crypto: ccp - Rework the unit-size check for XTS-AES

Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git

kernel os linux

The CCP supports a limited set of unit-size values. Change the check
for this parameter such that acceptable values match the enumeration.
Then clarify the conditions under which we must use the fallback
implementation.

Signed-off-by: Gary R Hook <gary.hook@amd.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>

authored by

Gary R Hook and committed by

Herbert Xu 8 years ago 7f7216cf 47f27f16

+26 -43

1 changed file

expand all

drivers

crypto

ccp

ccp-crypto-aes-xts.c

+26 -43

drivers/crypto/ccp/ccp-crypto-aes-xts.c

··· 39 39 u32 value; 40 40 }; 41 41 42 - static struct ccp_unit_size_map unit_size_map[] = { 42 + static struct ccp_unit_size_map xts_unit_sizes[] = { 43 43 { 44 - .size = 4096, 45 - .value = CCP_XTS_AES_UNIT_SIZE_4096, 46 - }, 47 - { 48 - .size = 2048, 49 - .value = CCP_XTS_AES_UNIT_SIZE_2048, 50 - }, 51 - { 52 - .size = 1024, 53 - .value = CCP_XTS_AES_UNIT_SIZE_1024, 54 - }, 55 - { 56 - .size = 512, 57 - .value = CCP_XTS_AES_UNIT_SIZE_512, 58 - }, 59 - { 60 - .size = 256, 61 - .value = CCP_XTS_AES_UNIT_SIZE__LAST, 62 - }, 63 - { 64 - .size = 128, 65 - .value = CCP_XTS_AES_UNIT_SIZE__LAST, 66 - }, 67 - { 68 - .size = 64, 69 - .value = CCP_XTS_AES_UNIT_SIZE__LAST, 70 - }, 71 - { 72 - .size = 32, 73 - .value = CCP_XTS_AES_UNIT_SIZE__LAST, 74 - }, 75 - { 76 - .size = 16, 44 + .size = 16, 77 45 .value = CCP_XTS_AES_UNIT_SIZE_16, 78 46 }, 79 47 { 80 - .size = 1, 81 - .value = CCP_XTS_AES_UNIT_SIZE__LAST, 48 + .size = 512, 49 + .value = CCP_XTS_AES_UNIT_SIZE_512, 50 + }, 51 + { 52 + .size = 1024, 53 + .value = CCP_XTS_AES_UNIT_SIZE_1024, 54 + }, 55 + { 56 + .size = 2048, 57 + .value = CCP_XTS_AES_UNIT_SIZE_2048, 58 + }, 59 + { 60 + .size = 4096, 61 + .value = CCP_XTS_AES_UNIT_SIZE_4096, 82 62 }, 83 63 }; 84 64 ··· 118 138 if (!req->info) 119 139 return -EINVAL; 120 140 141 + /* Check conditions under which the CCP can fulfill a request. The 142 + * device can handle input plaintext of a length that is a multiple 143 + * of the unit_size, bug the crypto implementation only supports 144 + * the unit_size being equal to the input length. This limits the 145 + * number of scenarios we can handle. 146 + */ 121 147 unit_size = CCP_XTS_AES_UNIT_SIZE__LAST; 122 - if (req->nbytes <= unit_size_map[0].size) { 123 - for (unit = 0; unit < ARRAY_SIZE(unit_size_map); unit++) { 124 - if (!(req->nbytes & (unit_size_map[unit].size - 1))) { 125 - unit_size = unit_size_map[unit].value; 126 - break; 127 - } 148 + for (unit = 0; unit < ARRAY_SIZE(xts_unit_sizes); unit++) { 149 + if (req->nbytes == xts_unit_sizes[unit].size) { 150 + unit_size = unit; 151 + break; 128 152 } 129 153 } 130 - 131 154 if ((unit_size == CCP_XTS_AES_UNIT_SIZE__LAST) || 132 155 (ctx->u.aes.key_len != AES_KEYSIZE_128)) { 133 156 SKCIPHER_REQUEST_ON_STACK(subreq, ctx->u.aes.tfm_skcipher);