Received: by 2002:a05:7412:37c9:b0:e2:908c:2ebd with SMTP id jz9csp2873533rdb; Fri, 22 Sep 2023 10:34:37 -0700 (PDT) X-Google-Smtp-Source: AGHT+IHD/A1DW7I+gzCNNMuulRylekwg6OcVjL6bqOX6lqqowd4lqKMPrvH2zRm/GkDXVTgC96mi X-Received: by 2002:a05:6a20:9742:b0:153:52a3:b0d4 with SMTP id hs2-20020a056a20974200b0015352a3b0d4mr245104pzc.34.1695404076792; Fri, 22 Sep 2023 10:34:36 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1695404076; cv=none; d=google.com; s=arc-20160816; b=m7AT9j5KYRkNbuSXn9+1EECT11p5A6LCUTGcOdQGuoLAnDumIXToeB6GkZwAqxJo8G ZeuniADBZ0NHWH9Gi5gs5Do2UnrUU3gckC1eWDOwTRHetq/Zo7r0yG+UhYyOxg072zr3 hzWj5s64HZouD4vjqYb10sfyinWN9X8aubhKG+b8JDLbsTiiQKqbIV2uCS4RK1JConcI l2WLr6n8J1cYCAqcGBoJukFkC3kNzYJgu7F1brvEPsFh/Rt5G1CYcAlO2JaJ6EgPu/h5 y7L3epw+Lvz2qlPtxlqRmLwQcylRtKA8ViUQxe0VEcg4xVFSj6YyH7rORW4HQoxxxY+l mBTQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:mime-version:message-id:date:references :in-reply-to:subject:cc:to:from:dkim-signature; bh=HxfpG9t0R1eVdxnoEnkLwysNmjpwJ68ogyJaA0gjhTw=; fh=lILibhaYCVzKgrLF9qfKYmwbrM4PWU8xgu2sAgnlJyE=; b=HCMNz13GtH6Y+EDFtnHgBxEhffqldDmop83lY/hoiYI90J8EDaaRD0MByeSKaKOz5E 5LLHOKxvPBRoHdsj2y769PuoQxfiAGAa1sCce666nQJoZjlzOW1Vfvt5L2ZEgXQDbV1C 8w3+9bkAQu439GkS1WsvnkR8BMHHjyzeg97AgQvDhzNZkPhtYWOAGJY/nbVomeIcp2Xg gAPsW29xq5fGBaPoOeytfLUrz/mJU8dRcCV4Bci8iilrBDSs+MxKYfwmGttFKcb8x7t0 8ffT5K4aRATPxLXWm6EJJuOv794JalxUz4wHm53z9g1vtuMjQUXlKSEMQBRGK+TR8e+V n2mw== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@ti.com header.s=ti-com-17Q1 header.b=AjbmuU29; spf=pass (google.com: domain of linux-crypto-owner@vger.kernel.org designates 2620:137:e000::3:4 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=QUARANTINE sp=NONE dis=NONE) header.from=ti.com Return-Path: Received: from howler.vger.email (howler.vger.email. [2620:137:e000::3:4]) by mx.google.com with ESMTPS id l69-20020a633e48000000b0057ab7d42fb2si3873739pga.121.2023.09.22.10.34.36 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 22 Sep 2023 10:34:36 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-crypto-owner@vger.kernel.org designates 2620:137:e000::3:4 as permitted sender) client-ip=2620:137:e000::3:4; Authentication-Results: mx.google.com; dkim=pass header.i=@ti.com header.s=ti-com-17Q1 header.b=AjbmuU29; spf=pass (google.com: domain of linux-crypto-owner@vger.kernel.org designates 2620:137:e000::3:4 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=QUARANTINE sp=NONE dis=NONE) header.from=ti.com Received: from out1.vger.email (depot.vger.email [IPv6:2620:137:e000::3:0]) by howler.vger.email (Postfix) with ESMTP id 22AB08318C7B; Fri, 22 Sep 2023 00:17:44 -0700 (PDT) X-Virus-Status: Clean X-Virus-Scanned: clamav-milter 0.103.10 at howler.vger.email Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S229796AbjIVHRs (ORCPT + 99 others); Fri, 22 Sep 2023 03:17:48 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:59192 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229623AbjIVHRr (ORCPT ); Fri, 22 Sep 2023 03:17:47 -0400 Received: from fllv0015.ext.ti.com (fllv0015.ext.ti.com [198.47.19.141]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 72988C2; Fri, 22 Sep 2023 00:17:41 -0700 (PDT) Received: from lelv0266.itg.ti.com ([10.180.67.225]) by fllv0015.ext.ti.com (8.15.2/8.15.2) with ESMTP id 38M7HV3o050988; Fri, 22 Sep 2023 02:17:31 -0500 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ti.com; s=ti-com-17Q1; t=1695367051; bh=HxfpG9t0R1eVdxnoEnkLwysNmjpwJ68ogyJaA0gjhTw=; h=From:To:CC:Subject:In-Reply-To:References:Date; b=AjbmuU29713dNuA/oBJ50UKgEyryGIpSm0vQFNjcUMHtK3Ot85nwRg2Tu3KllFsST cfEC+PdzWIQVqBYu7C88hZMYzCgzwRPePzQyRzUKWEydTy+p9N6KPvSWVatjvL4k8I sgIRNjV2p+WbbhDS22/DGqlOgD1jQitByheUn184= Received: from DLEE100.ent.ti.com (dlee100.ent.ti.com [157.170.170.30]) by lelv0266.itg.ti.com (8.15.2/8.15.2) with ESMTPS id 38M7HUE0122131 (version=TLSv1.2 cipher=AES256-GCM-SHA384 bits=256 verify=FAIL); Fri, 22 Sep 2023 02:17:30 -0500 Received: from DLEE109.ent.ti.com (157.170.170.41) by DLEE100.ent.ti.com (157.170.170.30) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256_P256) id 15.1.2507.23; Fri, 22 Sep 2023 02:17:30 -0500 Received: from lelv0327.itg.ti.com (10.180.67.183) by DLEE109.ent.ti.com (157.170.170.41) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256_P256) id 15.1.2507.23 via Frontend Transport; Fri, 22 Sep 2023 02:17:30 -0500 Received: from localhost (ileaxei01-snat2.itg.ti.com [10.180.69.6]) by lelv0327.itg.ti.com (8.15.2/8.15.2) with ESMTP id 38M7HT4H068819; Fri, 22 Sep 2023 02:17:30 -0500 From: Kamlesh Gurudasani To: Gaurav Jain , Eric Biggers CC: Horia Geanta , Pankaj Gupta , Varun Sethi , Meenakshi Aggarwal , Herbert Xu , "David S . Miller" , Aisheng Dong , Silvano Di Ninno , "linux-crypto@vger.kernel.org" , "linux-kernel@vger.kernel.org" , dl-linux-imx Subject: Re: [EXTERNAL] RE: [EXT] Re: [PATCH] crypto: caam/jr - fix Chacha20 + Poly1305 self test failure In-Reply-To: References: <20230921124237.2364827-1-gaurav.jain@nxp.com> <20230922024100.GA935@sol.localdomain> Date: Fri, 22 Sep 2023 12:47:29 +0530 Message-ID: <875y42he2e.fsf@kamlesh.i-did-not-set--mail-host-address--so-tickle-me> MIME-Version: 1.0 Content-Type: text/plain X-EXCLAIMER-MD-CONFIG: e1e8a2fd-e40a-4ac6-ac9b-f7e9cc9ee180 X-Spam-Status: No, score=-2.1 required=5.0 tests=BAYES_00,DKIMWL_WL_HIGH, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF, RCVD_IN_DNSWL_BLOCKED,SPF_HELO_PASS,SPF_PASS,URIBL_BLOCKED autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.6.4 (howler.vger.email [0.0.0.0]); Fri, 22 Sep 2023 00:17:44 -0700 (PDT) Gaurav Jain writes: > Hi Eric > >> -----Original Message----- >> From: Eric Biggers >> Sent: Friday, September 22, 2023 8:11 AM >> To: Gaurav Jain >> Cc: Horia Geanta ; Pankaj Gupta >> ; Varun Sethi ; Meenakshi >> Aggarwal ; Herbert Xu >> ; David S . Miller ; >> Aisheng Dong ; Silvano Di Ninno >> ; linux-crypto@vger.kernel.org; linux- >> kernel@vger.kernel.org; dl-linux-imx >> Subject: [EXT] Re: [PATCH] crypto: caam/jr - fix Chacha20 + Poly1305 self test >> failure >> >> Caution: This is an external email. Please take care when clicking links or >> opening attachments. When in doubt, report the message using the 'Report this >> email' button >> >> >> On Thu, Sep 21, 2023 at 06:12:37PM +0530, Gaurav Jain wrote: >> > key buffer is not copied in chachapoly_setkey function, results in >> > wrong output for encryption/decryption operation. >> > >> > fix this by memcpy the key in caam_ctx key arrary Not sure, but do you mean array*? >> > >> > Fixes: d6bbd4eea243 ("crypto: caam/jr - add support for Chacha20 + >> > Poly1305") >> > Signed-off-by: Gaurav Jain >> > --- >> > drivers/crypto/caam/caamalg.c | 3 ++- >> > 1 file changed, 2 insertions(+), 1 deletion(-) >> > >> > diff --git a/drivers/crypto/caam/caamalg.c >> > b/drivers/crypto/caam/caamalg.c index eba2d750c3b0..066f08a3a040 >> > 100644 >> > --- a/drivers/crypto/caam/caamalg.c >> > +++ b/drivers/crypto/caam/caamalg.c >> > @@ -575,7 +575,8 @@ static int chachapoly_setkey(struct crypto_aead *aead, >> const u8 *key, >> > if (keylen != CHACHA_KEY_SIZE + saltlen) >> > return -EINVAL; >> > >> > - ctx->cdata.key_virt = key; >> > + memcpy(ctx->key, key, keylen); >> > + ctx->cdata.key_virt = ctx->key; >> > ctx->cdata.keylen = keylen - saltlen; >> > >> >> Huh, so this driver just ignored the key? Is anyone using the ChaCha20Poly1305 >> support in this driver? Based on this bug existing, that seems unlikely. If that's >> the case, wouldn't it be better just to remove the ChaCha20Poly1305 support >> from this driver so that the code doesn't need to be maintained? > > This algorithm is used in IPSEC and we are also going to use ChaCha20Poly1305 support for Kernel TLS. > Gaurav Does this mean IPSEC doesn't call setkey() or the key value was such that it didn't affect even after failing to actually set the key? -Kamlesh