Received: by 2002:a05:6a10:9848:0:0:0:0 with SMTP id x8csp2133136pxf; Sat, 27 Mar 2021 03:31:38 -0700 (PDT) X-Google-Smtp-Source: ABdhPJyDfaokfygjlHHCg0dslCwwLADBlZFLz7sBSewNbICTV+OXTTZT7/NxNUt7QuowdGopeSz6 X-Received: by 2002:a05:6402:510b:: with SMTP id m11mr19869927edd.103.1616841098662; Sat, 27 Mar 2021 03:31:38 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1616841098; cv=none; d=google.com; s=arc-20160816; b=jQX/+xB8XIXT3Jm1JdhXC1Lpaqre9LnzJlOmYUpbrfMdQ8FtUOeAuVw4WgS6h0FiZD 0A8s2Yqj2KIE+uuPAiX3Y+eTimR66pcmSziCnn57MrIEONdPcu+tchKec3rR408Nqbd7 ZVETYJJFqrlw2Bv9IblVnMC6nh9ANz9+NXvDUrFVju/56xw6T2HnPV0nMCRw5U1QjuEk phwaNV6ll6O4MWM9UoXQ4ZpyqNIpLOS7ZIOQD9GumR9s5hIqwo02f4qdceGqe5c8FuLE aFJXwDgWbIwnxT/QsoSRo68vKGU6NQT1Ip4+hQ/nyz73mnAEJYtLmnRHimRZFsJFtYJn DuQg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:mime-version:message-id:date:subject:cc:to:from; bh=tEGV93CY3mKM1eAO+kUQDh06Y+NK02FYa7SKjHZARFc=; b=XSIl53syjG/ZLzN3Xfj1k/XxkGbTdMWACwTaFf3AImfBSE/ZkTqmo9LmsCnGHl1a37 86ptRpC2/4RLzy69tCR8x1oDVMhW/i6DkT6I6zDqbcy7fRBw9bGn1LnHUbo543Hq62PX xNGrfis1vPz1Om+LlV9CoyVStn0khud6WeIpzyOMUWwzJgM7pNX6/NoOOZzn5SREVpvc qkeSz8DkZKpCfmLcxLwI9Uo3NSAYVYutpS4qU0m+df7bVCtdyC3pQxF7NFs9iQWXcdsE w47WTnyvPfXtOcN92xna55tEumxo0akie6iiTQmjRMlep3vFgCzkeTjZPb6Wip13Ofvo eOQw== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of linux-crypto-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=huawei.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id m22si8455602ejr.463.2021.03.27.03.31.15; Sat, 27 Mar 2021 03:31:38 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-crypto-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; spf=pass (google.com: domain of linux-crypto-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=huawei.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S231492AbhC0KbE (ORCPT + 99 others); Sat, 27 Mar 2021 06:31:04 -0400 Received: from szxga07-in.huawei.com ([45.249.212.35]:15361 "EHLO szxga07-in.huawei.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229875AbhC0KbE (ORCPT ); Sat, 27 Mar 2021 06:31:04 -0400 Received: from DGGEMS403-HUB.china.huawei.com (unknown [172.30.72.59]) by szxga07-in.huawei.com (SkyGuard) with ESMTP id 4F6w706y7Mz90S3; Sat, 27 Mar 2021 18:29:00 +0800 (CST) Received: from huawei.com (10.67.165.24) by DGGEMS403-HUB.china.huawei.com (10.3.19.203) with Microsoft SMTP Server id 14.3.498.0; Sat, 27 Mar 2021 18:30:56 +0800 From: Longfang Liu To: , CC: , , Subject: [PATCH] crypto: hisilicon/sec - Fixes AES algorithm mode parameter problem Date: Sat, 27 Mar 2021 18:28:30 +0800 Message-ID: <1616840910-12727-1-git-send-email-liulongfang@huawei.com> X-Mailer: git-send-email 2.8.1 MIME-Version: 1.0 Content-Type: text/plain X-Originating-IP: [10.67.165.24] X-CFilter-Loop: Reflected Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org The input data of the ECB (AES) algorithm needs to be aligned with 16 bytes, and the input data of the XTS (AES) algorithm is at least 16 bytes. Otherwise the SEC hardware will go wrong. Signed-off-by: Longfang Liu --- drivers/crypto/hisilicon/sec2/sec_crypto.c | 37 ++++++++++++++++++++++++++---- 1 file changed, 32 insertions(+), 5 deletions(-) diff --git a/drivers/crypto/hisilicon/sec2/sec_crypto.c b/drivers/crypto/hisilicon/sec2/sec_crypto.c index c74082c..71c0125 100644 --- a/drivers/crypto/hisilicon/sec2/sec_crypto.c +++ b/drivers/crypto/hisilicon/sec2/sec_crypto.c @@ -1397,6 +1397,36 @@ static int sec_aead_sha512_ctx_init(struct crypto_aead *tfm) return sec_aead_ctx_init(tfm, "sha512"); } + +static int sec_skcipher_cryptlen_ckeck(struct sec_ctx *ctx, + struct sec_req *sreq) +{ + u32 cryptlen = sreq->c_req.sk_req->cryptlen; + struct device *dev = ctx->dev; + u8 c_mode = ctx->c_ctx.c_mode; + int ret = 0; + + switch (c_mode) { + case SEC_CMODE_XTS: + if (unlikely(cryptlen < AES_BLOCK_SIZE)) { + dev_err(dev, "skcipher XTS mode input length error!\n"); + ret = -EINVAL; + } + break; + case SEC_CMODE_ECB: + case SEC_CMODE_CBC: + if (unlikely(cryptlen & (AES_BLOCK_SIZE - 1))) { + dev_err(dev, "skcipher AES input length error!\n"); + ret = -EINVAL; + } + break; + default: + ret = -EINVAL; + } + + return ret; +} + static int sec_skcipher_param_check(struct sec_ctx *ctx, struct sec_req *sreq) { struct skcipher_request *sk_req = sreq->c_req.sk_req; @@ -1421,12 +1451,9 @@ static int sec_skcipher_param_check(struct sec_ctx *ctx, struct sec_req *sreq) } return 0; } else if (c_alg == SEC_CALG_AES || c_alg == SEC_CALG_SM4) { - if (unlikely(sk_req->cryptlen & (AES_BLOCK_SIZE - 1))) { - dev_err(dev, "skcipher aes input length error!\n"); - return -EINVAL; - } - return 0; + return sec_skcipher_cryptlen_ckeck(ctx, sreq); } + dev_err(dev, "skcipher algorithm error!\n"); return -EINVAL; -- 2.8.1