       spf=pass (google.com: domain of linux-crypto-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1729142AbgIHHZJ (ORCPT <rfc822;rajesh.android@gmail.com>
        + 99 others); Tue, 8 Sep 2020 03:25:09 -0400
Received: from e2i568.smtp2go.com ([103.2.142.56]:43195 "EHLO
        e2i568.smtp2go.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S1728654AbgIHHZH (ORCPT
        <rfc822;linux-crypto@vger.kernel.org>);
        Tue, 8 Sep 2020 03:25:07 -0400
X-Greylist: delayed 566 seconds by postgrey-1.27 at vger.kernel.org; Tue, 08 Sep 2020 03:25:06 EDT
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed;
        d=smtpservice.net; s=mcg8n0.a1-4.dyn; x=1599550807; h=Feedback-ID:
        X-Smtpcorp-Track:Message-Id:Date:Subject:To:From:Reply-To:Sender:
        List-Unsubscribe; bh=mjvoj2cJS3KtUSnsRTLsMSA6ltmZsG84o6Eqw/kSdDE=; b=zq5dqjSU
        ygYvCzP/ojs96OiKfJwchw2jZpVgOxTDwMBMN0GcT2WO/tyNh/+A/psMqC4aFv8eQWzWI6a9SWC2U
        jkORAuPRMb2BaxsKLL/Y4echii6SprTZ4n7M6Qen+vSucpu6rotbtGhPoRgCK5VUO1aQ2lHU93RVj
        eCHciU7/r3lTeGhegERXWbH4ymaG1zPxYtvq/K/1UH6gEdoxNl96wNoBYKsoEuTi0+DxsKQM9bOHw
        I1pjTPV5PzHUZJMjKVmXuY0LCJxSDTY15OMQuVA71sSkNDDoYv0zPtpHMpAkCW0dIHIrFJ2xTkVcs
        yG87MEEU9m+4vW9BaV5N8I5dyQ==;
Received: from [10.173.255.233] (helo=SmtpCorp)
        by smtpcorp.com with esmtpsa (TLS1.3:ECDHE_RSA_AES_256_GCM_SHA384:256)
        (Exim 4.92-S2G)
        (envelope-from <pvanleeuwen@rambus.com>)
        id 1kFXqq-qt4FoQ-6T; Tue, 08 Sep 2020 07:15:36 +0000
Received: from [10.159.100.118] (helo=localhost.localdomain.com)
        by smtpcorp.com with esmtpsa (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
        (Exim 4.92-S2G)
        (envelope-from <pvanleeuwen@rambus.com>)
        id 1kFXqp-IbZqRt-4e; Tue, 08 Sep 2020 07:15:35 +0000
From:   Pascal van Leeuwen <pvanleeuwen@rambus.com>
To:     linux-crypto@vger.kernel.org
Cc:     antoine.tenart@bootlin.com, herbert@gondor.apana.org.au,
        davem@davemloft.net, Pascal van Leeuwen <pvanleeuwen@rambus.com>
Subject: [PATCH] crypto: inside-secure - Prevent missing of processing errors
Date:   Tue,  8 Sep 2020 08:10:45 +0200
Message-Id: <1599545445-5716-1-git-send-email-pvanleeuwen@rambus.com>
X-Mailer: git-send-email 1.8.3.1
X-Smtpcorp-Track: 1kFbqpmPZqRt4-.V5AWRW84e
Feedback-ID: 580919m:580919aJ_Wy3x:580919sVzW-zOjoc
X-Report-Abuse: Please forward a copy of this message, including all headers, to <abuse-report@smtp2go.com>
Sender: linux-crypto-owner@vger.kernel.org
Precedence: bulk
List-ID: <linux-crypto.vger.kernel.org>
X-Mailing-List: linux-crypto@vger.kernel.org

On systems with coherence issues, packet processed could succeed while
it should have failed, e.g. because of an authentication fail.
This is because the driver would read stale status information that had
all error bits initialised to zero = no error.
Since this is potential a security risk, we want to prevent it from being
a possibility at all. So initialize all error bits to error state, so
that reading stale status information will always result in errors.

Signed-off-by: Pascal van Leeuwen <pvanleeuwen@rambus.com>
---
 drivers/crypto/inside-secure/safexcel_ring.c | 9 +++++----
 1 file changed, 5 insertions(+), 4 deletions(-)

diff --git a/drivers/crypto/inside-secure/safexcel_ring.c b/drivers/crypto/inside-secure/safexcel_ring.c
index e454c3d..90f1503 100644
--- a/drivers/crypto/inside-secure/safexcel_ring.c
+++ b/drivers/crypto/inside-secure/safexcel_ring.c
@@ -236,8 +236,8 @@ struct safexcel_result_desc *safexcel_add_rdesc(struct safexcel_crypto_priv *pri
 
 	rdesc->particle_size = len;
 	rdesc->rsvd0 = 0;
-	rdesc->descriptor_overflow = 0;
-	rdesc->buffer_overflow = 0;
+	rdesc->descriptor_overflow = 1; /* assume error */
+	rdesc->buffer_overflow = 1;     /* assume error */
 	rdesc->last_seg = last;
 	rdesc->first_seg = first;
 	rdesc->result_size = EIP197_RD64_RESULT_SIZE;
@@ -245,9 +245,10 @@ struct safexcel_result_desc *safexcel_add_rdesc(struct safexcel_crypto_priv *pri
 	rdesc->data_lo = lower_32_bits(data);
 	rdesc->data_hi = upper_32_bits(data);
 
-	/* Clear length & error code in result token */
+	/* Clear length in result token */
 	rtoken->packet_length = 0;
-	rtoken->error_code = 0;
+	/* Assume errors - HW will clear if not the case */
+	rtoken->error_code = 0x7fff;
 
 	return rdesc;
 }
-- 
1.8.3.1