From patchwork Mon Apr 22 11:25:58 2019
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Christian Lamparter <chunkeey@gmail.com>
X-Patchwork-Id: 10910915
X-Patchwork-Delegate: herbert@gondor.apana.org.au
Return-Path: <linux-crypto-owner@kernel.org>
Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org
 [172.30.200.125])
	by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id D610A14DB
	for <patchwork-linux-crypto@patchwork.kernel.org>;
 Mon, 22 Apr 2019 11:26:08 +0000 (UTC)
Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1])
	by mail.wl.linuxfoundation.org (Postfix) with ESMTP id C3D4B286DF
	for <patchwork-linux-crypto@patchwork.kernel.org>;
 Mon, 22 Apr 2019 11:26:08 +0000 (UTC)
Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486)
	id B6F8228714; Mon, 22 Apr 2019 11:26:08 +0000 (UTC)
X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on
	pdx-wl-mail.web.codeaurora.org
X-Spam-Level: 
X-Spam-Status: No, score=-8.0 required=2.0 tests=BAYES_00,DKIM_SIGNED,
	DKIM_VALID,DKIM_VALID_AU,FREEMAIL_FROM,MAILING_LIST_MULTI,RCVD_IN_DNSWL_HI
	autolearn=ham version=3.3.1
Received: from vger.kernel.org (vger.kernel.org [209.132.180.67])
	by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 4AA9F284AF
	for <patchwork-linux-crypto@patchwork.kernel.org>;
 Mon, 22 Apr 2019 11:26:08 +0000 (UTC)
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1726995AbfDVL0H (ORCPT
        <rfc822;patchwork-linux-crypto@patchwork.kernel.org>);
        Mon, 22 Apr 2019 07:26:07 -0400
Received: from mail-wm1-f68.google.com ([209.85.128.68]:51675 "EHLO
        mail-wm1-f68.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S1726698AbfDVL0G (ORCPT
        <rfc822;linux-crypto@vger.kernel.org>);
        Mon, 22 Apr 2019 07:26:06 -0400
Received: by mail-wm1-f68.google.com with SMTP id 4so14069856wmf.1;
        Mon, 22 Apr 2019 04:26:05 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=20161025;
        h=from:to:cc:subject:date:message-id:mime-version
         :content-transfer-encoding;
        bh=QTvdBrVDEPSw1Qe1gZEOJsxviDk6CdfjxJvT+L/zDAA=;
        b=Tjp8SXOzrMESpmxjlBPjr3ZbIqxFoV5dI4A2R49YmaUMkmo5XTqIvoaLt3j2gnFW7Q
         FiqtF2mOn3RIfF5P4uhhJfsrSgif4nnfcQ57caQfrYCYa0hZJwrl88P2fRJw4xkyhdCB
         V7bDBYjlep5jdNvBWVpOT0IOjZNvc8QslBdqXxgAi5xb/ncfLVO55CBsXqGD8/4xDK6q
         VTlDYkltDB2NUAuQ3qlnyzcnvzksQrw4RkgjRrV2IQPnzIL0WxIBWjqSo0alfhxg6/L+
         3iRBtK2sSxyw7VEWqQ+KjEUfd50TtX0bd2TkEBOux+cqihmeKcpxkeEjvLPrfE6h6f/i
         fr/Q==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20161025;
        h=x-gm-message-state:from:to:cc:subject:date:message-id:mime-version
         :content-transfer-encoding;
        bh=QTvdBrVDEPSw1Qe1gZEOJsxviDk6CdfjxJvT+L/zDAA=;
        b=MngrBttMrYesfzcGRB65wddCn/JIH1+iL0xTJ/n4oK0Psk0g0JPUFG4ecWokV8SXIc
         IxJZOGMyQO2r8tZ6wc8J2WWHlRGp/O1XUmhyilvvB4VAo4japzc6K7fwqXPW8PqUgXM8
         YQ92qrnoJYxhX8Zr8zBx5g0EFmofj39k9beWZZqhyLIKmGqWdvSYZC9XLaofX5gZOhUo
         a0Qzi3mkWG1Kl6g65nkC37ETIY65wYQeFqdWMcd+axssDMODs3YzZLRFHi+7DnPCAcUg
         QypCX+ryqGsFpHrH84eG4pVx0ygXhbUOU/0Pu0cZrWQhVSoVi4urpY/KwoCotfHIsw4L
         UCIg==
X-Gm-Message-State: APjAAAXGy2B4XnNBo1XzvTjMTO17tnFJ/Sv0XMeVP5kE7J+sOo7ZripC
        L79S+q8eXmeJGXE2iQ8z29A=
X-Google-Smtp-Source: 
 APXvYqwyluy6sBFqh6a9nIS4RkaQ7W1hpfM68JaIex4+YwlQy+dH7BEEuLhZS0/F5Zrnc5P6Hu4nQw==
X-Received: by 2002:a1c:6c04:: with SMTP id h4mr11985333wmc.135.1555932364322;
        Mon, 22 Apr 2019 04:26:04 -0700 (PDT)
Received: from debian64.daheim (p5B0D75EE.dip0.t-ipconnect.de.
 [91.13.117.238])
        by smtp.gmail.com with ESMTPSA id
 f1sm9964774wrt.87.2019.04.22.04.26.02
        (version=TLS1_2 cipher=ECDHE-RSA-CHACHA20-POLY1305 bits=256/256);
        Mon, 22 Apr 2019 04:26:03 -0700 (PDT)
Received: from chuck by debian64.daheim with local (Exim 4.92)
        (envelope-from <chunkeey@gmail.com>)
        id 1hIX5F-0001VN-GW; Mon, 22 Apr 2019 13:26:01 +0200
From: Christian Lamparter <chunkeey@gmail.com>
To: linux-crypto@vger.kernel.org
Cc: Kees Cook <keescook@chromium.org>,
        Eric Biggers <ebiggers@google.com>,
        Herbert Xu <herbert@gondor.apana.org.au>,
        stable@vger.kernel.org
Subject: [PATCH 1/4] crypto4xx: fix ctr-aes missing output IV
Date: Mon, 22 Apr 2019 13:25:58 +0200
Message-Id: 
 <4c860f87b9339da1d1f700ba6a56a7a5e2eb14da.1555932334.git.chunkeey@gmail.com>
X-Mailer: git-send-email 2.20.1
MIME-Version: 1.0
Sender: linux-crypto-owner@vger.kernel.org
Precedence: bulk
List-ID: <linux-crypto.vger.kernel.org>
X-Mailing-List: linux-crypto@vger.kernel.org
X-Virus-Scanned: ClamAV using ClamSMTP

