Re: [PATCH v2] crypto: caam - fix IV loading for authenc (giv)decryption

Mon, 29 Aug 2016 02:59:05 -0700 

On 8/26/2016 6:33 PM, Horia Geantă wrote:
> For algorithms that implement IV generators before the crypto ops,
> the IV needed for decryption is initially located in req->src
> scatterlist, not in req->iv.
> 
> Avoid copying the IV into req->iv by modifying the (givdecrypt)
> descriptors to load it directly from req->src.
> aead_givdecrypt() is no longer needed and goes away.
> 
> Cc: <sta...@vger.kernel.org> # 4.3+
> Fixes: 479bcc7c5b9e ("crypto: caam - Convert authenc to new AEAD interface")
> Signed-off-by: Horia Geantă <horia.gea...@nxp.com>
> ---
> 
>  drivers/crypto/caam/caamalg.c | 77 
> +++++++++++++++++++++----------------------
>  1 file changed, 37 insertions(+), 40 deletions(-)
> 
> diff --git a/drivers/crypto/caam/caamalg.c b/drivers/crypto/caam/caamalg.c
> index 6dc597126b79..775b8b524913 100644
> --- a/drivers/crypto/caam/caamalg.c
> +++ b/drivers/crypto/caam/caamalg.c
> @@ -556,7 +556,10 @@ skip_enc:
>  
>       /* Read and write assoclen bytes */
>       append_math_add(desc, VARSEQINLEN, ZERO, REG3, CAAM_CMD_SZ);
> -     append_math_add(desc, VARSEQOUTLEN, ZERO, REG3, CAAM_CMD_SZ);
> +     if (alg->caam.geniv)
> +             append_math_add_imm_u32(desc, VARSEQOUTLEN, REG3, IMM, ivsize);
> +     else
> +             append_math_add(desc, VARSEQOUTLEN, ZERO, REG3, CAAM_CMD_SZ);
>  
>       /* Skip assoc data */
>       append_seq_fifo_store(desc, 0, FIFOST_TYPE_SKIP | FIFOLDST_VLF);
> @@ -565,6 +568,14 @@ skip_enc:
>       append_seq_fifo_load(desc, 0, FIFOLD_CLASS_CLASS2 | FIFOLD_TYPE_MSG |
>                            KEY_VLF);
>  
> +     if (alg->caam.geniv) {
> +             append_seq_load(desc, ivsize, LDST_CLASS_1_CCB |
> +                             LDST_SRCDST_BYTE_CONTEXT |
> +                             (ctx1_iv_off << LDST_OFFSET_SHIFT));
> +             append_move(desc, MOVE_SRC_CLASS1CTX | MOVE_DEST_CLASS2INFIFO |
> +                         (ctx1_iv_off << MOVE_OFFSET_SHIFT) | ivsize);
> +     }
> +
>       /* Load Counter into CONTEXT1 reg */
>       if (is_rfc3686)
>               append_load_imm_u32(desc, be32_to_cpu(1), LDST_IMM |
> @@ -2150,7 +2161,7 @@ static void init_authenc_job(struct aead_request *req,
>  
>       init_aead_job(req, edesc, all_contig, encrypt);
>  
> -     if (ivsize && (is_rfc3686 || !(alg->caam.geniv && encrypt)))
> +     if (ivsize && !alg->caam.geniv)

This condition update is incorrect, since IV won't be loaded neither
here nor in the givencrypt aead descriptor for rfc3686 case.
I'll send v3 shortly.

>               append_load_as_imm(desc, req->iv, ivsize,
>                                  LDST_CLASS_1_CCB |
>                                  LDST_SRCDST_BYTE_CONTEXT |
--
To unsubscribe from this list: send the line "unsubscribe linux-crypto" in
the body of a message to majord...@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Reply via email to