mbox series

[v5,00/14] crypto: caam - fixes for kernel v5.3

Message ID 1564578495-9883-1-git-send-email-iuliana.prodan@nxp.com (mailing list archive)
Headers show
Series crypto: caam - fixes for kernel v5.3 | expand

Message

Iuliana Prodan July 31, 2019, 1:08 p.m. UTC 
The series solves:
- the failures found with fuzz testing;
- resources clean-up on caampkc/caamrng exit path.

The first 10 patches solve the issues found with
CONFIG_CRYPTO_MANAGER_EXTRA_TESTS enabled.
They modify the drivers to provide a valid error (and not the hardware
error ID) to the user, via completion callbacks.
They check key length, assoclen, authsize and input size to solve the
fuzz tests that expect -EINVAL to be returned when these values are
not valid.

The next 4 patches check the algorithm registration for caampkc
module and unregister it only if the registration was successful.
Also, on caampkc/caamrng, the exit point function is executed only if the
registration was successful to avoid double freeing of resources in case
the initialization function failed.

This patch depends on series:
https://patchwork.kernel.org/project/linux-crypto/list/?series=153441

Changes since v4:
- use, newly renamed, helper aes function, to validate keylen.

Horia Geantă (5):
  crypto: caam/qi - fix error handling in ERN handler
  crypto: caam - fix return code in completion callbacks
  crypto: caam - update IV only when crypto operation succeeds
  crypto: caam - keep both virtual and dma key addresses
  crypto: caam - fix MDHA key derivation for certain user key lengths

Iuliana Prodan (9):
  crypto: caam - check key length
  crypto: caam - check authsize
  crypto: caam - check assoclen
  crypto: caam - check zero-length input
  crypto: caam - update rfc4106 sh desc to support zero length input
  crypto: caam - free resources in case caam_rng registration failed
  crypto: caam - execute module exit point only if necessary
  crypto: caam - unregister algorithm only if the registration succeeded
  crypto: caam - change return value in case CAAM has no MDHA

 drivers/crypto/caam/Kconfig         |   2 +
 drivers/crypto/caam/caamalg.c       | 227 +++++++++++++++----------
 drivers/crypto/caam/caamalg_desc.c  |  47 ++++--
 drivers/crypto/caam/caamalg_desc.h  |   2 +-
 drivers/crypto/caam/caamalg_qi.c    | 225 +++++++++++++++----------
 drivers/crypto/caam/caamalg_qi2.c   | 320 +++++++++++++++++++++++-------------
 drivers/crypto/caam/caamhash.c      | 114 ++++++++-----
 drivers/crypto/caam/caamhash_desc.c |   5 +-
 drivers/crypto/caam/caamhash_desc.h |   2 +-
 drivers/crypto/caam/caampkc.c       |  80 ++++++---
 drivers/crypto/caam/caamrng.c       |  17 +-
 drivers/crypto/caam/desc_constr.h   |  34 ++--
 drivers/crypto/caam/error.c         |  61 ++++---
 drivers/crypto/caam/error.h         |   2 +-
 drivers/crypto/caam/key_gen.c       |  14 +-
 drivers/crypto/caam/qi.c            |  10 +-
 drivers/crypto/caam/regs.h          |   1 +
 17 files changed, 748 insertions(+), 415 deletions(-)

Comments

Herbert Xu Aug. 9, 2019, 6:19 a.m. UTC | #1 
On Wed, Jul 31, 2019 at 04:08:01PM +0300, Iuliana Prodan wrote:
> The series solves:
> - the failures found with fuzz testing;
> - resources clean-up on caampkc/caamrng exit path.
> 
> The first 10 patches solve the issues found with
> CONFIG_CRYPTO_MANAGER_EXTRA_TESTS enabled.
> They modify the drivers to provide a valid error (and not the hardware
> error ID) to the user, via completion callbacks.
> They check key length, assoclen, authsize and input size to solve the
> fuzz tests that expect -EINVAL to be returned when these values are
> not valid.
> 
> The next 4 patches check the algorithm registration for caampkc
> module and unregister it only if the registration was successful.
> Also, on caampkc/caamrng, the exit point function is executed only if the
> registration was successful to avoid double freeing of resources in case
> the initialization function failed.
> 
> This patch depends on series:
> https://patchwork.kernel.org/project/linux-crypto/list/?series=153441
> 
> Changes since v4:
> - use, newly renamed, helper aes function, to validate keylen.
> 
> Horia Geantă (5):
>   crypto: caam/qi - fix error handling in ERN handler
>   crypto: caam - fix return code in completion callbacks
>   crypto: caam - update IV only when crypto operation succeeds
>   crypto: caam - keep both virtual and dma key addresses
>   crypto: caam - fix MDHA key derivation for certain user key lengths
> 
> Iuliana Prodan (9):
>   crypto: caam - check key length
>   crypto: caam - check authsize
>   crypto: caam - check assoclen
>   crypto: caam - check zero-length input
>   crypto: caam - update rfc4106 sh desc to support zero length input
>   crypto: caam - free resources in case caam_rng registration failed
>   crypto: caam - execute module exit point only if necessary
>   crypto: caam - unregister algorithm only if the registration succeeded
>   crypto: caam - change return value in case CAAM has no MDHA
> 
>  drivers/crypto/caam/Kconfig         |   2 +
>  drivers/crypto/caam/caamalg.c       | 227 +++++++++++++++----------
>  drivers/crypto/caam/caamalg_desc.c  |  47 ++++--
>  drivers/crypto/caam/caamalg_desc.h  |   2 +-
>  drivers/crypto/caam/caamalg_qi.c    | 225 +++++++++++++++----------
>  drivers/crypto/caam/caamalg_qi2.c   | 320 +++++++++++++++++++++++-------------
>  drivers/crypto/caam/caamhash.c      | 114 ++++++++-----
>  drivers/crypto/caam/caamhash_desc.c |   5 +-
>  drivers/crypto/caam/caamhash_desc.h |   2 +-
>  drivers/crypto/caam/caampkc.c       |  80 ++++++---
>  drivers/crypto/caam/caamrng.c       |  17 +-
>  drivers/crypto/caam/desc_constr.h   |  34 ++--
>  drivers/crypto/caam/error.c         |  61 ++++---
>  drivers/crypto/caam/error.h         |   2 +-
>  drivers/crypto/caam/key_gen.c       |  14 +-
>  drivers/crypto/caam/qi.c            |  10 +-
>  drivers/crypto/caam/regs.h          |   1 +
>  17 files changed, 748 insertions(+), 415 deletions(-)

All applied.  Thanks.