Commit 8efd972ef96a ("crypto: testmgr - support checking skcipher output IV")
caused the crypto4xx driver to produce the following error:

| ctr-aes-ppc4xx encryption test failed (wrong output IV)
| on test vector 0, cfg="in-place"

This patch fixes this by reworking the crypto4xx_setkey_aes()
function to:

 - not save the iv for ECB (as per 18.2.38 CRYP0_SA_CMD_0:
   "This bit mut be cleared for DES ECB mode or AES ECB mode,
   when no IV is used.")

 - instruct the hardware to save the generated IV for all
   other modes of operations that have IV and then supply
   it back to the callee in pretty much the same way as we
   do it for cbc-aes already.

 - make it clear that the DIR_(IN|OUT)BOUND is the important
   bit that tells the hardware to encrypt or decrypt the data.
   (this is cosmetic - but it hopefully prevents me from
    getting confused again).

 - don't load any bogus hash when we don't use any hash
   operation to begin with.

Cc: stable@vger.kernel.org
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
---
 drivers/crypto/amcc/crypto4xx_alg.c | 12 +++++++++---
 1 file changed, 9 insertions(+), 3 deletions(-)

diff --git a/drivers/crypto/amcc/crypto4xx_alg.c b/drivers/crypto/amcc/crypto4xx_alg.c
index 4092c2aad8e2..3458c5a085d9 100644
--- a/drivers/crypto/amcc/crypto4xx_alg.c
+++ b/drivers/crypto/amcc/crypto4xx_alg.c
@@ -141,9 +141,10 @@ static int crypto4xx_setkey_aes(struct crypto_skcipher *cipher,
 	/* Setup SA */
 	sa = ctx->sa_in;
 
-	set_dynamic_sa_command_0(sa, SA_NOT_SAVE_HASH, (cm == CRYPTO_MODE_CBC ?
-				 SA_SAVE_IV : SA_NOT_SAVE_IV),
-				 SA_LOAD_HASH_FROM_SA, SA_LOAD_IV_FROM_STATE,
+	set_dynamic_sa_command_0(sa, SA_NOT_SAVE_HASH, (cm == CRYPTO_MODE_ECB ?
+				 SA_NOT_SAVE_IV : SA_SAVE_IV),
+				 SA_NOT_LOAD_HASH, (cm == CRYPTO_MODE_ECB ?
+				 SA_LOAD_IV_FROM_SA : SA_LOAD_IV_FROM_STATE),
 				 SA_NO_HEADER_PROC, SA_HASH_ALG_NULL,
 				 SA_CIPHER_ALG_AES, SA_PAD_TYPE_ZERO,
 				 SA_OP_GROUP_BASIC, SA_OPCODE_DECRYPT,
@@ -162,6 +163,11 @@ static int crypto4xx_setkey_aes(struct crypto_skcipher *cipher,
 	memcpy(ctx->sa_out, ctx->sa_in, ctx->sa_len * 4);
 	sa = ctx->sa_out;
 	sa->sa_command_0.bf.dir = DIR_OUTBOUND;
+	/*
+	 * SA_OPCODE_ENCRYPT is the same value as SA_OPCODE_DECRYPT.
+	 * it's the DIR_(IN|OUT)BOUND that matters
+	 */
+	sa->sa_command_0.bf.opcode = SA_OPCODE_ENCRYPT;
 
