Hi Antoine,
On 28.11.2017 16:42, Antoine Tenart wrote:
> The patch fixes the ahash support by only updating the result buffer
> when provided. Otherwise the driver could crash with NULL pointer
> exceptions, because the ahash caller isn't required to supply a result
> buffer on all calls.
Can you point to bug crush report ?
> Fixes: 1b44c5a60c13 ("crypto: inside-secure - add SafeXcel EIP197 crypto
> engine driver")
> Signed-off-by: Antoine Tenart <[email protected]>
> ---
> drivers/crypto/inside-secure/safexcel_hash.c | 7 ++++++-
> 1 file changed, 6 insertions(+), 1 deletion(-)
>
> diff --git a/drivers/crypto/inside-secure/safexcel_hash.c
> b/drivers/crypto/inside-secure/safexcel_hash.c
> index 6135c9f5742c..424f4c5d4d25 100644
> --- a/drivers/crypto/inside-secure/safexcel_hash.c
> +++ b/drivers/crypto/inside-secure/safexcel_hash.c
> @@ -150,7 +150,12 @@ static int safexcel_handle_req_result(struct
> safexcel_crypto_priv *priv, int rin
>
> if (sreq->finish)
> result_sz = crypto_ahash_digestsize(ahash);
> - memcpy(sreq->state, areq->result, result_sz);
> +
> + /* The called isn't required to supply a result buffer. Updated it only
> + * when provided.
> + */
> + if (areq->result)
> + memcpy(sreq->state, areq->result, result_sz);
>
> dma_unmap_sg(priv->dev, areq->src,
> sg_nents_for_len(areq->src, areq->nbytes), DMA_TO_DEVICE);
>
can the driver get request for final/finup/digest with null req->result ?
If yes (?), such checks can be done before any hardware processing, saving time,
for example:
int hash_final(struct ahash_request *areq)
{
if (!areq->result)
return -EINVAL;
/* normal processing here */
}
--
Best regards,
Kamil Konieczny
Samsung R&D Institute Poland
