[PATCH v2 1/2] crypto: hisilicon/sec2 - fix for aead icv error

Chenghai Huang posted 2 patches 1 month, 1 week ago
There is a newer version of this series
[PATCH v2 1/2] crypto: hisilicon/sec2 - fix for aead icv error
Posted by Chenghai Huang 1 month, 1 week ago
From: Wenkai Lin <linwenkai6@hisilicon.com>

When the AEAD algorithm is used for encryption or decryption,
the input authentication length varies, the hardware needs to
obtain the input length to pass the integrity check verification.
Currently, the driver uses a fixed authentication length,which
causes decryption failure, so the length configuration is modified.
In addition, the step of setting the auth length is unnecessary,
so it was deleted from the setkey function.

Fixes: 2f072d75d1ab ("crypto: hisilicon - Add aead support on SEC2")
Signed-off-by: Wenkai Lin <linwenkai6@hisilicon.com>
Signed-off-by: Chenghai Huang <huangchenghai2@huawei.com>
---
v2:
- Restored authsize to the tfm.

---
 drivers/crypto/hisilicon/sec2/sec.h        |   2 +-
 drivers/crypto/hisilicon/sec2/sec_crypto.c | 121 +++++++++------------
 drivers/crypto/hisilicon/sec2/sec_crypto.h |  11 --
 3 files changed, 50 insertions(+), 84 deletions(-)

diff --git a/drivers/crypto/hisilicon/sec2/sec.h b/drivers/crypto/hisilicon/sec2/sec.h
index 410c83712e28..c29a92214996 100644
--- a/drivers/crypto/hisilicon/sec2/sec.h
+++ b/drivers/crypto/hisilicon/sec2/sec.h
@@ -90,9 +90,9 @@ struct sec_auth_ctx {
 	dma_addr_t a_key_dma;
 	u8 *a_key;
 	u8 a_key_len;
-	u8 mac_len;
 	u8 a_alg;
 	bool fallback;
+	size_t authsize;
 	struct crypto_shash *hash_tfm;
 	struct crypto_aead *fallback_aead_tfm;
 };
diff --git a/drivers/crypto/hisilicon/sec2/sec_crypto.c b/drivers/crypto/hisilicon/sec2/sec_crypto.c
index 0558f98e221f..cf4de5eb39dc 100644
--- a/drivers/crypto/hisilicon/sec2/sec_crypto.c
+++ b/drivers/crypto/hisilicon/sec2/sec_crypto.c
@@ -891,12 +891,11 @@ static int sec_cipher_pbuf_map(struct sec_ctx *ctx, struct sec_req *req,
 	struct sec_aead_req *a_req = &req->aead_req;
 	struct aead_request *aead_req = a_req->aead_req;
 	struct sec_cipher_req *c_req = &req->c_req;
+	struct sec_auth_ctx *a_ctx = &ctx->a_ctx;
 	struct sec_qp_ctx *qp_ctx = req->qp_ctx;
 	struct device *dev = ctx->dev;
 	int copy_size, pbuf_length;
 	int req_id = req->req_id;
-	struct crypto_aead *tfm;
-	size_t authsize;
 	u8 *mac_offset;
 
 	if (ctx->alg_type == SEC_AEAD)
@@ -911,10 +910,8 @@ static int sec_cipher_pbuf_map(struct sec_ctx *ctx, struct sec_req *req,
 		return -EINVAL;
 	}
 	if (!c_req->encrypt && ctx->alg_type == SEC_AEAD) {
-		tfm = crypto_aead_reqtfm(aead_req);
-		authsize = crypto_aead_authsize(tfm);
-		mac_offset = qp_ctx->res[req_id].pbuf + copy_size - authsize;
-		memcpy(a_req->out_mac, mac_offset, authsize);
+		mac_offset = qp_ctx->res[req_id].pbuf + copy_size - a_ctx->authsize;
+		memcpy(a_req->out_mac, mac_offset, a_ctx->authsize);
 	}
 
 	req->in_dma = qp_ctx->res[req_id].pbuf_dma;
@@ -947,17 +944,18 @@ static int sec_aead_mac_init(struct sec_aead_req *req)
 {
 	struct aead_request *aead_req = req->aead_req;
 	struct crypto_aead *tfm = crypto_aead_reqtfm(aead_req);
-	size_t authsize = crypto_aead_authsize(tfm);
-	u8 *mac_out = req->out_mac;
+	struct sec_ctx *ctx = crypto_aead_ctx(tfm);
+	struct sec_auth_ctx *a_ctx = &ctx->a_ctx;
 	struct scatterlist *sgl = aead_req->src;
+	u8 *mac_out = req->out_mac;
 	size_t copy_size;
 	off_t skip_size;
 
