crypto: chcr - Avoid changing request structure

Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git

kernel os linux

Do not update assoclen received in aead_request.

Signed-off-by: Harsh Jain <harsh@chelsio.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>

authored by

Harsh Jain and committed by

Herbert Xu 8 years ago d600fc8a 5fe8c711

+14 -23

1 changed file

expand all

drivers

crypto

chelsio

chcr_algo.c

+14 -23

drivers/crypto/chelsio/chcr_algo.c

··· 126 126 fw6_pld = (struct cpl_fw6_pld *)input; 127 127 if ((get_aead_subtype(tfm) == CRYPTO_ALG_SUB_TYPE_AEAD_RFC4106) || 128 128 (get_aead_subtype(tfm) == CRYPTO_ALG_SUB_TYPE_AEAD_GCM)) { 129 - cmp = memcmp(&fw6_pld->data[2], (fw6_pld + 1), authsize); 129 + cmp = crypto_memneq(&fw6_pld->data[2], (fw6_pld + 1), authsize); 130 130 } else { 131 131 132 132 sg_pcopy_to_buffer(req->src, sg_nents(req->src), temp, 133 133 authsize, req->assoclen + 134 134 req->cryptlen - authsize); 135 - cmp = memcmp(temp, (fw6_pld + 1), authsize); 135 + cmp = crypto_memneq(temp, (fw6_pld + 1), authsize); 136 136 } 137 137 if (cmp) 138 138 *err = -EBADMSG; ··· 1840 1840 struct scatterlist *src; 1841 1841 unsigned int frags = 0, transhdr_len; 1842 1842 unsigned int ivsize = AES_BLOCK_SIZE; 1843 - unsigned int dst_size = 0, kctx_len; 1843 + unsigned int dst_size = 0, kctx_len, assoclen = req->assoclen; 1844 1844 unsigned char tag_offset = 0; 1845 - unsigned int crypt_len = 0; 1846 1845 unsigned int authsize = crypto_aead_authsize(tfm); 1847 1846 int error = -EINVAL, src_nent; 1848 1847 gfp_t flags = req->base.flags & CRYPTO_TFM_REQ_MAY_SLEEP ? GFP_KERNEL : ··· 1853 1854 1854 1855 if (op_type && req->cryptlen < crypto_aead_authsize(tfm)) 1855 1856 goto err; 1856 - src_nent = sg_nents_for_len(req->src, req->assoclen + req->cryptlen); 1857 + src_nent = sg_nents_for_len(req->src, assoclen + req->cryptlen); 1857 1858 if (src_nent < 0) 1858 1859 goto err; 1859 1860 1860 - src = scatterwalk_ffwd(reqctx->srcffwd, req->src, req->assoclen); 1861 + src = scatterwalk_ffwd(reqctx->srcffwd, req->src, assoclen); 1861 1862 reqctx->dst = src; 1862 1863 if (req->src != req->dst) { 1863 1864 error = chcr_copy_assoc(req, aeadctx); 1864 1865 if (error) 1865 1866 return ERR_PTR(error); 1866 1867 reqctx->dst = scatterwalk_ffwd(reqctx->dstffwd, req->dst, 1867 - req->assoclen); 1868 + assoclen); 1868 1869 } 1869 1870 1870 - if (!req->cryptlen) 1871 - /* null-payload is not supported in the hardware. 1872 - * software is sending block size 1873 - */ 1874 - crypt_len = AES_BLOCK_SIZE; 1875 - else 1876 - crypt_len = req->cryptlen; 1871 + 1877 1872 reqctx->dst_nents = sg_nents_for_len(reqctx->dst, req->cryptlen + 1878 1873 (op_type ? -authsize : authsize)); 1879 1874 if (reqctx->dst_nents < 0) { ··· 1900 1907 memset(chcr_req, 0, transhdr_len); 1901 1908 1902 1909 if (get_aead_subtype(tfm) == CRYPTO_ALG_SUB_TYPE_AEAD_RFC4106) 1903 - req->assoclen -= 8; 1910 + assoclen = req->assoclen - 8; 1904 1911 1905 1912 tag_offset = (op_type == CHCR_ENCRYPT_OP) ? 0 : authsize; 1906 1913 chcr_req->sec_cpl.op_ivinsrtofst = FILL_SEC_CPL_OP_IVINSR( 1907 1914 ctx->dev->rx_channel_id, 2, (ivsize ? 1908 - (req->assoclen + 1) : 0)); 1915 + (assoclen + 1) : 0)); 1909 1916 chcr_req->sec_cpl.pldlen = 1910 - htonl(req->assoclen + ivsize + req->cryptlen); 1917 + htonl(assoclen + ivsize + req->cryptlen); 1911 1918 chcr_req->sec_cpl.aadstart_cipherstop_hi = FILL_SEC_CPL_CIPHERSTOP_HI( 1912 - req->assoclen ? 1 : 0, req->assoclen, 1913 - req->assoclen + ivsize + 1, 0); 1919 + assoclen ? 1 : 0, assoclen, 1920 + assoclen + ivsize + 1, 0); 1914 1921 chcr_req->sec_cpl.cipherstop_lo_authinsert = 1915 - FILL_SEC_CPL_AUTHINSERT(0, req->assoclen + ivsize + 1, 1922 + FILL_SEC_CPL_AUTHINSERT(0, assoclen + ivsize + 1, 1916 1923 tag_offset, tag_offset); 1917 1924 chcr_req->sec_cpl.seqno_numivs = 1918 1925 FILL_SEC_CPL_SCMD0_SEQNO(op_type, (op_type == ··· 1948 1955 goto dstmap_fail; 1949 1956 1950 1957 skb_set_transport_header(skb, transhdr_len); 1951 - 1952 - write_sg_to_skb(skb, &frags, req->src, req->assoclen); 1953 - 1958 + write_sg_to_skb(skb, &frags, req->src, assoclen); 1954 1959 write_buffer_to_skb(skb, &frags, reqctx->iv, ivsize); 1955 1960 write_sg_to_skb(skb, &frags, src, req->cryptlen); 1956 1961 create_wreq(ctx, chcr_req, req, skb, kctx_len, size, 1,