From: Lokesh Vutla <lokeshvutla@ti.com>
To: Herbert Xu <herbert@gondor.apana.org.au>
Cc: <linux-crypto@vger.kernel.org>, <davem@davemloft.net>,
<linux-omap@vger.kernel.org>, <linux-kernel@vger.kernel.org>,
<t-kristo@ti.com>, <nsekhar@ti.com>
Subject: Re: [PATCH v2 6/7] crypto: omap-aes: Add support for GCM mode
Date: Fri, 10 Jul 2015 19:39:35 +0530 [thread overview]
Message-ID: <559FD21F.2020903@ti.com> (raw)
In-Reply-To: <20150708041838.GA12744@gondor.apana.org.au>
Hi Herbert,
On Wednesday 08 July 2015 09:48 AM, Herbert Xu wrote:
> On Tue, Jul 07, 2015 at 09:01:48PM +0530, Lokesh Vutla wrote:
>>
>> +static int omap_aes_gcm_copy_buffers(struct omap_aes_dev *dd,
>> + struct aead_request *req)
[..snip..]
>> +static int do_encrypt_iv(struct aead_request *req, u32 *tag)
>> +{
>> + struct scatterlist iv_sg;
>> + struct ablkcipher_request *ablk_req;
>> + struct crypto_ablkcipher *tfm;
>> + struct tcrypt_result result;
>> + struct omap_aes_ctx *ctx = crypto_aead_ctx(crypto_aead_reqtfm(req));
>> + int ret = 0;
>> +
>> + tfm = crypto_alloc_ablkcipher("ctr(aes)", 0, 0);
>
> Ugh, you cannot allocate crypto transforms in the data path. You
> should allocate it in init instead. Also using ctr(aes) is overkill.
> Just use aes and do the xor by hand.
>
>> +static int omap_aes_gcm_crypt(struct aead_request *req, unsigned long mode)
>> +{
>> + struct omap_aes_ctx *ctx = crypto_aead_ctx(crypto_aead_reqtfm(req));
>> + struct omap_aes_reqctx *rctx = aead_request_ctx(req);
>> + struct crypto_aead *aead = crypto_aead_reqtfm(req);
>> + unsigned int authlen = crypto_aead_authsize(aead);
>> + struct omap_aes_dev *dd;
>> + __be32 counter = cpu_to_be32(1);
>> + int err;
>> +
>> + memset(ctx->auth_tag, 0, sizeof(ctx->auth_tag));
>
> The ctx is shared memory and you must not write to it as multiple
> requests can be called on the same tfm. Use rctx instead.
May be a dumb question.
If you don't mind can you elaborate more on the usage of rctx and ctx
in the driver?
Thanks and regards,
Lokesh
>
>> + memcpy(req->iv + 12, &counter, 4);
>
> The IV is only 12 bytes long so you're corrupting memory here.
> You should use rctx here too.
>
>> + if (req->assoclen + req->cryptlen == 0) {
>> + scatterwalk_map_and_copy(ctx->auth_tag, req->dst, 0, authlen,
>> + 1);
>> + return 0;
>> + }
>
> How can this be right? Did you enable the selftest?
>
> Cheers,
>
WARNING: multiple messages have this Message-ID (diff)
From: Lokesh Vutla <lokeshvutla@ti.com>
To: Herbert Xu <herbert@gondor.apana.org.au>
Cc: linux-crypto@vger.kernel.org, davem@davemloft.net,
linux-omap@vger.kernel.org, linux-kernel@vger.kernel.org,
t-kristo@ti.com, nsekhar@ti.com
Subject: Re: [PATCH v2 6/7] crypto: omap-aes: Add support for GCM mode
Date: Fri, 10 Jul 2015 19:39:35 +0530 [thread overview]
Message-ID: <559FD21F.2020903@ti.com> (raw)
In-Reply-To: <20150708041838.GA12744@gondor.apana.org.au>
Hi Herbert,
On Wednesday 08 July 2015 09:48 AM, Herbert Xu wrote:
> On Tue, Jul 07, 2015 at 09:01:48PM +0530, Lokesh Vutla wrote:
>>
>> +static int omap_aes_gcm_copy_buffers(struct omap_aes_dev *dd,
>> + struct aead_request *req)
[..snip..]
>> +static int do_encrypt_iv(struct aead_request *req, u32 *tag)
>> +{
>> + struct scatterlist iv_sg;
>> + struct ablkcipher_request *ablk_req;
>> + struct crypto_ablkcipher *tfm;
>> + struct tcrypt_result result;
>> + struct omap_aes_ctx *ctx = crypto_aead_ctx(crypto_aead_reqtfm(req));
>> + int ret = 0;
>> +
>> + tfm = crypto_alloc_ablkcipher("ctr(aes)", 0, 0);
>
> Ugh, you cannot allocate crypto transforms in the data path. You
> should allocate it in init instead. Also using ctr(aes) is overkill.