 	return 0;
 }

From patchwork Mon Apr 22 11:25:59 2019
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Christian Lamparter <chunkeey@gmail.com>
X-Patchwork-Id: 10910921
X-Patchwork-Delegate: herbert@gondor.apana.org.au
Return-Path: <linux-crypto-owner@kernel.org>
Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org
 [172.30.200.125])
	by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 1056B14DB
	for <patchwork-linux-crypto@patchwork.kernel.org>;
 Mon, 22 Apr 2019 11:26:11 +0000 (UTC)
Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1])
	by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 01C0D284AF
	for <patchwork-linux-crypto@patchwork.kernel.org>;
 Mon, 22 Apr 2019 11:26:11 +0000 (UTC)
Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486)
	id EA3D9286DF; Mon, 22 Apr 2019 11:26:10 +0000 (UTC)
X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on
	pdx-wl-mail.web.codeaurora.org
X-Spam-Level: 
X-Spam-Status: No, score=-8.0 required=2.0 tests=BAYES_00,DKIM_SIGNED,
	DKIM_VALID,DKIM_VALID_AU,FREEMAIL_FROM,MAILING_LIST_MULTI,RCVD_IN_DNSWL_HI
	autolearn=ham version=3.3.1
Received: from vger.kernel.org (vger.kernel.org [209.132.180.67])
	by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 6D841284AF
	for <patchwork-linux-crypto@patchwork.kernel.org>;
 Mon, 22 Apr 2019 11:26:10 +0000 (UTC)
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1727014AbfDVL0J (ORCPT
        <rfc822;patchwork-linux-crypto@patchwork.kernel.org>);
        Mon, 22 Apr 2019 07:26:09 -0400
Received: from mail-wm1-f67.google.com ([209.85.128.67]:52765 "EHLO
        mail-wm1-f67.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S1726900AbfDVL0I (ORCPT
        <rfc822;linux-crypto@vger.kernel.org>);
        Mon, 22 Apr 2019 07:26:08 -0400
Received: by mail-wm1-f67.google.com with SMTP id a184so14045365wma.2;
        Mon, 22 Apr 2019 04:26:06 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=20161025;
        h=from:to:cc:subject:date:message-id:in-reply-to:references
         :mime-version:content-transfer-encoding;
        bh=+XVwqdd74qmNagFrB1WCVK88NxDfUzRVSLDeS0Nb5rI=;
        b=OVna7CztEp+7ApCTsemI8/wTEWaY6To7OYrbR0JLpxbxnfrC7KPBMvNKYX6S/EZG8A
         jxN8amQfaia4isGOUjO1WrpV5iLhDMDhBLxrR65TSPQf5gKHR/YmbFjcgWDGlTlN67q2
         IdTtp/Oswl0hFaCV/0LavWS45dWMUopa7jHGT1csFACBdeOAUOW2yvo7FUwubTxFFKZh
         34TIZyNQKWEl735G51pUTdK5/949anvcH1W3xy6F/+0JaWJVuamelcQFSULqY/72Jg0A
         s/fpLeQ8JLMHi8n3xsfajktFZc1xKpP+kRm6GDUL8Nt8PI1w5raNWM/ub7B+4JbsIynI
         rnyg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20161025;
        h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to
         :references:mime-version:content-transfer-encoding;
        bh=+XVwqdd74qmNagFrB1WCVK88NxDfUzRVSLDeS0Nb5rI=;
        b=koLHnyq7jxPWXUjQtg7yMTxnduIGiCmln5jLa4I/UkEFA2J/sXjnvjagZHRHfAOKHX
         Wg+QX6/7m3UckobBI740p3KFUSyC62sFZJW/wZ/Iw31wB2O3lAmUQSuG+YzHnxbIKLoC
         degq2SpRz+S85nEIpS0kGujqZ/6YapCUgAU0efeWpYPPFA4SBk/AvtCbn8sFbEEe4Jh6
         aksCQzaVDe5LNO49V71l0ec0IN+Dxu7dvLq2yDG2xef2AepM0+tlMF0Rj8gvOGRsUjcj
         4mnWXBVX5AW4XOWemJtF3nEnW2bi+gyxrB5rq/2q8vWYsec+FduNp3EPsHiKiDeUnMbB
         84OA==
X-Gm-Message-State: APjAAAXS/ZLInxsmwY+ep/nZIHdDSaLiZsKlJAZoEG0VuBpJdkBhLwWg
        b6d6MUTNFWRimWzF2guiEAk=
X-Google-Smtp-Source: 
 APXvYqy1wB13HD+ocOSubdoe3q+qmQeO9im6LrNojyGDO7kszwiC754RNfqeieDojb3xZerzAFG8uA==
X-Received: by 2002:a1c:1aca:: with SMTP id
 a193mr12365084wma.40.1555932365977;
        Mon, 22 Apr 2019 04:26:05 -0700 (PDT)
Received: from debian64.daheim (p5B0D75EE.dip0.t-ipconnect.de.
 [91.13.117.238])
        by smtp.gmail.com with ESMTPSA id
 y133sm13478793wmd.2.2019.04.22.04.26.02
        (version=TLS1_2 cipher=ECDHE-RSA-CHACHA20-POLY1305 bits=256/256);
        Mon, 22 Apr 2019 04:26:03 -0700 (PDT)
Received: from chuck by debian64.daheim with local (Exim 4.92)
        (envelope-from <chunkeey@gmail.com>)
        id 1hIX5F-0001VQ-HV; Mon, 22 Apr 2019 13:26:01 +0200
From: Christian Lamparter <chunkeey@gmail.com>
To: linux-crypto@vger.kernel.org
Cc: Kees Cook <keescook@chromium.org>,
        Eric Biggers <ebiggers@google.com>,
        Herbert Xu <herbert@gondor.apana.org.au>,
        stable@vger.kernel.org
Subject: [PATCH 2/4] crypto4xx: fix cfb and ofb "overran dst buffer" issues
Date: Mon, 22 Apr 2019 13:25:59 +0200
Message-Id: 
 <4d8f4f483feb713126bbdb789b095936819d9804.1555932334.git.chunkeey@gmail.com>
X-Mailer: git-send-email 2.20.1
In-Reply-To: 
 <4c860f87b9339da1d1f700ba6a56a7a5e2eb14da.1555932334.git.chunkeey@gmail.com>
References: 
 <4c860f87b9339da1d1f700ba6a56a7a5e2eb14da.1555932334.git.chunkeey@gmail.com>
MIME-Version: 1.0
Sender: linux-crypto-owner@vger.kernel.org
Precedence: bulk
List-ID: <linux-crypto.vger.kernel.org>
X-Mailing-List: linux-crypto@vger.kernel.org
X-Virus-Scanned: ClamAV using ClamSMTP

Currently, crypto4xx CFB and OFB AES ciphers are
failing testmgr's test vectors.

|cfb-aes-ppc4xx encryption overran dst buffer on test vector 3, cfg="in-place"
|ofb-aes-ppc4xx encryption overran dst buffer on test vector 1, cfg="in-place"

This is because of a very subtile "bug" in the hardware that
gets indirectly mentioned in 18.1.3.5 Encryption/Decryption
of the hardware spec:

the OFB and CFB modes for AES are listed there as operation
modes for >>> "Block ciphers" <<<. Which kind of makes sense,
but we would like them to be considered as stream ciphers just
like the CTR mode.

