tjh.dev / kernel
Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
kernel os linux
1
fork

Configure Feed

Select the types of activity you want to include in your feed.

crypto: ccree - check assoclen for rfc4543

Check assoclen to solve the extra tests that expect -EINVAL to be
returned when the associated data size is not valid.

Validated assoclen for RFC4543 which expects an assoclen
of 16 or 20, the same as RFC4106.
Based on seqiv, IPsec ESP and RFC4543/RFC4106 the assoclen is sizeof
IP Header (spi, seq_no, extended seq_no) and IV len. This can be 16 or
20 bytes.

Signed-off-by: Iuliana Prodan <iuliana.prodan@nxp.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>

authored by

Iuliana Prodan and committed by
Herbert Xu b93ecf42 6fc4dbcf

+20 -6
+20 -6
drivers/crypto/ccree/cc_aead.c
··· 2272 2272 static int cc_rfc4543_gcm_encrypt(struct aead_request *req) 2273 2273 { 2274 2274 /* Very similar to cc_aead_encrypt() above. */ 2275 - 2275 + struct crypto_aead *tfm = crypto_aead_reqtfm(req); 2276 + struct cc_aead_ctx *ctx = crypto_aead_ctx(tfm); 2277 + struct device *dev = drvdata_to_dev(ctx->drvdata); 2276 2278 struct aead_req_ctx *areq_ctx = aead_request_ctx(req); 2277 - int rc; 2279 + int rc = -EINVAL; 2280 + 2281 + if (!valid_assoclen(req)) { 2282 + dev_err(dev, "invalid Assoclen:%u\n", req->assoclen); 2283 + goto out; 2284 + } 2278 2285 2279 2286 memset(areq_ctx, 0, sizeof(*areq_ctx)); 2280 2287 ··· 2298 2291 rc = cc_proc_aead(req, DRV_CRYPTO_DIRECTION_ENCRYPT); 2299 2292 if (rc != -EINPROGRESS && rc != -EBUSY) 2300 2293 req->iv = areq_ctx->backup_iv; 2301 - 2294 + out: 2302 2295 return rc; 2303 2296 } 2304 2297 ··· 2337 2330 static int cc_rfc4543_gcm_decrypt(struct aead_request *req) 2338 2331 { 2339 2332 /* Very similar to cc_aead_decrypt() above. */ 2340 - 2333 + struct crypto_aead *tfm = crypto_aead_reqtfm(req); 2334 + struct cc_aead_ctx *ctx = crypto_aead_ctx(tfm); 2335 + struct device *dev = drvdata_to_dev(ctx->drvdata); 2341 2336 struct aead_req_ctx *areq_ctx = aead_request_ctx(req); 2342 - int rc; 2337 + int rc = -EINVAL; 2338 + 2339 + if (!valid_assoclen(req)) { 2340 + dev_err(dev, "invalid Assoclen:%u\n", req->assoclen); 2341 + goto out; 2342 + } 2343 2343 2344 2344 memset(areq_ctx, 0, sizeof(*areq_ctx)); 2345 2345 ··· 2363 2349 rc = cc_proc_aead(req, DRV_CRYPTO_DIRECTION_DECRYPT); 2364 2350 if (rc != -EINPROGRESS && rc != -EBUSY) 2365 2351 req->iv = areq_ctx->backup_iv; 2366 - 2352 + out: 2367 2353 return rc; 2368 2354 } 2369 2355