 	/* Copy input mac */
-	skip_size = aead_req->assoclen + aead_req->cryptlen - authsize;
+	skip_size = aead_req->assoclen + aead_req->cryptlen - a_ctx->authsize;
 	copy_size = sg_pcopy_to_buffer(sgl, sg_nents(sgl), mac_out,
-				       authsize, skip_size);
-	if (unlikely(copy_size != authsize))
+				       a_ctx->authsize, skip_size);
+	if (unlikely(copy_size != a_ctx->authsize))
 		return -EINVAL;
 
 	return 0;
@@ -1139,7 +1137,6 @@ static int sec_aead_fallback_setkey(struct sec_auth_ctx *a_ctx,
 static int sec_aead_setkey(struct crypto_aead *tfm, const u8 *key,
 			   const u32 keylen, const enum sec_hash_alg a_alg,
 			   const enum sec_calg c_alg,
-			   const enum sec_mac_len mac_len,
 			   const enum sec_cmode c_mode)
 {
 	struct sec_ctx *ctx = crypto_aead_ctx(tfm);
@@ -1151,7 +1148,6 @@ static int sec_aead_setkey(struct crypto_aead *tfm, const u8 *key,
 
 	ctx->a_ctx.a_alg = a_alg;
 	ctx->c_ctx.c_alg = c_alg;
-	ctx->a_ctx.mac_len = mac_len;
 	c_ctx->c_mode = c_mode;
 
 	if (c_mode == SEC_CMODE_CCM || c_mode == SEC_CMODE_GCM) {
@@ -1187,10 +1183,9 @@ static int sec_aead_setkey(struct crypto_aead *tfm, const u8 *key,
 		goto bad_key;
 	}
 
-	if ((ctx->a_ctx.mac_len & SEC_SQE_LEN_RATE_MASK)  ||
-	    (ctx->a_ctx.a_key_len & SEC_SQE_LEN_RATE_MASK)) {
+	if (ctx->a_ctx.a_key_len & SEC_SQE_LEN_RATE_MASK) {
 		ret = -EINVAL;
-		dev_err(dev, "MAC or AUTH key length error!\n");
+		dev_err(dev, "AUTH key length error!\n");
 		goto bad_key;
 	}
 
@@ -1202,27 +1197,19 @@ static int sec_aead_setkey(struct crypto_aead *tfm, const u8 *key,
 }
 