To workaround this issue and stop the hardware from causing
"overran dst buffer" on crypttexts that are not a multiple
of 16 (AES_BLOCK_SIZE), we force the driver to use the scatter
buffers as the go-between.

As a bonus this patch also kills redundant pd_uinfo->num_gd
and pd_uinfo->num_sd setters since the value has already been
set before.

Cc: stable@vger.kernel.org
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
---
 drivers/crypto/amcc/crypto4xx_core.c | 31 +++++++++++++++++++---------
 1 file changed, 21 insertions(+), 10 deletions(-)

diff --git a/drivers/crypto/amcc/crypto4xx_core.c b/drivers/crypto/amcc/crypto4xx_core.c
index 06574a884715..920bd5e720b2 100644
--- a/drivers/crypto/amcc/crypto4xx_core.c
+++ b/drivers/crypto/amcc/crypto4xx_core.c
@@ -714,7 +714,23 @@ int crypto4xx_build_pd(struct crypto_async_request *req,
 	size_t offset_to_sr_ptr;
 	u32 gd_idx = 0;
 	int tmp;
-	bool is_busy;
+	bool is_busy, force_sd;
+
+	/*
+	 * There's a very subtile/disguised "bug" in the hardware that
+	 * gets indirectly mentioned in 18.1.3.5 Encryption/Decryption
+	 * of the hardware spec:
+	 * *drum roll* the AES/(T)DES OFB and CFB modes are listed as
+	 * operation modes for >>> "Block ciphers" <<<.
+	 *
+	 * To workaround this issue and stop the hardware from causing
+	 * "overran dst buffer" on crypttexts that are not a multiple
+	 * of 16 (AES_BLOCK_SIZE), we force the driver to use the
+	 * scatter buffers.
+	 */
+	force_sd = (req_sa->sa_command_1.bf.crypto_mode9_8 == CRYPTO_MODE_CFB
+		|| req_sa->sa_command_1.bf.crypto_mode9_8 == CRYPTO_MODE_OFB)
+		&& (datalen % AES_BLOCK_SIZE);
 
 	/* figure how many gd are needed */
 	tmp = sg_nents_for_len(src, assoclen + datalen);
@@ -732,7 +748,7 @@ int crypto4xx_build_pd(struct crypto_async_request *req,
 	}
 
 	/* figure how many sd are needed */
-	if (sg_is_last(dst)) {
+	if (sg_is_last(dst) && force_sd == false) {
 		num_sd = 0;
 	} else {
 		if (datalen > PPC4XX_SD_BUFFER_SIZE) {
@@ -807,9 +823,10 @@ int crypto4xx_build_pd(struct crypto_async_request *req,
 	pd->sa_len = sa_len;
 
 	pd_uinfo = &dev->pdr_uinfo[pd_entry];
-	pd_uinfo->async_req = req;
 	pd_uinfo->num_gd = num_gd;
 	pd_uinfo->num_sd = num_sd;
+	pd_uinfo->dest_va = dst;
+	pd_uinfo->async_req = req;
 
 	if (iv_len)
 		memcpy(pd_uinfo->sr_va->save_iv, iv, iv_len);
@@ -828,7 +845,6 @@ int crypto4xx_build_pd(struct crypto_async_request *req,
 		/* get first gd we are going to use */
 		gd_idx = fst_gd;
 		pd_uinfo->first_gd = fst_gd;
-		pd_uinfo->num_gd = num_gd;
 		gd = crypto4xx_get_gdp(dev, &gd_dma, gd_idx);
 		pd->src = gd_dma;
 		/* enable gather */
@@ -865,17 +881,14 @@ int crypto4xx_build_pd(struct crypto_async_request *req,
 		 * Indicate gather array is not used
 		 */
 		pd_uinfo->first_gd = 0xffffffff;
-		pd_uinfo->num_gd = 0;
 	}
-	if (sg_is_last(dst)) {
+	if (!num_sd) {
 		/*
 		 * we know application give us dst a whole piece of memory
 		 * no need to use scatter ring.
 		 */
 		pd_uinfo->using_sd = 0;
 		pd_uinfo->first_sd = 0xffffffff;
-		pd_uinfo->num_sd = 0;
-		pd_uinfo->dest_va = dst;
 		sa->sa_command_0.bf.scatter = 0;
 		pd->dest = (u32)dma_map_page(dev->core_dev->device,
 					     sg_page(dst), dst->offset,
@@ -889,9 +902,7 @@ int crypto4xx_build_pd(struct crypto_async_request *req,
 		nbytes = datalen;
 		sa->sa_command_0.bf.scatter = 1;
 		pd_uinfo->using_sd = 1;
-		pd_uinfo->dest_va = dst;
 		pd_uinfo->first_sd = fst_sd;
-		pd_uinfo->num_sd = num_sd;
 		sd = crypto4xx_get_sdp(dev, &sd_dma, sd_idx);
 		pd->dest = sd_dma;
 		/* setup scatter descriptor */

From patchwork Mon Apr 22 11:26:00 2019
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Christian Lamparter <chunkeey@gmail.com>
X-Patchwork-Id: 10910919
X-Patchwork-Delegate: herbert@gondor.apana.org.au
Return-Path: <linux-crypto-owner@kernel.org>
Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org
 [172.30.200.125])
	by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 91B2113B5
	for <patchwork-linux-crypto@patchwork.kernel.org>;
 Mon, 22 Apr 2019 11:26:09 +0000 (UTC)
Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1])
	by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 80295284AF
	for <patchwork-linux-crypto@patchwork.kernel.org>;
 Mon, 22 Apr 2019 11:26:09 +0000 (UTC)
Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486)
	id 719EC286DF; Mon, 22 Apr 2019 11:26:09 +0000 (UTC)
X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on
	pdx-wl-mail.web.codeaurora.org
X-Spam-Level: 
X-Spam-Status: No, score=-8.0 required=2.0 tests=BAYES_00,DKIM_SIGNED,
	DKIM_VALID,DKIM_VALID_AU,FREEMAIL_FROM,MAILING_LIST_MULTI,RCVD_IN_DNSWL_HI
	autolearn=ham version=3.3.1
Received: from vger.kernel.org (vger.kernel.org [209.132.180.67])
	by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 08BB2284AF
	for <patchwork-linux-crypto@patchwork.kernel.org>;
 Mon, 22 Apr 2019 11:26:09 +0000 (UTC)
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1726619AbfDVL0I (ORCPT
        <rfc822;patchwork-linux-crypto@patchwork.kernel.org>);
        Mon, 22 Apr 2019 07:26:08 -0400
Received: from mail-wm1-f68.google.com ([209.85.128.68]:33989 "EHLO
        mail-wm1-f68.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S1726761AbfDVL0H (ORCPT
        <rfc822;linux-crypto@vger.kernel.org>);
        Mon, 22 Apr 2019 07:26:07 -0400
Received: by mail-wm1-f68.google.com with SMTP id r186so13918318wmf.1
        for <linux-crypto@vger.kernel.org>;
 Mon, 22 Apr 2019 04:26:05 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=20161025;
        h=from:to:cc:subject:date:message-id:in-reply-to:references
         :mime-version:content-transfer-encoding;
        bh=45OIqyxPhSR1GPiehZv11C5FocNohr7VYhj0ZCDPs8s=;
        b=QwIlOCwxa8hMFIGDnq1zPSJ1Ym2JkB67kE+/xzj0LyDU/QKlxtqfxlV2lU2TRZOtAS
         KZRHvfpzWH6x7Tihe+cYGdaQT4WEsPttOHJwSrzkiKshd7W380DvFIAt16nwz6y2+P2C
         nQCarDjHPTMrBkCO7Dv5YGi9P9Ru1lvhmMcmamp54Jqzx1BHYrQ2cynRRB71BeKIt15B
         6k/NDPRe5X9vemcOoyJ8Qcj2YMZYr9kBeORCdKfai1vFKXe6FxZNqFwMZrTlDbNN2Jcv
         K49Kh5obiWVk56UAzyD8DQXpA8H7u2d6LVLQadzvsBsr9deWFDiypbFpUYobGKtQC+Ej
         iksQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20161025;
        h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to
         :references:mime-version:content-transfer-encoding;
        bh=45OIqyxPhSR1GPiehZv11C5FocNohr7VYhj0ZCDPs8s=;
        b=W6SMNQmVz8DgDfQsdUSMj5YFv9xkGybwfhBB8ne1YM5ZwGI0/NhJ1ZjNTqlWH/WKZf
         z16BJjJ6X7gFhDd5dQwShzpouY9CXH0fD9Gek+wFp7uuuTKx/Sd0Uv+14DC9Cp+R4KD/
         9CfQwiLdHaV9QC1nrdMiugELvSd/+5dMAu6Fk6m4MlPVpappjNO2YfG7/O4ZR88xXYZL
         q3JR8/vJ0vCJGEMneCrnIjw2YaTRvS5uL8QsL+z6f9CszkNhtNUIIp6RRIqh9KNy88kg
         bWPucY24lxpMeRT7jhkE+hXP2tl1DcQka5sTds3N0S3964QypbD7RF1PuVFoW+ZZZBis
         TbLg==
X-Gm-Message-State: APjAAAVWuFJ5zx4r0XrLUuD5TdjpgrxSTyi4Ge1AfHYi6/aq3zWFObrk
        zq9Kj+yuH6DF4wzdnoA1uy8l9bFQ
X-Google-Smtp-Source: 
 APXvYqxBMjhqBoyXNbvKJK9JKa+KpHJF+vEjIDFlMxqWvLEXeWaHXL2aG3JOaBpgPSf1xoCFcj4BTw==
X-Received: by 2002:a1c:e90f:: with SMTP id q15mr12511551wmc.1.1555932364765;
        Mon, 22 Apr 2019 04:26:04 -0700 (PDT)
Received: from debian64.daheim (p5B0D75EE.dip0.t-ipconnect.de.
 [91.13.117.238])
        by smtp.gmail.com with ESMTPSA id
 z63sm17909571wme.30.2019.04.22.04.26.02
        (version=TLS1_2 cipher=ECDHE-RSA-CHACHA20-POLY1305 bits=256/256);
        Mon, 22 Apr 2019 04:26:03 -0700 (PDT)
Received: from chuck by debian64.daheim with local (Exim 4.92)
        (envelope-from <chunkeey@gmail.com>)
        id 1hIX5F-0001VV-IV; Mon, 22 Apr 2019 13:26:01 +0200
From: Christian Lamparter <chunkeey@gmail.com>
To: linux-crypto@vger.kernel.org
Cc: Kees Cook <keescook@chromium.org>,
        Eric Biggers <ebiggers@google.com>,
        Herbert Xu <herbert@gondor.apana.org.au>
Subject: [PATCH 3/4] crypto4xx: use sync skcipher for fallback
Date: Mon, 22 Apr 2019 13:26:00 +0200
Message-Id: 
 <f2832f561a239db6dff6da5550e6c97913a70b02.1555932334.git.chunkeey@gmail.com>
X-Mailer: git-send-email 2.20.1
In-Reply-To: 
 <4d8f4f483feb713126bbdb789b095936819d9804.1555932334.git.chunkeey@gmail.com>
References: 
 <4c860f87b9339da1d1f700ba6a56a7a5e2eb14da.1555932334.git.chunkeey@gmail.com>
 <4d8f4f483feb713126bbdb789b095936819d9804.1555932334.git.chunkeey@gmail.com>
MIME-Version: 1.0
Sender: linux-crypto-owner@vger.kernel.org
Precedence: bulk
List-ID: <linux-crypto.vger.kernel.org>
X-Mailing-List: linux-crypto@vger.kernel.org
X-Virus-Scanned: ClamAV using ClamSMTP

