Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 7f7216cf authored by Gary R Hook's avatar Gary R Hook Committed by Herbert Xu
Browse files

crypto: ccp - Rework the unit-size check for XTS-AES 



The CCP supports a limited set of unit-size values. Change the check
for this parameter such that acceptable values match the enumeration.
Then clarify the conditions under which we must use the fallback
implementation.

Signed-off-by: default avatarGary R Hook <gary.hook@amd.com>
Signed-off-by: default avatarHerbert Xu <herbert@gondor.apana.org.au>
parent 47f27f16

drivers/crypto/ccp/ccp-crypto-aes-xts.c

+20 −37
Original line number Diff line number Diff line
@@ -39,46 +39,26 @@ struct ccp_unit_size_map { 
	u32 value;

};



static struct ccp_unit_size_map unit_size_map[] = {

static struct ccp_unit_size_map xts_unit_sizes[] = {

	{

		.size	= 4096,

		.value	= CCP_XTS_AES_UNIT_SIZE_4096,

	},

	{

		.size	= 2048,

		.value	= CCP_XTS_AES_UNIT_SIZE_2048,

	},

	{

		.size	= 1024,

		.value	= CCP_XTS_AES_UNIT_SIZE_1024,

		.size   = 16,

		.value	= CCP_XTS_AES_UNIT_SIZE_16,

	},

	{

		.size   = 512,

		.value	= CCP_XTS_AES_UNIT_SIZE_512,

	},

	{

		.size	= 256,

		.value	= CCP_XTS_AES_UNIT_SIZE__LAST,

	},

	{

		.size	= 128,

		.value	= CCP_XTS_AES_UNIT_SIZE__LAST,

	},

	{

		.size	= 64,

		.value	= CCP_XTS_AES_UNIT_SIZE__LAST,

	},

	{

		.size	= 32,

		.value	= CCP_XTS_AES_UNIT_SIZE__LAST,

		.size   = 1024,

		.value	= CCP_XTS_AES_UNIT_SIZE_1024,

	},

	{

		.size	= 16,

		.value	= CCP_XTS_AES_UNIT_SIZE_16,

		.size   = 2048,

		.value	= CCP_XTS_AES_UNIT_SIZE_2048,

	},

	{

		.size	= 1,

		.value	= CCP_XTS_AES_UNIT_SIZE__LAST,

		.size   = 4096,

		.value	= CCP_XTS_AES_UNIT_SIZE_4096,

	},

};
@@ -138,16 +118,19 @@ static int ccp_aes_xts_crypt(struct ablkcipher_request *req, 
	if (!req->info)

		return -EINVAL;



	/* Check conditions under which the CCP can fulfill a request. The

	 * device can handle input plaintext of a length that is a multiple

	 * of the unit_size, bug the crypto implementation only supports

	 * the unit_size being equal to the input length. This limits the

	 * number of scenarios we can handle.

	 */

	unit_size = CCP_XTS_AES_UNIT_SIZE__LAST;

	if (req->nbytes <= unit_size_map[0].size) {

		for (unit = 0; unit < ARRAY_SIZE(unit_size_map); unit++) {

			if (!(req->nbytes & (unit_size_map[unit].size - 1))) {

				unit_size = unit_size_map[unit].value;

	for (unit = 0; unit < ARRAY_SIZE(xts_unit_sizes); unit++) {

		if (req->nbytes == xts_unit_sizes[unit].size) {

			unit_size = unit;

			break;

		}

	}

	}



	if ((unit_size == CCP_XTS_AES_UNIT_SIZE__LAST) ||

	    (ctx->u.aes.key_len != AES_KEYSIZE_128)) {

		SKCIPHER_REQUEST_ON_STACK(subreq, ctx->u.aes.tfm_skcipher);