1. Patchew
  2. linux
  3. View series

[PATCH] crypto: eip93 - Fix dma_unmap_single() direction in eip93_hash_handle_result()

Thomas Fourier posted 1 patch 2 days, 19 hours ago 
drivers/crypto/inside-secure/eip93/eip93-common.c | 4 ++--
drivers/crypto/inside-secure/eip93/eip93-hash.c   | 2 +-
2 files changed, 3 insertions(+), 3 deletions(-)
[PATCH] crypto: eip93 - Fix dma_unmap_single() direction in eip93_hash_handle_result()
Posted by Thomas Fourier 2 days, 19 hours ago 
The buffer rctx->sa_record_base was mapped in eip93_hash_update();
rctx->sa_state_ctr_base and rctx->sa_state_base in eip93_send_req()
with direction DMA_TO_DEVICE but unmap with DMA_FROM_DEVICE in
eip93_hash_handle_result() and eip93_handle_result().

Change the unmap to match the mapping.

Fixes: 9739f5f93b78 ("crypto: eip93 - Add Inside Secure SafeXcel EIP-93 crypto engine support")
Cc: <stable@vger.kernel.org>
Signed-off-by: Thomas Fourier <fourier.thomas@gmail.com>
---
 drivers/crypto/inside-secure/eip93/eip93-common.c | 4 ++--
 drivers/crypto/inside-secure/eip93/eip93-hash.c   | 2 +-
 2 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/drivers/crypto/inside-secure/eip93/eip93-common.c b/drivers/crypto/inside-secure/eip93/eip93-common.c
index f4ad6beff15e..75659a45ea5a 100644
--- a/drivers/crypto/inside-secure/eip93/eip93-common.c
+++ b/drivers/crypto/inside-secure/eip93/eip93-common.c
@@ -687,12 +687,12 @@ void eip93_handle_result(struct eip93_device *eip93, struct eip93_cipher_reqctx
 	if (rctx->sa_state_ctr)
 		dma_unmap_single(eip93->dev, rctx->sa_state_ctr_base,
 				 sizeof(*rctx->sa_state_ctr),
-				 DMA_FROM_DEVICE);
+				 DMA_TO_DEVICE);
 
 	if (rctx->sa_state)
 		dma_unmap_single(eip93->dev, rctx->sa_state_base,
 				 sizeof(*rctx->sa_state),
-				 DMA_FROM_DEVICE);
+				 DMA_TO_DEVICE);
 
 	if (!IS_ECB(rctx->flags))
 		memcpy(reqiv, rctx->sa_state->state_iv, rctx->ivsize);
diff --git a/drivers/crypto/inside-secure/eip93/eip93-hash.c b/drivers/crypto/inside-secure/eip93/eip93-hash.c
index 2705855475b2..19a41a0db667 100644
--- a/drivers/crypto/inside-secure/eip93/eip93-hash.c
+++ b/drivers/crypto/inside-secure/eip93/eip93-hash.c
@@ -67,7 +67,7 @@ void eip93_hash_handle_result(struct crypto_async_request *async, int err)
 	int i;
 
 	dma_unmap_single(eip93->dev, rctx->sa_state_base,
-			 sizeof(*sa_state), DMA_FROM_DEVICE);
+			 sizeof(*sa_state), DMA_TO_DEVICE);
 
 	/*
 	 * With partial_hash assume SHA256_DIGEST_SIZE buffer is passed.
-- 
2.43.0
Re: [PATCH] crypto: eip93 - Fix dma_unmap_single() direction in eip93_hash_handle_result()
Posted by Christian Marangi 2 days, 18 hours ago 
On Mon, Mar 30, 2026 at 11:18:14AM +0200, Thomas Fourier wrote:
> The buffer rctx->sa_record_base was mapped in eip93_hash_update();
> rctx->sa_state_ctr_base and rctx->sa_state_base in eip93_send_req()
> with direction DMA_TO_DEVICE but unmap with DMA_FROM_DEVICE in
> eip93_hash_handle_result() and eip93_handle_result().
> 
> Change the unmap to match the mapping.
> 
> Fixes: 9739f5f93b78 ("crypto: eip93 - Add Inside Secure SafeXcel EIP-93 crypto engine support")
> Cc: <stable@vger.kernel.org>
> Signed-off-by: Thomas Fourier <fourier.thomas@gmail.com>

Hi,

was this tested with the crypto self test?

I need to check the code again but in theory with handle result, we should
get the data from device in sa_state and cache should be invalidated. If we
want to use matching maybe we should change to BIDIRECTIONAL?

The mismatched flag was to invalidate relevant cache on tramissing to device and
then invalidate relevant cache when reading it.