 
-#define GEN_SEC_AEAD_SETKEY_FUNC(name, aalg, calg, maclen, cmode)	\
-static int sec_setkey_##name(struct crypto_aead *tfm, const u8 *key,	\
-	u32 keylen)							\
-{									\
-	return sec_aead_setkey(tfm, key, keylen, aalg, calg, maclen, cmode);\
-}
-
-GEN_SEC_AEAD_SETKEY_FUNC(aes_cbc_sha1, SEC_A_HMAC_SHA1,
-			 SEC_CALG_AES, SEC_HMAC_SHA1_MAC, SEC_CMODE_CBC)
-GEN_SEC_AEAD_SETKEY_FUNC(aes_cbc_sha256, SEC_A_HMAC_SHA256,
-			 SEC_CALG_AES, SEC_HMAC_SHA256_MAC, SEC_CMODE_CBC)
-GEN_SEC_AEAD_SETKEY_FUNC(aes_cbc_sha512, SEC_A_HMAC_SHA512,
-			 SEC_CALG_AES, SEC_HMAC_SHA512_MAC, SEC_CMODE_CBC)
-GEN_SEC_AEAD_SETKEY_FUNC(aes_ccm, 0, SEC_CALG_AES,
-			 SEC_HMAC_CCM_MAC, SEC_CMODE_CCM)
-GEN_SEC_AEAD_SETKEY_FUNC(aes_gcm, 0, SEC_CALG_AES,
-			 SEC_HMAC_GCM_MAC, SEC_CMODE_GCM)
-GEN_SEC_AEAD_SETKEY_FUNC(sm4_ccm, 0, SEC_CALG_SM4,
-			 SEC_HMAC_CCM_MAC, SEC_CMODE_CCM)
-GEN_SEC_AEAD_SETKEY_FUNC(sm4_gcm, 0, SEC_CALG_SM4,
-			 SEC_HMAC_GCM_MAC, SEC_CMODE_GCM)
+#define GEN_SEC_AEAD_SETKEY_FUNC(name, aalg, calg, cmode)				\
+static int sec_setkey_##name(struct crypto_aead *tfm, const u8 *key, u32 keylen)	\
+{											\
+	return sec_aead_setkey(tfm, key, keylen, aalg, calg, cmode);			\
+}
+
+GEN_SEC_AEAD_SETKEY_FUNC(aes_cbc_sha1, SEC_A_HMAC_SHA1, SEC_CALG_AES, SEC_CMODE_CBC)
+GEN_SEC_AEAD_SETKEY_FUNC(aes_cbc_sha256, SEC_A_HMAC_SHA256, SEC_CALG_AES, SEC_CMODE_CBC)
+GEN_SEC_AEAD_SETKEY_FUNC(aes_cbc_sha512, SEC_A_HMAC_SHA512, SEC_CALG_AES, SEC_CMODE_CBC)
+GEN_SEC_AEAD_SETKEY_FUNC(aes_ccm, 0, SEC_CALG_AES, SEC_CMODE_CCM)
+GEN_SEC_AEAD_SETKEY_FUNC(aes_gcm, 0, SEC_CALG_AES, SEC_CMODE_GCM)
+GEN_SEC_AEAD_SETKEY_FUNC(sm4_ccm, 0, SEC_CALG_SM4, SEC_CMODE_CCM)
+GEN_SEC_AEAD_SETKEY_FUNC(sm4_gcm, 0, SEC_CALG_SM4, SEC_CMODE_GCM)
 
 static int sec_aead_sgl_map(struct sec_ctx *ctx, struct sec_req *req)
 {
@@ -1470,9 +1457,9 @@ static void sec_skcipher_callback(struct sec_ctx *ctx, struct sec_req *req,
 static void set_aead_auth_iv(struct sec_ctx *ctx, struct sec_req *req)
 {
 	struct aead_request *aead_req = req->aead_req.aead_req;
-	struct sec_cipher_req *c_req = &req->c_req;
 	struct sec_aead_req *a_req = &req->aead_req;
-	size_t authsize = ctx->a_ctx.mac_len;
+	struct sec_cipher_req *c_req = &req->c_req;
+	struct sec_auth_ctx *a_ctx = &ctx->a_ctx;
 	u32 data_size = aead_req->cryptlen;
 	u8 flage = 0;
 	u8 cm, cl;
@@ -1487,7 +1474,7 @@ static void set_aead_auth_iv(struct sec_ctx *ctx, struct sec_req *req)
 	flage |= c_req->c_ivin[0] & IV_CL_MASK;
 
 	/* the M' is bit3~bit5, the Flags is bit6 */
-	cm = (authsize - IV_CM_CAL_NUM) / IV_CM_CAL_NUM;
+	cm = (a_ctx->authsize - IV_CM_CAL_NUM) / IV_CM_CAL_NUM;
 	flage |= cm << IV_CM_OFFSET;
 	if (aead_req->assoclen)
 		flage |= 0x01 << IV_FLAGS_OFFSET;
@@ -1501,7 +1488,7 @@ static void set_aead_auth_iv(struct sec_ctx *ctx, struct sec_req *req)
 	 * the tail 16bit fill with the cipher length
 	 */
 	if (!c_req->encrypt)
-		data_size = aead_req->cryptlen - authsize;
+		data_size = aead_req->cryptlen - a_ctx->authsize;
 
 	a_req->a_ivin[ctx->c_ctx.ivsize - IV_LAST_BYTE1] =
 			data_size & IV_LAST_BYTE_MASK;
@@ -1513,10 +1500,8 @@ static void set_aead_auth_iv(struct sec_ctx *ctx, struct sec_req *req)
 static void sec_aead_set_iv(struct sec_ctx *ctx, struct sec_req *req)
 {
 	struct aead_request *aead_req = req->aead_req.aead_req;
-	struct crypto_aead *tfm = crypto_aead_reqtfm(aead_req);
-	size_t authsize = crypto_aead_authsize(tfm);
-	struct sec_cipher_req *c_req = &req->c_req;
 	struct sec_aead_req *a_req = &req->aead_req;
+	struct sec_cipher_req *c_req = &req->c_req;
 
 	memcpy(c_req->c_ivin, aead_req->iv, ctx->c_ctx.ivsize);
 
