From patchwork Tue Nov 29 13:05:32 2016 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ard Biesheuvel X-Patchwork-Id: 84796 Delivered-To: patch@linaro.org Received: by 10.140.20.101 with SMTP id 92csp1585613qgi; Tue, 29 Nov 2016 05:05:59 -0800 (PST) X-Received: by 10.84.209.227 with SMTP id y90mr61481009plh.111.1480424759112; Tue, 29 Nov 2016 05:05:59 -0800 (PST) Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id s3si59873107pfe.68.2016.11.29.05.05.59; Tue, 29 Nov 2016 05:05:59 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=neutral (body hash did not verify) header.i=@linaro.org; spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=fail (p=NONE dis=NONE) header.from=linaro.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S933399AbcK2NFo (ORCPT + 1 other); Tue, 29 Nov 2016 08:05:44 -0500 Received: from mail-wm0-f43.google.com ([74.125.82.43]:36834 "EHLO mail-wm0-f43.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S933366AbcK2NFo (ORCPT ); Tue, 29 Nov 2016 08:05:44 -0500 Received: by mail-wm0-f43.google.com with SMTP id g23so237066446wme.1 for ; Tue, 29 Nov 2016 05:05:43 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=7F31Z9Ko0SSuZWl+MeIS3O0+V3q7EwWksWyNBPkIjk0=; b=fFX7b3MsyqvLjQQ/4AG0vGh6UO859YC3u3eOfl9xna0Isi1IvN5kFZ+EAIAxqJKTZ9 350BiHglWgqlE2sUgXySwZqZjIyGfkWu4IZQSq3oiaVWvT+qkEsIUzJt+DScAHwtbMVn XRyLVGziQASO3z13RiZvbLB2dMD6n51HT/KhU= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=7F31Z9Ko0SSuZWl+MeIS3O0+V3q7EwWksWyNBPkIjk0=; b=e98fOBOSJII5OBpy/2pu3a0GbwQeBTpH+k/t7+cjXqh3GEdgerpCb40TkO3Ddn+Ma7 cw8GyLLkA5jnsT+x2vauGDlJD/8vjrdsXsyR43M00p6pQVsC3G8vH7c5OE735BV04Ie3 N1+r7ut+TIafXptKVMPbp+AMZJ7vEVMoz8Wvv3EPjD+rnKFxBmNDXvwOn2hDb0lQqbc0 Eot3G66fUPOb+ppWegflBl+h0xKzD1Pxq4X/2haMHpbf0PXqObEA3uK54Rgl9kPaAdrA OEunrAUJJBmS/P2V+HuHKKLTNIDsfiX4V9wypCfMqeRdpUHdQ2HgvjwowAYtnHIXjBFX qwag== X-Gm-Message-State: AKaTC00zLXNbYYNXZz4NOWgDQ0UtnmtGOAdhSXEKA2PIXdsYD9CXdDEostx1Moe+aHt8zxSn X-Received: by 10.28.51.211 with SMTP id z202mr25852008wmz.125.1480424742816; Tue, 29 Nov 2016 05:05:42 -0800 (PST) Received: from localhost.localdomain ([105.138.199.36]) by smtp.gmail.com with ESMTPSA id n5sm2749312wmf.0.2016.11.29.05.05.40 (version=TLS1_2 cipher=ECDHE-RSA-AES128-SHA bits=128/128); Tue, 29 Nov 2016 05:05:42 -0800 (PST) From: Ard Biesheuvel To: linux-crypto@vger.kernel.org, herbert@gondor.apana.org.au Cc: linux-arm-kernel@lists.infradead.org, Ard Biesheuvel Subject: [PATCH 3/4] crypto: arm64/aes-ce-ccm - fix decrypt path with new skcipher interface Date: Tue, 29 Nov 2016 13:05:32 +0000 Message-Id: <1480424733-10797-3-git-send-email-ard.biesheuvel@linaro.org> X-Mailer: git-send-email 2.7.4 In-Reply-To: <1480424733-10797-1-git-send-email-ard.biesheuvel@linaro.org> References: <1480424733-10797-1-git-send-email-ard.biesheuvel@linaro.org> Sender: linux-crypto-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org The new skcipher walk interface does not take into account whether we are encrypting or decrypting. In the latter case, the walk should disregard the MAC. Fix this in the arm64 CE driver. Signed-off-by: Ard Biesheuvel --- arch/arm64/crypto/aes-ce-ccm-glue.c | 7 +++---- 1 file changed, 3 insertions(+), 4 deletions(-) -- 2.7.4 -- To unsubscribe from this list: send the line "unsubscribe linux-crypto" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Reviewed-by: Ard Biesheuvel diff --git a/arch/arm64/crypto/aes-ce-ccm-glue.c b/arch/arm64/crypto/aes-ce-ccm-glue.c index d4f35685363b..1a011d658387 100644 --- a/arch/arm64/crypto/aes-ce-ccm-glue.c +++ b/arch/arm64/crypto/aes-ce-ccm-glue.c @@ -204,10 +204,10 @@ static int ccm_decrypt(struct aead_request *req) struct skcipher_walk walk; u8 __aligned(8) mac[AES_BLOCK_SIZE]; u8 buf[AES_BLOCK_SIZE]; - u32 len = req->cryptlen - authsize; int err; - err = ccm_init_mac(req, mac, len); + req->cryptlen -= authsize; + err = ccm_init_mac(req, mac, req->cryptlen); if (err) return err; @@ -242,8 +242,7 @@ static int ccm_decrypt(struct aead_request *req) return err; /* compare calculated auth tag with the stored one */ - scatterwalk_map_and_copy(buf, req->src, - req->assoclen + req->cryptlen - authsize, + scatterwalk_map_and_copy(buf, req->src, req->assoclen + req->cryptlen, authsize, 0); if (crypto_memneq(mac, buf, authsize))