diff mbox series

[v2,2/5] crypto: hisilicon/sec - delete the print of fallback tfm application failure

Message ID 1628243066-32648-3-git-send-email-yekai13@huawei.com
State New
Headers show
Series [v2,1/5] crypto: hisilicon/sec - fixup icv checking enabled on Kunpeng 930 | expand

Commit Message

yekai (A) Aug. 6, 2021, 9:44 a.m. UTC
Modify the print of information that might lead to user misunderstanding.
Currently only XTS mode need the fallback tfm when using 192bit key.
Others algs not need soft fallback tfm. So others algs can return
directly.

Signed-off-by: Kai Ye <yekai13@huawei.com>
---
 drivers/crypto/hisilicon/sec2/sec_crypto.c | 15 +++++++--------
 1 file changed, 7 insertions(+), 8 deletions(-)

Comments

Herbert Xu Aug. 12, 2021, 10:53 a.m. UTC | #1
On Fri, Aug 06, 2021 at 05:44:23PM +0800, Kai Ye wrote:
> Modify the print of information that might lead to user misunderstanding.

> Currently only XTS mode need the fallback tfm when using 192bit key.

> Others algs not need soft fallback tfm. So others algs can return

> directly.

> 

> Signed-off-by: Kai Ye <yekai13@huawei.com>

> ---

>  drivers/crypto/hisilicon/sec2/sec_crypto.c | 15 +++++++--------

>  1 file changed, 7 insertions(+), 8 deletions(-)


I still don't get the point of this change.  Fallbacks are typically
the software implementation, and they should never fail except when
you run out of memory.  So what do you gain by delaying the error
from allocation time to runtime?

Cheers,
-- 
Email: Herbert Xu <herbert@gondor.apana.org.au>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt
diff mbox series

Patch

diff --git a/drivers/crypto/hisilicon/sec2/sec_crypto.c b/drivers/crypto/hisilicon/sec2/sec_crypto.c
index bf93c98..890faf8 100644
--- a/drivers/crypto/hisilicon/sec2/sec_crypto.c
+++ b/drivers/crypto/hisilicon/sec2/sec_crypto.c
@@ -641,15 +641,15 @@  static int sec_skcipher_fbtfm_init(struct crypto_skcipher *tfm)
 	struct sec_cipher_ctx *c_ctx = &ctx->c_ctx;
 
 	c_ctx->fallback = false;
+
+	/* Currently, only XTS mode need fallback tfm when using 192bit key */
 	if (likely(strncmp(alg, "xts", SEC_XTS_NAME_SZ)))
 		return 0;
 
 	c_ctx->fbtfm = crypto_alloc_sync_skcipher(alg, 0,
 						  CRYPTO_ALG_NEED_FALLBACK);
-	if (IS_ERR(c_ctx->fbtfm)) {
-		pr_err("failed to alloc fallback tfm!\n");
-		return PTR_ERR(c_ctx->fbtfm);
-	}
+	if (IS_ERR(c_ctx->fbtfm))
+		c_ctx->fbtfm = NULL;
 
 	return 0;
 }
@@ -808,7 +808,7 @@  static int sec_skcipher_setkey(struct crypto_skcipher *tfm, const u8 *key,
 	}
 
 	memcpy(c_ctx->c_key, key, keylen);
-	if (c_ctx->fallback) {
+	if (c_ctx->fallback && c_ctx->fbtfm) {
 		ret = crypto_sync_skcipher_setkey(c_ctx->fbtfm, key, keylen);
 		if (ret) {
 			dev_err(dev, "failed to set fallback skcipher key!\n");
@@ -2032,13 +2032,12 @@  static int sec_skcipher_soft_crypto(struct sec_ctx *ctx,
 				    struct skcipher_request *sreq, bool encrypt)
 {
 	struct sec_cipher_ctx *c_ctx = &ctx->c_ctx;
+	SYNC_SKCIPHER_REQUEST_ON_STACK(subreq, c_ctx->fbtfm);
 	struct device *dev = ctx->dev;
 	int ret;
 
-	SYNC_SKCIPHER_REQUEST_ON_STACK(subreq, c_ctx->fbtfm);
-
 	if (!c_ctx->fbtfm) {
-		dev_err(dev, "failed to check fallback tfm\n");
+		dev_err_ratelimited(dev, "the soft tfm isn't supported in the current system.\n");
 		return -EINVAL;
 	}