This replaces struct crypto_skcipher and the extra request size
with struct crypto_sync_skcipher and SYNC_SKCIPHER_REQUEST_ON_STACK(),
which uses a fixed stack size.

Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
---
 drivers/crypto/amcc/crypto4xx_alg.c  | 12 ++++++------
 drivers/crypto/amcc/crypto4xx_core.c | 11 +++--------
 drivers/crypto/amcc/crypto4xx_core.h |  2 +-
 3 files changed, 10 insertions(+), 15 deletions(-)

diff --git a/drivers/crypto/amcc/crypto4xx_alg.c b/drivers/crypto/amcc/crypto4xx_alg.c
index 3458c5a085d9..307f5cfa9ba4 100644
--- a/drivers/crypto/amcc/crypto4xx_alg.c
+++ b/drivers/crypto/amcc/crypto4xx_alg.c
@@ -264,10 +264,10 @@ crypto4xx_ctr_crypt(struct skcipher_request *req, bool encrypt)
 	 * overlow.
 	 */
 	if (counter + nblks < counter) {
-		struct skcipher_request *subreq = skcipher_request_ctx(req);
+		SYNC_SKCIPHER_REQUEST_ON_STACK(subreq, ctx->sw_cipher.cipher);
 		int ret;
 
-		skcipher_request_set_tfm(subreq, ctx->sw_cipher.cipher);
+		skcipher_request_set_sync_tfm(subreq, ctx->sw_cipher.cipher);
 		skcipher_request_set_callback(subreq, req->base.flags,
 			NULL, NULL);
 		skcipher_request_set_crypt(subreq, req->src, req->dst,
@@ -289,14 +289,14 @@ static int crypto4xx_sk_setup_fallback(struct crypto4xx_ctx *ctx,
 {
 	int rc;
 
-	crypto_skcipher_clear_flags(ctx->sw_cipher.cipher,
+	crypto_sync_skcipher_clear_flags(ctx->sw_cipher.cipher,
 				    CRYPTO_TFM_REQ_MASK);
-	crypto_skcipher_set_flags(ctx->sw_cipher.cipher,
+	crypto_sync_skcipher_set_flags(ctx->sw_cipher.cipher,
 		crypto_skcipher_get_flags(cipher) & CRYPTO_TFM_REQ_MASK);
-	rc = crypto_skcipher_setkey(ctx->sw_cipher.cipher, key, keylen);
+	rc = crypto_sync_skcipher_setkey(ctx->sw_cipher.cipher, key, keylen);
 	crypto_skcipher_clear_flags(cipher, CRYPTO_TFM_RES_MASK);
 	crypto_skcipher_set_flags(cipher,
-		crypto_skcipher_get_flags(ctx->sw_cipher.cipher) &
+		crypto_sync_skcipher_get_flags(ctx->sw_cipher.cipher) &
 			CRYPTO_TFM_RES_MASK);
 
 	return rc;
diff --git a/drivers/crypto/amcc/crypto4xx_core.c b/drivers/crypto/amcc/crypto4xx_core.c
index 920bd5e720b2..3e7d24ff3fa6 100644
--- a/drivers/crypto/amcc/crypto4xx_core.c
+++ b/drivers/crypto/amcc/crypto4xx_core.c
@@ -965,15 +965,10 @@ static int crypto4xx_sk_init(struct crypto_skcipher *sk)
 
 	if (alg->base.cra_flags & CRYPTO_ALG_NEED_FALLBACK) {
 		ctx->sw_cipher.cipher =
-			crypto_alloc_skcipher(alg->base.cra_name, 0,
-					      CRYPTO_ALG_NEED_FALLBACK |
-					      CRYPTO_ALG_ASYNC);
+			crypto_alloc_sync_skcipher(alg->base.cra_name, 0,
+					      CRYPTO_ALG_NEED_FALLBACK);
 		if (IS_ERR(ctx->sw_cipher.cipher))
 			return PTR_ERR(ctx->sw_cipher.cipher);
-
-		crypto_skcipher_set_reqsize(sk,
-			sizeof(struct skcipher_request) + 32 +
-			crypto_skcipher_reqsize(ctx->sw_cipher.cipher));
 	}
 
 	amcc_alg = container_of(alg, struct crypto4xx_alg, alg.u.cipher);
@@ -992,7 +987,7 @@ static void crypto4xx_sk_exit(struct crypto_skcipher *sk)
 
