| Message ID | 018d5b804a22b0aa2e4d759749884b0e15c25de4.1502861307.git.ryder.lee@mediatek.com (mailing list archive) |
|---|---|
| State | New, archived |
| Headers | show |
Am Mittwoch, 16. August 2017, 13:19:48 CEST schrieb Ryder Lee: Hi Ryder, > Currently, empty messages are not supported in GCM mode, hence add > a check to prevent producing incorrect results. In case the caller would provide empty messages, would there be just wrong data or a real problem? Note, unprivileged user space can make such requests. If there would be a real problem (like crash), this should also go to stable. Ciao Stephan
Hi, On Wed, 2017-08-16 at 14:18 +0200, Stephan Mueller wrote: > Am Mittwoch, 16. August 2017, 13:19:48 CEST schrieb Ryder Lee: > > Hi Ryder, > > > Currently, empty messages are not supported in GCM mode, hence add > > a check to prevent producing incorrect results. > > In case the caller would provide empty messages, would there be just wrong > data or a real problem? Note, unprivileged user space can make such requests. > > If there would be a real problem (like crash), this should also go to stable. > > Ciao > Stephan This does not cause any problem and it just returns a wrong result. Ryder
On Wed, Aug 16, 2017 at 07:19:48PM +0800, Ryder Lee wrote: > Currently, empty messages are not supported in GCM mode, hence add > a check to prevent producing incorrect results. > > Signed-off-by: Ryder Lee <ryder.lee@mediatek.com> > --- > drivers/crypto/mediatek/mtk-aes.c | 5 +++++ > 1 file changed, 5 insertions(+) > > diff --git a/drivers/crypto/mediatek/mtk-aes.c b/drivers/crypto/mediatek/mtk-aes.c > index 9e845e8..efe4e63 100644 > --- a/drivers/crypto/mediatek/mtk-aes.c > +++ b/drivers/crypto/mediatek/mtk-aes.c > @@ -928,8 +928,13 @@ static int mtk_aes_gcm_start(struct mtk_cryp *cryp, struct mtk_aes_rec *aes) > static int mtk_aes_gcm_crypt(struct aead_request *req, u64 mode) > { > struct mtk_aes_base_ctx *ctx = crypto_aead_ctx(crypto_aead_reqtfm(req)); > + struct mtk_aes_gcm_ctx *gctx = mtk_aes_gcm_ctx_cast(ctx); > struct mtk_aes_reqctx *rctx = aead_request_ctx(req); > > + /* Empty messages are not supported yet */ > + if (!gctx->textlen && !req->assoclen) > + return -EINVAL Your patch does not compile.
Hi, On Tue, 2017-08-22 at 15:01 +0800, Herbert Xu wrote: > On Wed, Aug 16, 2017 at 07:19:48PM +0800, Ryder Lee wrote: > > Currently, empty messages are not supported in GCM mode, hence add > > a check to prevent producing incorrect results. > > > > Signed-off-by: Ryder Lee <ryder.lee@mediatek.com> > > --- > > drivers/crypto/mediatek/mtk-aes.c | 5 +++++ > > 1 file changed, 5 insertions(+) > > > > diff --git a/drivers/crypto/mediatek/mtk-aes.c b/drivers/crypto/mediatek/mtk-aes.c > > index 9e845e8..efe4e63 100644 > > --- a/drivers/crypto/mediatek/mtk-aes.c > > +++ b/drivers/crypto/mediatek/mtk-aes.c > > @@ -928,8 +928,13 @@ static int mtk_aes_gcm_start(struct mtk_cryp *cryp, struct mtk_aes_rec *aes) > > static int mtk_aes_gcm_crypt(struct aead_request *req, u64 mode) > > { > > struct mtk_aes_base_ctx *ctx = crypto_aead_ctx(crypto_aead_reqtfm(req)); > > + struct mtk_aes_gcm_ctx *gctx = mtk_aes_gcm_ctx_cast(ctx); > > struct mtk_aes_reqctx *rctx = aead_request_ctx(req); > > > > + /* Empty messages are not supported yet */ > > + if (!gctx->textlen && !req->assoclen) > > + return -EINVAL > > Your patch does not compile. Ohh..Somehow I delete the semicolon. I will send v1 soon, sorry about that. Ryder
diff --git a/drivers/crypto/mediatek/mtk-aes.c b/drivers/crypto/mediatek/mtk-aes.c index 9e845e8..efe4e63 100644 --- a/drivers/crypto/mediatek/mtk-aes.c +++ b/drivers/crypto/mediatek/mtk-aes.c @@ -928,8 +928,13 @@ static int mtk_aes_gcm_start(struct mtk_cryp *cryp, struct mtk_aes_rec *aes) static int mtk_aes_gcm_crypt(struct aead_request *req, u64 mode) { struct mtk_aes_base_ctx *ctx = crypto_aead_ctx(crypto_aead_reqtfm(req)); + struct mtk_aes_gcm_ctx *gctx = mtk_aes_gcm_ctx_cast(ctx); struct mtk_aes_reqctx *rctx = aead_request_ctx(req); + /* Empty messages are not supported yet */ + if (!gctx->textlen && !req->assoclen) + return -EINVAL + rctx->mode = AES_FLAGS_GCM | mode; return mtk_aes_handle_queue(ctx->cryp, !!(mode & AES_FLAGS_ENCRYPT),
Currently, empty messages are not supported in GCM mode, hence add a check to prevent producing incorrect results. Signed-off-by: Ryder Lee <ryder.lee@mediatek.com> --- drivers/crypto/mediatek/mtk-aes.c | 5 +++++ 1 file changed, 5 insertions(+)