@@ -1524,15 +1509,11 @@ static void sec_aead_set_iv(struct sec_ctx *ctx, struct sec_req *req)
 		/*
 		 * CCM 16Byte Cipher_IV: {1B_Flage,13B_IV,2B_counter},
 		 * the  counter must set to 0x01
+		 * CCM 16Byte Auth_IV: {1B_AFlage,13B_IV,2B_Ptext_length}
 		 */
-		ctx->a_ctx.mac_len = authsize;
-		/* CCM 16Byte Auth_IV: {1B_AFlage,13B_IV,2B_Ptext_length} */
 		set_aead_auth_iv(ctx, req);
-	}
-
-	/* GCM 12Byte Cipher_IV == Auth_IV */
-	if (ctx->c_ctx.c_mode == SEC_CMODE_GCM) {
-		ctx->a_ctx.mac_len = authsize;
+	} else if (ctx->c_ctx.c_mode == SEC_CMODE_GCM) {
+		/* GCM 12Byte Cipher_IV == Auth_IV */
 		memcpy(a_req->a_ivin, c_req->c_ivin, SEC_AIV_SIZE);
 	}
 }
@@ -1544,7 +1525,7 @@ static void sec_auth_bd_fill_xcm(struct sec_auth_ctx *ctx, int dir,
 	struct aead_request *aq = a_req->aead_req;
 
 	/* C_ICV_Len is MAC size, 0x4 ~ 0x10 */
-	sec_sqe->type2.icvw_kmode |= cpu_to_le16((u16)ctx->mac_len);
+	sec_sqe->type2.icvw_kmode |= cpu_to_le16((u16)ctx->authsize);
 
 	/* mode set to CCM/GCM, don't set {A_Alg, AKey_Len, MAC_Len} */
 	sec_sqe->type2.a_key_addr = sec_sqe->type2.c_key_addr;
@@ -1570,7 +1551,7 @@ static void sec_auth_bd_fill_xcm_v3(struct sec_auth_ctx *ctx, int dir,
 	struct aead_request *aq = a_req->aead_req;
 
 	/* C_ICV_Len is MAC size, 0x4 ~ 0x10 */
-	sqe3->c_icv_key |= cpu_to_le16((u16)ctx->mac_len << SEC_MAC_OFFSET_V3);
+	sqe3->c_icv_key |= cpu_to_le16((u16)ctx->authsize << SEC_MAC_OFFSET_V3);
 
 	/* mode set to CCM/GCM, don't set {A_Alg, AKey_Len, MAC_Len} */
 	sqe3->a_key_addr = sqe3->c_key_addr;
@@ -1597,8 +1578,7 @@ static void sec_auth_bd_fill_ex(struct sec_auth_ctx *ctx, int dir,
 
 	sec_sqe->type2.a_key_addr = cpu_to_le64(ctx->a_key_dma);
 
-	sec_sqe->type2.mac_key_alg =
-			cpu_to_le32(ctx->mac_len / SEC_SQE_LEN_RATE);
+	sec_sqe->type2.mac_key_alg = cpu_to_le32(ctx->authsize / SEC_SQE_LEN_RATE);
 
 	sec_sqe->type2.mac_key_alg |=
 			cpu_to_le32((u32)((ctx->a_key_len) /
@@ -1652,7 +1632,7 @@ static void sec_auth_bd_fill_ex_v3(struct sec_auth_ctx *ctx, int dir,
 	sqe3->a_key_addr = cpu_to_le64(ctx->a_key_dma);
 
 	sqe3->auth_mac_key |=
-			cpu_to_le32((u32)(ctx->mac_len /
+			cpu_to_le32((u32)(ctx->authsize /
 			SEC_SQE_LEN_RATE) << SEC_MAC_OFFSET_V3);
 
