crypto: atmel-aes - Fix CTR counter overflow when multiple fragments

Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git

kernel os linux

The CTR transfer works in fragments of data of maximum 1 MByte because
of the 16 bit CTR counter embedded in the IP. Fix the CTR counter
overflow handling for messages larger than 1 MByte.

Reported-by: Dan Carpenter <dan.carpenter@oracle.com>
Fixes: 781a08d9740a ("crypto: atmel-aes - Fix counter overflow in CTR mode")
Signed-off-by: Tudor Ambarus <tudor.ambarus@microchip.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>

authored by

Tudor Ambarus and committed by

Herbert Xu 6 years ago 3907ccfa 27896aff

+7 -1

1 changed file

expand all

drivers

crypto

atmel-aes.c

+7 -1

drivers/crypto/atmel-aes.c

··· 120 120 size_t offset; 121 121 struct scatterlist src[2]; 122 122 struct scatterlist dst[2]; 123 - u16 blocks; 123 + u32 blocks; 124 124 }; 125 125 126 126 struct atmel_aes_gcm_ctx { ··· 527 527 unsigned int ivsize = crypto_skcipher_ivsize(skcipher); 528 528 int i; 529 529 530 + /* 531 + * The CTR transfer works in fragments of data of maximum 1 MByte 532 + * because of the 16 bit CTR counter embedded in the IP. When reaching 533 + * here, ctx->blocks contains the number of blocks of the last fragment 534 + * processed, there is no need to explicit cast it to u16. 535 + */ 530 536 for (i = 0; i < ctx->blocks; i++) 531 537 crypto_inc((u8 *)ctx->iv, AES_BLOCK_SIZE); 532 538