> ---
>  drivers/crypto/inside-secure/eip93/eip93-common.c | 4 ++--
>  drivers/crypto/inside-secure/eip93/eip93-hash.c   | 2 +-
>  2 files changed, 3 insertions(+), 3 deletions(-)
> 
> diff --git a/drivers/crypto/inside-secure/eip93/eip93-common.c b/drivers/crypto/inside-secure/eip93/eip93-common.c
> index f4ad6beff15e..75659a45ea5a 100644
> --- a/drivers/crypto/inside-secure/eip93/eip93-common.c
> +++ b/drivers/crypto/inside-secure/eip93/eip93-common.c
> @@ -687,12 +687,12 @@ void eip93_handle_result(struct eip93_device *eip93, struct eip93_cipher_reqctx
>  	if (rctx->sa_state_ctr)
>  		dma_unmap_single(eip93->dev, rctx->sa_state_ctr_base,
>  				 sizeof(*rctx->sa_state_ctr),
> -				 DMA_FROM_DEVICE);
> +				 DMA_TO_DEVICE);
>  
>  	if (rctx->sa_state)
>  		dma_unmap_single(eip93->dev, rctx->sa_state_base,
>  				 sizeof(*rctx->sa_state),
> -				 DMA_FROM_DEVICE);
> +				 DMA_TO_DEVICE);
>  
>  	if (!IS_ECB(rctx->flags))
>  		memcpy(reqiv, rctx->sa_state->state_iv, rctx->ivsize);
> diff --git a/drivers/crypto/inside-secure/eip93/eip93-hash.c b/drivers/crypto/inside-secure/eip93/eip93-hash.c
> index 2705855475b2..19a41a0db667 100644
> --- a/drivers/crypto/inside-secure/eip93/eip93-hash.c
> +++ b/drivers/crypto/inside-secure/eip93/eip93-hash.c
> @@ -67,7 +67,7 @@ void eip93_hash_handle_result(struct crypto_async_request *async, int err)
>  	int i;
>  
>  	dma_unmap_single(eip93->dev, rctx->sa_state_base,
> -			 sizeof(*sa_state), DMA_FROM_DEVICE);
> +			 sizeof(*sa_state), DMA_TO_DEVICE);
>  
>  	/*
>  	 * With partial_hash assume SHA256_DIGEST_SIZE buffer is passed.
> -- 
> 2.43.0
> 

-- 
	Ansuel
Re: [PATCH] crypto: eip93 - Fix dma_unmap_single() direction in eip93_hash_handle_result()
Posted by Thomas Fourier 2 days, 13 hours ago 
Hi,

On 30/03/2026 11:37, Christian Marangi wrote:
> On Mon, Mar 30, 2026 at 11:18:14AM +0200, Thomas Fourier wrote:
> 
> Hi,
> 
> was this tested with the crypto self test?
This was only compile tested. The change is based on the documentation which 
states that dma_map_single() and dma_unmap_single() should take all the same 
parameters. From what I understand, it could cause issues with bounce buffers 
and IOMMU permission if it is activated.
>
> I need to check the code again but in theory with handle result, we should
> get the data from device in sa_state and cache should be invalidated. If we
> want to use matching maybe we should change to BIDIRECTIONAL?
Yes, sa_state is set before the mapping for the device and read after the 
unmapping so I think the BIDIRECTIONAL tag is required.

Should I split the changes between eip93-common.c which seem good regarding that 
as is, and eip93-hash.c and change the direction to BIDIRECTIONNAL?
> 
> The mismatched flag was to invalidate relevant cache on tramissing to device and
> then invalidate relevant cache when reading it.
> 
>> ---
>>   drivers/crypto/inside-secure/eip93/eip93-common.c | 4 ++--
>>   drivers/crypto/inside-secure/eip93/eip93-hash.c   | 2 +-
>>   2 files changed, 3 insertions(+), 3 deletions(-)
>>
>> diff --git a/drivers/crypto/inside-secure/eip93/eip93-common.c b/drivers/crypto/inside-secure/eip93/eip93-common.c
>> index f4ad6beff15e..75659a45ea5a 100644
>> --- a/drivers/crypto/inside-secure/eip93/eip93-common.c
>> +++ b/drivers/crypto/inside-secure/eip93/eip93-common.c
>> @@ -687,12 +687,12 @@ void eip93_handle_result(struct eip93_device *eip93, struct eip93_cipher_reqctx
>>   	if (rctx->sa_state_ctr)
>>   		dma_unmap_single(eip93->dev, rctx->sa_state_ctr_base,
>>   				 sizeof(*rctx->sa_state_ctr),
>> -				 DMA_FROM_DEVICE);
>> +				 DMA_TO_DEVICE);
>>   
>>   	if (rctx->sa_state)
>>   		dma_unmap_single(eip93->dev, rctx->sa_state_base,
>>   				 sizeof(*rctx->sa_state),
>> -				 DMA_FROM_DEVICE);
>> +				 DMA_TO_DEVICE);
>>   
>>   	if (!IS_ECB(rctx->flags))
>>   		memcpy(reqiv, rctx->sa_state->state_iv, rctx->ivsize);
>> diff --git a/drivers/crypto/inside-secure/eip93/eip93-hash.c b/drivers/crypto/inside-secure/eip93/eip93-hash.c
>> index 2705855475b2..19a41a0db667 100644
>> --- a/drivers/crypto/inside-secure/eip93/eip93-hash.c
>> +++ b/drivers/crypto/inside-secure/eip93/eip93-hash.c
>> @@ -67,7 +67,7 @@ void eip93_hash_handle_result(struct crypto_async_request *async, int err)
>>   	int i;
>>   
>>   	dma_unmap_single(eip93->dev, rctx->sa_state_base,
>> -			 sizeof(*sa_state), DMA_FROM_DEVICE);
>> +			 sizeof(*sa_state), DMA_TO_DEVICE);
>>   
>>   	/*
>>   	 * With partial_hash assume SHA256_DIGEST_SIZE buffer is passed.
>> -- 
>> 2.43.0
>>
>

Patchew 2.1-devel-ea86937

© 2016 - 2026 Red Hat, Inc.