 	sqe3->auth_mac_key |=
@@ -1702,11 +1682,10 @@ static int sec_aead_bd_fill_v3(struct sec_ctx *ctx, struct sec_req *req)
 static void sec_aead_callback(struct sec_ctx *c, struct sec_req *req, int err)
 {
 	struct aead_request *a_req = req->aead_req.aead_req;
-	struct crypto_aead *tfm = crypto_aead_reqtfm(a_req);
 	struct sec_aead_req *aead_req = &req->aead_req;
 	struct sec_cipher_req *c_req = &req->c_req;
-	size_t authsize = crypto_aead_authsize(tfm);
 	struct sec_qp_ctx *qp_ctx = req->qp_ctx;
+	struct sec_auth_ctx *a_ctx = &c->a_ctx;
 	struct aead_request *backlog_aead_req;
 	struct sec_req *backlog_req;
 	size_t sz;
@@ -1718,11 +1697,9 @@ static void sec_aead_callback(struct sec_ctx *c, struct sec_req *req, int err)
 	if (!err && c_req->encrypt) {
 		struct scatterlist *sgl = a_req->dst;
 
-		sz = sg_pcopy_from_buffer(sgl, sg_nents(sgl),
-					  aead_req->out_mac,
-					  authsize, a_req->cryptlen +
-					  a_req->assoclen);
-		if (unlikely(sz != authsize)) {
+		sz = sg_pcopy_from_buffer(sgl, sg_nents(sgl), aead_req->out_mac,
+					  a_ctx->authsize, a_req->cryptlen + a_req->assoclen);
+		if (unlikely(sz != a_ctx->authsize)) {
 			dev_err(c->dev, "copy out mac err!\n");
 			err = -EINVAL;
 		}
@@ -2232,8 +2209,8 @@ static int aead_iv_demension_check(struct aead_request *aead_req)
 static int sec_aead_spec_check(struct sec_ctx *ctx, struct sec_req *sreq)
 {
 	struct aead_request *req = sreq->aead_req.aead_req;
-	struct crypto_aead *tfm = crypto_aead_reqtfm(req);
-	size_t authsize = crypto_aead_authsize(tfm);
+	struct sec_auth_ctx *a_ctx = &ctx->a_ctx;
+	size_t sz = a_ctx->authsize;
 	u8 c_mode = ctx->c_ctx.c_mode;
 	struct device *dev = ctx->dev;
 	int ret;
@@ -2244,9 +2221,8 @@ static int sec_aead_spec_check(struct sec_ctx *ctx, struct sec_req *sreq)
 		return -EINVAL;
 	}
 
-	if (unlikely((c_mode == SEC_CMODE_GCM && authsize < DES_BLOCK_SIZE) ||
-	   (c_mode == SEC_CMODE_CCM && (authsize < MIN_MAC_LEN ||
-		authsize & MAC_LEN_MASK)))) {
+	if (unlikely((c_mode == SEC_CMODE_GCM && sz < DES_BLOCK_SIZE) ||
+		     (c_mode == SEC_CMODE_CCM && (sz < MIN_MAC_LEN || sz & MAC_LEN_MASK)))) {
 		dev_err(dev, "aead input mac length error!\n");
 		return -EINVAL;
 	}
@@ -2266,7 +2242,7 @@ static int sec_aead_spec_check(struct sec_ctx *ctx, struct sec_req *sreq)
 	if (sreq->c_req.encrypt)
 		sreq->c_req.c_len = req->cryptlen;
 	else
-		sreq->c_req.c_len = req->cryptlen - authsize;
+		sreq->c_req.c_len = req->cryptlen - sz;
 	if (c_mode == SEC_CMODE_CBC) {
 		if (unlikely(sreq->c_req.c_len & (AES_BLOCK_SIZE - 1))) {
 			dev_err(dev, "aead crypto length error!\n");
@@ -2280,8 +2256,7 @@ static int sec_aead_spec_check(struct sec_ctx *ctx, struct sec_req *sreq)
 static int sec_aead_param_check(struct sec_ctx *ctx, struct sec_req *sreq)
 {
 	struct aead_request *req = sreq->aead_req.aead_req;
-	struct crypto_aead *tfm = crypto_aead_reqtfm(req);
-	size_t authsize = crypto_aead_authsize(tfm);
+	struct sec_auth_ctx *a_ctx = &ctx->a_ctx;
 	struct device *dev = ctx->dev;
 	u8 c_alg = ctx->c_ctx.c_alg;
 