 	crypto4xx_common_exit(ctx);
 	if (ctx->sw_cipher.cipher)
-		crypto_free_skcipher(ctx->sw_cipher.cipher);
+		crypto_free_sync_skcipher(ctx->sw_cipher.cipher);
 }
 
 static int crypto4xx_aead_init(struct crypto_aead *tfm)
diff --git a/drivers/crypto/amcc/crypto4xx_core.h b/drivers/crypto/amcc/crypto4xx_core.h
index 18df695ca6b1..4ecc34fa8ebd 100644
--- a/drivers/crypto/amcc/crypto4xx_core.h
+++ b/drivers/crypto/amcc/crypto4xx_core.h
@@ -131,7 +131,7 @@ struct crypto4xx_ctx {
 	__le32 iv_nonce;
 	u32 sa_len;
 	union {
-		struct crypto_skcipher *cipher;
+		struct crypto_sync_skcipher *cipher;
 		struct crypto_aead *aead;
 	} sw_cipher;
 };

From patchwork Mon Apr 22 11:26:01 2019
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Christian Lamparter <chunkeey@gmail.com>
X-Patchwork-Id: 10910917
X-Patchwork-Delegate: herbert@gondor.apana.org.au
Return-Path: <linux-crypto-owner@kernel.org>
Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org
 [172.30.200.125])
	by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id E8BAC1708
	for <patchwork-linux-crypto@patchwork.kernel.org>;
 Mon, 22 Apr 2019 11:26:08 +0000 (UTC)
Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1])
	by mail.wl.linuxfoundation.org (Postfix) with ESMTP id DA888284AF
	for <patchwork-linux-crypto@patchwork.kernel.org>;
 Mon, 22 Apr 2019 11:26:08 +0000 (UTC)
Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486)
	id CE8C028723; Mon, 22 Apr 2019 11:26:08 +0000 (UTC)
X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on
	pdx-wl-mail.web.codeaurora.org
X-Spam-Level: 
X-Spam-Status: No, score=-8.0 required=2.0 tests=BAYES_00,DKIM_SIGNED,
	DKIM_VALID,DKIM_VALID_AU,FREEMAIL_FROM,MAILING_LIST_MULTI,RCVD_IN_DNSWL_HI
	autolearn=ham version=3.3.1
Received: from vger.kernel.org (vger.kernel.org [209.132.180.67])
	by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 75061286DE
	for <patchwork-linux-crypto@patchwork.kernel.org>;
 Mon, 22 Apr 2019 11:26:08 +0000 (UTC)
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1726698AbfDVL0H (ORCPT
        <rfc822;patchwork-linux-crypto@patchwork.kernel.org>);
        Mon, 22 Apr 2019 07:26:07 -0400
Received: from mail-wr1-f68.google.com ([209.85.221.68]:38293 "EHLO
        mail-wr1-f68.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S1726619AbfDVL0H (ORCPT
        <rfc822;linux-crypto@vger.kernel.org>);
        Mon, 22 Apr 2019 07:26:07 -0400
Received: by mail-wr1-f68.google.com with SMTP id f14so14868557wrj.5
        for <linux-crypto@vger.kernel.org>;
 Mon, 22 Apr 2019 04:26:06 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=20161025;
        h=from:to:cc:subject:date:message-id:in-reply-to:references
         :mime-version:content-transfer-encoding;
        bh=Gw1Y1hBBLyajOdGRaJLbJoO/PxkJfUPf0LJQPWkaM0I=;
        b=D7iCTAq+hY107OlqVpJxOXs9d2kItATHbBPIDafkgLJTQ7sQb6NuedwTSLShsHXpN3
         XMAcWUacJ3fMgP0ohReq5KRnn0BXCx7tC52PqiqZAqrb02D6mZ+CUGlxb7ckL4tz15+N
         atBR5U4WPpNoWNN4R7NJn9KmNkd7rERYyVivuvlFY5ULW8pcYMnRLy2KFHWUfVrY7VyO
         9Kgbazu8WjL8Cm1vARD8cNTriK6dKj7fzsaEay59rsNAMp6/IZGKf71Vukr6DxBOZ2jM
         buxT9X/T3ZbpCLHdYj0OkKlG8APNZN9mxzFXhmqsnvXJD8/LcRXGNElw4E7kTsDETiZL
         klvA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20161025;
        h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to
         :references:mime-version:content-transfer-encoding;
        bh=Gw1Y1hBBLyajOdGRaJLbJoO/PxkJfUPf0LJQPWkaM0I=;
        b=Y+ZfHzM7LpQW8M9tihGD8v2K4TLEFNBRhr5yv8M9vm9k+yUsugQnGE4ejRcotDIa6/
         E/hymug+QRPAaKGZMxPeTAcfU3zeu8UVqg0Mhpqf+n0sNqfPtCYjKspLZNu2n4qfV7ZB
         zE/jSyhXfa7Rea4rfWplqF8Ko/BEHzXkZB79+r5wazd5oBtLABXJoMxqKpD4A9InGcb1
         UxK47a1vqkHI7ZS78T/oKZtD7XXcKd1QZF3ICGsX0tWdhhr4SY3+qVUADkI2nmCqKtBK
         lTboljdy2V0jimBWGU9oK0UkTE8oKP/n9wvulwR2Cq1+Rb+DVEDDP5iH0zx9bnOVqzUj
         B4Mg==
X-Gm-Message-State: APjAAAVCm2n0xgJG1ZPaflDPcK2UWsVjT8WVA4S84qfyRUWjSeqHki4d
        uw4D2hv9kccwL/nXU3TQ7qpvuT1q
X-Google-Smtp-Source: 
 APXvYqw/wveRT1EcG3WQr4dkXDNbCDyuVqKc1/U9hHyhtMO3tCwDFQI19So1u2UgOIm08FEwG63Ndw==
X-Received: by 2002:a5d:5308:: with SMTP id e8mr12706704wrv.126.1555932365136;
        Mon, 22 Apr 2019 04:26:05 -0700 (PDT)
Received: from debian64.daheim (p5B0D75EE.dip0.t-ipconnect.de.
 [91.13.117.238])
        by smtp.gmail.com with ESMTPSA id
 g84sm16548952wmf.25.2019.04.22.04.26.02
        (version=TLS1_2 cipher=ECDHE-RSA-CHACHA20-POLY1305 bits=256/256);
        Mon, 22 Apr 2019 04:26:03 -0700 (PDT)
Received: from chuck by debian64.daheim with local (Exim 4.92)
        (envelope-from <chunkeey@gmail.com>)
        id 1hIX5F-0001Va-J8; Mon, 22 Apr 2019 13:26:01 +0200
From: Christian Lamparter <chunkeey@gmail.com>
To: linux-crypto@vger.kernel.org
Cc: Kees Cook <keescook@chromium.org>,
        Eric Biggers <ebiggers@google.com>,
        Herbert Xu <herbert@gondor.apana.org.au>
Subject: [PATCH 4/4] crypto4xx: get rid of redundant using_sd variable
Date: Mon, 22 Apr 2019 13:26:01 +0200
Message-Id: 
 <16e18d2da9db4d4b715f7e73896f65e57592b4e0.1555932334.git.chunkeey@gmail.com>
X-Mailer: git-send-email 2.20.1
In-Reply-To: 
 <f2832f561a239db6dff6da5550e6c97913a70b02.1555932334.git.chunkeey@gmail.com>
References: 
 <4c860f87b9339da1d1f700ba6a56a7a5e2eb14da.1555932334.git.chunkeey@gmail.com>
 <4d8f4f483feb713126bbdb789b095936819d9804.1555932334.git.chunkeey@gmail.com>
 <f2832f561a239db6dff6da5550e6c97913a70b02.1555932334.git.chunkeey@gmail.com>
MIME-Version: 1.0
Sender: linux-crypto-owner@vger.kernel.org
Precedence: bulk
List-ID: <linux-crypto.vger.kernel.org>
X-Mailing-List: linux-crypto@vger.kernel.org
X-Virus-Scanned: ClamAV using ClamSMTP