> Just use aes and do the xor by hand.
>
>> +static int omap_aes_gcm_crypt(struct aead_request *req, unsigned long mode)
>> +{
>> + struct omap_aes_ctx *ctx = crypto_aead_ctx(crypto_aead_reqtfm(req));
>> + struct omap_aes_reqctx *rctx = aead_request_ctx(req);
>> + struct crypto_aead *aead = crypto_aead_reqtfm(req);
>> + unsigned int authlen = crypto_aead_authsize(aead);
>> + struct omap_aes_dev *dd;
>> + __be32 counter = cpu_to_be32(1);
>> + int err;
>> +
>> + memset(ctx->auth_tag, 0, sizeof(ctx->auth_tag));
>
> The ctx is shared memory and you must not write to it as multiple
> requests can be called on the same tfm. Use rctx instead.
May be a dumb question.
If you don't mind can you elaborate more on the usage of rctx and ctx
in the driver?
Thanks and regards,
Lokesh
>
>> + memcpy(req->iv + 12, &counter, 4);
>
> The IV is only 12 bytes long so you're corrupting memory here.
> You should use rctx here too.
>
>> + if (req->assoclen + req->cryptlen == 0) {
>> + scatterwalk_map_and_copy(ctx->auth_tag, req->dst, 0, authlen,
>> + 1);
>> + return 0;
>> + }
>
> How can this be right? Did you enable the selftest?
>
> Cheers,
>
next prev parent reply other threads:[~2015-07-10 14:12 UTC|newest]
Thread overview: 36+ messages / expand[flat|nested] mbox.gz Atom feed top
2015-07-07 15:31 [PATCH v2 0/7] crypto: omap-aes: Add support for GCM mode Lokesh Vutla
2015-07-07 15:31 ` Lokesh Vutla
2015-07-07 15:31 ` [PATCH v2 1/7] crypto: omap-aes: Fix CTR mode Lokesh Vutla
2015-07-07 15:31 ` Lokesh Vutla
2015-07-07 15:31 ` [PATCH v2 2/7] crypto: omap-aes: Increase priority of hw accelerator Lokesh Vutla
2015-07-07 15:31 ` Lokesh Vutla
2015-07-07 15:31 ` [PATCH v2 3/7] crypto: omap-aes: Fix configuring of AES mode Lokesh Vutla
2015-07-07 15:31 ` Lokesh Vutla
2015-07-07 15:31 ` [PATCH v2 4/7] crypto: omap-aes: Use BIT() macro Lokesh Vutla
2015-07-07 15:31 ` Lokesh Vutla
2015-07-07 15:31 ` [PATCH v2 5/7] crypto: aead: Add aead_request_cast() api Lokesh Vutla
2015-07-07 15:31 ` Lokesh Vutla
2015-07-08 3:56 ` Herbert Xu
2015-07-08 6:43 ` Lokesh Vutla
2015-07-08 6:43 ` Lokesh Vutla
2015-07-07 15:31 ` [PATCH v2 6/7] crypto: omap-aes: Add support for GCM mode Lokesh Vutla
2015-07-07 15:31 ` Lokesh Vutla
2015-07-08 4:18 ` Herbert Xu
2015-07-08 6:59 ` Lokesh Vutla
2015-07-08 6:59 ` Lokesh Vutla
2015-07-08 7:48 ` Herbert Xu
2015-07-08 7:53 ` Herbert Xu
2015-07-08 8:30 ` Lokesh Vutla
2015-07-08 8:30 ` Lokesh Vutla
2015-07-08 8:15 ` Lokesh Vutla
2015-07-08 8:15 ` Lokesh Vutla
2015-07-10 14:09 ` Lokesh Vutla [this message]
2015-07-10 14:09 ` Lokesh Vutla
2015-07-11 2:40 ` Herbert Xu
2015-09-15 13:28 ` [PATCH v3] " Lokesh Vutla
2015-09-15 13:28 ` Lokesh Vutla
2015-09-18 13:17 ` Herbert Xu
2015-09-20 10:38 ` Matthijs van Duin
2015-07-07 15:31 ` [PATCH v2 7/7] crypto: tcrypt: Fix AEAD speed tests Lokesh Vutla
2015-07-07 15:31 ` Lokesh Vutla
2015-07-08 7:11 ` [PATCH v2 0/7] crypto: omap-aes: Add support for GCM mode Herbert Xu
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=559FD21F.2020903@ti.com \
--to=lokeshvutla@ti.com \
--cc=davem@davemloft.net \
--cc=herbert@gondor.apana.org.au \
--cc=linux-crypto@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-omap@vger.kernel.org \
--cc=nsekhar@ti.com \
--cc=t-kristo@ti.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.