@@ -2292,7 +2267,7 @@ static int sec_aead_param_check(struct sec_ctx *ctx, struct sec_req *sreq)
 
 	if (ctx->sec->qm.ver == QM_HW_V2) {
 		if (unlikely(!req->cryptlen || (!sreq->c_req.encrypt &&
-		    req->cryptlen <= authsize))) {
+			     req->cryptlen <= a_ctx->authsize))) {
 			ctx->a_ctx.fallback = true;
 			return -EINVAL;
 		}
@@ -2356,10 +2331,12 @@ static int sec_aead_crypto(struct aead_request *a_req, bool encrypt)
 	struct crypto_aead *tfm = crypto_aead_reqtfm(a_req);
 	struct sec_req *req = aead_request_ctx(a_req);
 	struct sec_ctx *ctx = crypto_aead_ctx(tfm);
+	struct sec_auth_ctx *a_ctx = &ctx->a_ctx;
 	int ret;
 
 	req->flag = a_req->base.flags;
 	req->aead_req.aead_req = a_req;
+	a_ctx->authsize = crypto_aead_authsize(tfm);
 	req->c_req.encrypt = encrypt;
 	req->ctx = ctx;
 
diff --git a/drivers/crypto/hisilicon/sec2/sec_crypto.h b/drivers/crypto/hisilicon/sec2/sec_crypto.h
index 27a0ee5ad913..04725b514382 100644
--- a/drivers/crypto/hisilicon/sec2/sec_crypto.h
+++ b/drivers/crypto/hisilicon/sec2/sec_crypto.h
@@ -23,17 +23,6 @@ enum sec_hash_alg {
 	SEC_A_HMAC_SHA512 = 0x15,
 };
 
-enum sec_mac_len {
-	SEC_HMAC_CCM_MAC   = 16,
-	SEC_HMAC_GCM_MAC   = 16,
-	SEC_SM3_MAC        = 32,
-	SEC_HMAC_SM3_MAC   = 32,
-	SEC_HMAC_MD5_MAC   = 16,
-	SEC_HMAC_SHA1_MAC   = 20,
-	SEC_HMAC_SHA256_MAC = 32,
-	SEC_HMAC_SHA512_MAC = 64,
-};
-
 enum sec_cmode {
 	SEC_CMODE_ECB    = 0x0,
 	SEC_CMODE_CBC    = 0x1,
-- 
2.33.0
Re: [PATCH v2 1/2] crypto: hisilicon/sec2 - fix for aead icv error
Posted by Herbert Xu 1 month ago
On Fri, Oct 18, 2024 at 06:58:29PM +0800, Chenghai Huang wrote:
>
> @@ -911,10 +910,8 @@ static int sec_cipher_pbuf_map(struct sec_ctx *ctx, struct sec_req *req,
>  		return -EINVAL;
>  	}
>  	if (!c_req->encrypt && ctx->alg_type == SEC_AEAD) {
> -		tfm = crypto_aead_reqtfm(aead_req);
> -		authsize = crypto_aead_authsize(tfm);
> -		mac_offset = qp_ctx->res[req_id].pbuf + copy_size - authsize;
> -		memcpy(a_req->out_mac, mac_offset, authsize);
> +		mac_offset = qp_ctx->res[req_id].pbuf + copy_size - a_ctx->authsize;
> +		memcpy(a_req->out_mac, mac_offset, a_ctx->authsize);

You've lost me.  a_ctx->authsize is set to the value of
crypto_aead_authsize(tfm).  In other words nothing has changed.
What am I missing?

> @@ -2356,10 +2331,12 @@ static int sec_aead_crypto(struct aead_request *a_req, bool encrypt)
>  	struct crypto_aead *tfm = crypto_aead_reqtfm(a_req);
>  	struct sec_req *req = aead_request_ctx(a_req);
>  	struct sec_ctx *ctx = crypto_aead_ctx(tfm);
> +	struct sec_auth_ctx *a_ctx = &ctx->a_ctx;
>  	int ret;
>  
>  	req->flag = a_req->base.flags;
>  	req->aead_req.aead_req = a_req;
> +	a_ctx->authsize = crypto_aead_authsize(tfm);
>  	req->c_req.encrypt = encrypt;
>  	req->ctx = ctx;

