Received: by 2002:a05:6a10:af89:0:0:0:0 with SMTP id iu9csp2505327pxb; Sun, 23 Jan 2022 06:52:35 -0800 (PST) X-Google-Smtp-Source: ABdhPJz0hG9sVmHrsMg+vDTrAA/e6V/FfkZU4un+IOxb6L3ziIEay7uTPHUGnFim45fZYeSFWCsc X-Received: by 2002:a17:902:788e:b0:14a:c6d3:d9cb with SMTP id q14-20020a170902788e00b0014ac6d3d9cbmr10871161pll.34.1642949555638; Sun, 23 Jan 2022 06:52:35 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1642949555; cv=none; d=google.com; s=arc-20160816; b=nzeFomH+C1a52Eo2x+pqU2bcw2MswjuR76f44QJGd0irAtnoxhIXAYckmit+RKJOtx 7IiYL2L6SqKRcMM+HHd1DcwMQn7k4mYKrAIU15HzvBvPzRCYmyywmR59/F0QUVf31oI+ sw1dZUIEKAUjaLg5te5Q8RsnIEtmkAsg/il4aZ5cJM8aRG55D98bt1Mpz1YaYNLF7tMw 2mg16tbi4+matf0BjAtJix/02gC5JbI4jiBm6UE8KmX9FSYs/ud0Il+FlAd+ofSokY1E 1os1XA6byqJS+1n7/3QhCn0uTJ+WL+YwKKyInYuYdwskqAA/cW9yOwhw0oJ6CJm5YZmL KpUw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from; bh=8jfPqJIrBHBtrfPTdsV5urrV5i0eI2K9rFSj072Pc2U=; b=CbzOhG5PnkqC9AEpgrzX8n+nkc1U9TBqj3HHRuPVOMDDuoTSmEDci/RCYJIOFv4yw5 ogJahNDM61t8NEmJOzgobLoV704CHChrxm+DnFvz4vYSJGqAzpxN9SmaPd5DnJ4tb706 iuQKWRUVX0Qe0or5J2+ydKxWwuQMFs1f8dhTIIiluVDjbcNsb1rijFChvamZSqSVVjJJ 4yf0pcypWR0PXulT6l46VD/d07DpBZB+kbqATbWiRCTLzxKbasl2TPGQxNS+YKU11Am2 RAA8RblS8v6HwftvkbDBpePpOISjpfrca7nh2ToxRVseVhELiCVe9GJilE0kCsZn2+NQ fDjA== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of linux-crypto-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=fail (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=huawei.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id l9si13014665pfc.282.2022.01.23.06.52.21; Sun, 23 Jan 2022 06:52:35 -0800 (PST) Received-SPF: pass (google.com: domain of linux-crypto-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; spf=pass (google.com: domain of linux-crypto-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=fail (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=huawei.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S230196AbiAVIS3 (ORCPT + 99 others); Sat, 22 Jan 2022 03:18:29 -0500 Received: from szxga01-in.huawei.com ([45.249.212.187]:35855 "EHLO szxga01-in.huawei.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229876AbiAVISY (ORCPT ); Sat, 22 Jan 2022 03:18:24 -0500 Received: from dggpeml500025.china.huawei.com (unknown [172.30.72.57]) by szxga01-in.huawei.com (SkyGuard) with ESMTP id 4JgpyR3GjKzccWZ; Sat, 22 Jan 2022 16:17:35 +0800 (CST) Received: from dggpeml100012.china.huawei.com (7.185.36.121) by dggpeml500025.china.huawei.com (7.185.36.35) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2308.20; Sat, 22 Jan 2022 16:18:22 +0800 Received: from huawei.com (10.67.165.24) by dggpeml100012.china.huawei.com (7.185.36.121) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2308.20; Sat, 22 Jan 2022 16:18:22 +0800 From: Kai Ye To: CC: , , , Subject: [PATCH v3 3/5] crypto: hisilicon/sec - fix the max length of AAD for the CCM mode Date: Sat, 22 Jan 2022 16:13:10 +0800 Message-ID: <20220122081312.29121-4-yekai13@huawei.com> X-Mailer: git-send-email 2.33.0 In-Reply-To: <20220122081312.29121-1-yekai13@huawei.com> References: <20220122081312.29121-1-yekai13@huawei.com> MIME-Version: 1.0 Content-Transfer-Encoding: 7BIT Content-Type: text/plain; charset=US-ASCII X-Originating-IP: [10.67.165.24] X-ClientProxiedBy: dggems704-chm.china.huawei.com (10.3.19.181) To dggpeml100012.china.huawei.com (7.185.36.121) X-CFilter-Loop: Reflected Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org Fix the maximum length of AAD for the CCM mode due to the hardware limited. Signed-off-by: Kai Ye --- drivers/crypto/hisilicon/sec2/sec_crypto.c | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/drivers/crypto/hisilicon/sec2/sec_crypto.c b/drivers/crypto/hisilicon/sec2/sec_crypto.c index 48abd3871c0e..8305eee9a3d3 100644 --- a/drivers/crypto/hisilicon/sec2/sec_crypto.c +++ b/drivers/crypto/hisilicon/sec2/sec_crypto.c @@ -63,6 +63,7 @@ #define SEC_AUTH_CIPHER 0x1 #define SEC_MAX_MAC_LEN 64 #define SEC_MAX_AAD_LEN 65535 +#define SEC_MAX_CCM_AAD_LEN 65279 #define SEC_TOTAL_MAC_SZ (SEC_MAX_MAC_LEN * QM_Q_DEPTH) #define SEC_PBUF_SZ 512 @@ -2220,6 +2221,10 @@ static int sec_aead_spec_check(struct sec_ctx *ctx, struct sec_req *sreq) } if (c_mode == SEC_CMODE_CCM) { + if (unlikely(req->assoclen > SEC_MAX_CCM_AAD_LEN)) { + dev_err_ratelimited(dev, "CCM input aad parameter is too long!\n"); + return -EINVAL; + } ret = aead_iv_demension_check(req); if (ret) { dev_err(dev, "aead input iv param error!\n"); -- 2.33.0