using_sd is used as a stand-in for sa_command_0.bf.scatter
that we need to set anyway, so we might as well just prevent
double-accounting.

Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
---
 drivers/crypto/amcc/crypto4xx_core.c | 6 ++----
 drivers/crypto/amcc/crypto4xx_core.h | 1 -
 2 files changed, 2 insertions(+), 5 deletions(-)

diff --git a/drivers/crypto/amcc/crypto4xx_core.c b/drivers/crypto/amcc/crypto4xx_core.c
index 3e7d24ff3fa6..3934c2523762 100644
--- a/drivers/crypto/amcc/crypto4xx_core.c
+++ b/drivers/crypto/amcc/crypto4xx_core.c
@@ -539,7 +539,7 @@ static void crypto4xx_cipher_done(struct crypto4xx_device *dev,
 
 	req = skcipher_request_cast(pd_uinfo->async_req);
 
-	if (pd_uinfo->using_sd) {
+	if (pd_uinfo->sa_va->sa_command_0.bf.scatter) {
 		crypto4xx_copy_pkt_to_dst(dev, pd, pd_uinfo,
 					  req->cryptlen, req->dst);
 	} else {
@@ -593,7 +593,7 @@ static void crypto4xx_aead_done(struct crypto4xx_device *dev,
 	u32 icv[AES_BLOCK_SIZE];
 	int err = 0;
 
-	if (pd_uinfo->using_sd) {
+	if (pd_uinfo->sa_va->sa_command_0.bf.scatter) {
 		crypto4xx_copy_pkt_to_dst(dev, pd, pd_uinfo,
 					  pd->pd_ctl_len.bf.pkt_len,
 					  dst);
@@ -887,7 +887,6 @@ int crypto4xx_build_pd(struct crypto_async_request *req,
 		 * we know application give us dst a whole piece of memory
 		 * no need to use scatter ring.
 		 */
-		pd_uinfo->using_sd = 0;
 		pd_uinfo->first_sd = 0xffffffff;
 		sa->sa_command_0.bf.scatter = 0;
 		pd->dest = (u32)dma_map_page(dev->core_dev->device,
@@ -901,7 +900,6 @@ int crypto4xx_build_pd(struct crypto_async_request *req,
 		u32 sd_idx = fst_sd;
 		nbytes = datalen;
 		sa->sa_command_0.bf.scatter = 1;
-		pd_uinfo->using_sd = 1;
 		pd_uinfo->first_sd = fst_sd;
 		sd = crypto4xx_get_sdp(dev, &sd_dma, sd_idx);
 		pd->dest = sd_dma;
diff --git a/drivers/crypto/amcc/crypto4xx_core.h b/drivers/crypto/amcc/crypto4xx_core.h
index 4ecc34fa8ebd..c624f8cd3d2e 100644
--- a/drivers/crypto/amcc/crypto4xx_core.h
+++ b/drivers/crypto/amcc/crypto4xx_core.h
@@ -64,7 +64,6 @@ union shadow_sa_buf {
 struct pd_uinfo {
 	struct crypto4xx_device *dev;
 	u32   state;
-	u32 using_sd;
 	u32 first_gd;		/* first gather discriptor
 				used by this packet */
 	u32 num_gd;             /* number of gather discriptor