Cheers,
-- 
Email: Herbert Xu <herbert@gondor.apana.org.au>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt
Re: [PATCH v2 1/2] crypto: hisilicon/sec2 - fix for aead icv error
Posted by linwenkai (C) 1 month ago
在 2024/10/26 14:30, Herbert Xu 写道:
> On Fri, Oct 18, 2024 at 06:58:29PM +0800, Chenghai Huang wrote:
>> @@ -911,10 +910,8 @@ static int sec_cipher_pbuf_map(struct sec_ctx *ctx, struct sec_req *req,
>>   		return -EINVAL;
>>   	}
>>   	if (!c_req->encrypt && ctx->alg_type == SEC_AEAD) {
>> -		tfm = crypto_aead_reqtfm(aead_req);
>> -		authsize = crypto_aead_authsize(tfm);
>> -		mac_offset = qp_ctx->res[req_id].pbuf + copy_size - authsize;
>> -		memcpy(a_req->out_mac, mac_offset, authsize);
>> +		mac_offset = qp_ctx->res[req_id].pbuf + copy_size - a_ctx->authsize;
>> +		memcpy(a_req->out_mac, mac_offset, a_ctx->authsize);
> You've lost me.  a_ctx->authsize is set to the value of
> crypto_aead_authsize(tfm).  In other words nothing has changed.
> What am I missing?
>
>> @@ -2356,10 +2331,12 @@ static int sec_aead_crypto(struct aead_request *a_req, bool encrypt)
>>   	struct crypto_aead *tfm = crypto_aead_reqtfm(a_req);
>>   	struct sec_req *req = aead_request_ctx(a_req);
>>   	struct sec_ctx *ctx = crypto_aead_ctx(tfm);
>> +	struct sec_auth_ctx *a_ctx = &ctx->a_ctx;
>>   	int ret;
>>   
>>   	req->flag = a_req->base.flags;
>>   	req->aead_req.aead_req = a_req;
>> +	a_ctx->authsize = crypto_aead_authsize(tfm);
>>   	req->c_req.encrypt = encrypt;
>>   	req->ctx = ctx;
> Cheers,

Hi, do you want me to remove this variable and use the old way to get 
the authsize?

The variable is added to make code simple and to reduce some function calls.

Thanks.

Re: [PATCH v2 1/2] crypto: hisilicon/sec2 - fix for aead icv error
Posted by Herbert Xu 1 month ago
On Sat, Oct 26, 2024 at 03:50:58PM +0800, linwenkai (C) wrote:
>
> Hi, do you want me to remove this variable and use the old way to get the
> authsize?

The authsize parameter is meant to be constant throughout a single
encryption/decryption operation.  So saving a copy of it for the
duration of that operation makes no sense.

What is the actual problem that you're trying to fix?

Cheers,
-- 
Email: Herbert Xu <herbert@gondor.apana.org.au>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt
Re: [PATCH v2 1/2] crypto: hisilicon/sec2 - fix for aead icv error
Posted by linwenkai (C) 4 weeks, 1 day ago
在 2024/10/26 16:58, Herbert Xu 写道:
> On Sat, Oct 26, 2024 at 03:50:58PM +0800, linwenkai (C) wrote:
>> Hi, do you want me to remove this variable and use the old way to get the
>> authsize?
> The authsize parameter is meant to be constant throughout a single
> encryption/decryption operation.  So saving a copy of it for the
> duration of that operation makes no sense.
>
> What is the actual problem that you're trying to fix?
>
> Cheers,

Hi,

In earlier version, the authsize is set to the old mac_len during 
registration and it is the max value of the algorithm,

it leads to the hardware calculates a wrong mac when the authsize is not 
equal to the maximum.

Now, the driver gets the actual authsize from crypto_aead_authsize(), 
actx->authsize can reduce the number

of calling crypto_aead_authsize, because a lot of code uses this value.

Finally If you think the variable is not needed, I can delete it and use 
crypto_aead_authsize to get it every time.

Thanks.

Re: [PATCH v2 1/2] crypto: hisilicon/sec2 - fix for aead icv error
Posted by Herbert Xu 4 weeks, 1 day ago
On Mon, Oct 28, 2024 at 10:03:40AM +0800, linwenkai (C) wrote:
>
> Finally If you think the variable is not needed, I can delete it and use
> crypto_aead_authsize to get it every time.

Just call crypto_aead_authsize from the places where you need it.
There is no point in making another copy of authsize.

Thanks,
-- 
Email: Herbert Xu <herbert@gondor.apana.org.au>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt