From ebd401e702dd88fb95a92617bf52ad41c3bf61cd Mon Sep 17 00:00:00 2001 From: Corentin LABBE Date: Fri, 19 May 2017 08:53:28 +0200 Subject: crypto: omap-sham - Use IPAD/OPAD constant This patch simply replace all occurrence of HMAC IPAD/OPAD value by their define. Signed-off-by: Corentin Labbe Signed-off-by: Herbert Xu --- drivers/crypto/omap-sham.c | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) (limited to 'drivers/crypto/omap-sham.c') diff --git a/drivers/crypto/omap-sham.c b/drivers/crypto/omap-sham.c index d0b16e5e4ee5..1864a57caaa4 100644 --- a/drivers/crypto/omap-sham.c +++ b/drivers/crypto/omap-sham.c @@ -41,6 +41,7 @@ #include #include #include +#include #include #define MD5_DIGEST_SIZE 16 @@ -1326,8 +1327,8 @@ static int omap_sham_setkey(struct crypto_ahash *tfm, const u8 *key, memcpy(bctx->opad, bctx->ipad, bs); for (i = 0; i < bs; i++) { - bctx->ipad[i] ^= 0x36; - bctx->opad[i] ^= 0x5c; + bctx->ipad[i] ^= HMAC_IPAD_VALUE; + bctx->opad[i] ^= HMAC_OPAD_VALUE; } } -- cgit v1.2.3 From 5d78d57ede8f9e7f656c610ed25be7be337e0529 Mon Sep 17 00:00:00 2001 From: Tero Kristo Date: Wed, 24 May 2017 10:35:32 +0300 Subject: crypto: omap-sham - buffer handling fixes for hashing later Currently, the hash later code only handles the cases when we have either new data coming in with the request or old data in the buffer, but not the combination when we have both. Fix this by changing the ordering of the code a bit and handling both cases properly simultaneously if needed. Also, fix an issue with omap_sham_update that surfaces with this fix, so that the code checks the bufcnt instead of total data amount against buffer length to avoid any buffer overflows. Signed-off-by: Tero Kristo Signed-off-by: Herbert Xu --- drivers/crypto/omap-sham.c | 22 ++++++++++++++-------- 1 file changed, 14 insertions(+), 8 deletions(-) (limited to 'drivers/crypto/omap-sham.c') diff --git a/drivers/crypto/omap-sham.c b/drivers/crypto/omap-sham.c index 1864a57caaa4..ca9e48a19b15 100644 --- a/drivers/crypto/omap-sham.c +++ b/drivers/crypto/omap-sham.c @@ -874,14 +874,21 @@ static int omap_sham_prepare_request(struct ahash_request *req, bool update) } if (hash_later) { - if (req->nbytes) { - scatterwalk_map_and_copy(rctx->buffer, req->src, - req->nbytes - hash_later, - hash_later, 0); - } else { + int offset = 0; + + if (hash_later > req->nbytes) { memcpy(rctx->buffer, rctx->buffer + xmit_len, - hash_later); + hash_later - req->nbytes); + offset = hash_later - req->nbytes; } + + if (req->nbytes) { + scatterwalk_map_and_copy(rctx->buffer + offset, + req->src, + offset + req->nbytes - + hash_later, hash_later, 0); + } + rctx->bufcnt = hash_later; } else { rctx->bufcnt = 0; @@ -1190,11 +1197,10 @@ static int omap_sham_update(struct ahash_request *req) if (!req->nbytes) return 0; - if (ctx->total + req->nbytes < ctx->buflen) { + if (ctx->bufcnt + req->nbytes <= ctx->buflen) { scatterwalk_map_and_copy(ctx->buffer + ctx->bufcnt, req->src, 0, req->nbytes, 0); ctx->bufcnt += req->nbytes; - ctx->total += req->nbytes; return 0; } -- cgit v1.2.3 From 898d86a565925f09de3d0b30cf3b47ec2e409680 Mon Sep 17 00:00:00 2001 From: Tero Kristo Date: Wed, 24 May 2017 10:35:33 +0300 Subject: crypto: omap-sham - fix closing of hash with separate finalize call Currently there is an interesting corner case failure with omap-sham driver, if the finalize call is done separately with no data, but all previous data has already been processed. In this case, it is not possible to close the hash with the hardware without providing any data, so we get incorrect results. Fix this by adjusting the size of data sent to the hardware crypto engine in case the non-final data size falls on the block size boundary, by reducing the amount of data sent by one full block. This makes it sure that we always have some data available for the finalize call and we can close the hash properly. Signed-off-by: Tero Kristo Reported-by: Aparna Balasubramanian Signed-off-by: Herbert Xu --- drivers/crypto/omap-sham.c | 9 +++++++-- 1 file changed, 7 insertions(+), 2 deletions(-) (limited to 'drivers/crypto/omap-sham.c') diff --git a/drivers/crypto/omap-sham.c b/drivers/crypto/omap-sham.c index ca9e48a19b15..dc091b27affa 100644 --- a/drivers/crypto/omap-sham.c +++ b/drivers/crypto/omap-sham.c @@ -751,7 +751,10 @@ static int omap_sham_align_sgs(struct scatterlist *sg, if (final) new_len = DIV_ROUND_UP(new_len, bs) * bs; else - new_len = new_len / bs * bs; + new_len = (new_len - 1) / bs * bs; + + if (nbytes != new_len) + list_ok = false; while (nbytes > 0 && sg_tmp) { n++; @@ -847,6 +850,8 @@ static int omap_sham_prepare_request(struct ahash_request *req, bool update) xmit_len = DIV_ROUND_UP(xmit_len, bs) * bs; else xmit_len = xmit_len / bs * bs; + } else if (!final) { + xmit_len -= bs; } hash_later = rctx->total - xmit_len; @@ -1138,7 +1143,7 @@ retry: ctx = ahash_request_ctx(req); err = omap_sham_prepare_request(req, ctx->op == OP_UPDATE); - if (err) + if (err || !ctx->total) goto err1; dev_dbg(dd->dev, "handling new req, op: %lu, nbytes: %d\n", -- cgit v1.2.3 From c28e8f21642fd01a65687de9bfa5307fdcfe9966 Mon Sep 17 00:00:00 2001 From: Tero Kristo Date: Wed, 24 May 2017 10:35:34 +0300 Subject: crypto: omap-sham - force word alignment on the xmit-buf also This was previously missed from the code, causing SDMA to hang in some cases where the buffer ended up being not aligned. Signed-off-by: Tero Kristo Signed-off-by: Herbert Xu --- drivers/crypto/omap-sham.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'drivers/crypto/omap-sham.c') diff --git a/drivers/crypto/omap-sham.c b/drivers/crypto/omap-sham.c index dc091b27affa..9ad9d399daf1 100644 --- a/drivers/crypto/omap-sham.c +++ b/drivers/crypto/omap-sham.c @@ -226,7 +226,7 @@ struct omap_sham_dev { struct dma_chan *dma_lch; struct tasklet_struct done_task; u8 polling_mode; - u8 xmit_buf[BUFLEN]; + u8 xmit_buf[BUFLEN] OMAP_ALIGNED; unsigned long flags; struct crypto_queue queue; -- cgit v1.2.3