diff options
| author | Eneas U de Queiroz <cotequeiroz@gmail.com> | 2019-12-20 10:52:17 -0300 |
|---|---|---|
| committer | Christian Lamparter <chunkeey@gmail.com> | 2020-02-28 22:46:09 +0100 |
| commit | 13b8404b1eaaa51027cae42c8152b9123d92a425 (patch) | |
| tree | a3193bb01ead9a0d3ea281b619161da6e86ea1ce /target/linux/ipq40xx/patches-4.19/043-crypto-qce-save-a-sg-table-slot-for-result-buf.patch | |
| parent | ee4a0afdcdf0c11528d685efd64fb8f4b4efcbb1 (diff) | |
| download | upstream-13b8404b1eaaa51027cae42c8152b9123d92a425.tar.gz upstream-13b8404b1eaaa51027cae42c8152b9123d92a425.tar.bz2 upstream-13b8404b1eaaa51027cae42c8152b9123d92a425.zip | |
ipq40xx: qce - add fixes for AES ciphers
This backports commits from master that fix AES ciphers when using the
qce driver:
- A couple of simple fixes for CTR and XTS modes used with AES:
* 041-crypto-qce-fix-ctr-aes-qce-block-chunk-sizes.patch
* 042-crypto-qce-fix-xts-aes-qce-key-sizes.patch
- A fix for a bug that affected cases when there were more entries in
the input sg list than necessary to actually encrypt, resulting in
failure in gcm, where the authentication tag is present after the
encryption data:
* 043-crypto-qce-save-a-sg-table-slot-for-result-buf.patch
- A fix to update the IV buffer passed to the driver from the kernel:
* 044-crypto-qce-update-the-skcipher-IV.patch
- A patch that reduces memory footprint and driver initialization by
only initializing the fallback mechanism where it is actually used:
* 046-crypto-qce-initialize-fallback-only-for-AES.patch
- Three patches that make gcm and xts modes work with the qce driver,
and improve performance with small blocks:
* 047-crypto-qce-use-cryptlen-when-adding-extra-sgl.patch
* 048-crypto-qce-use-AES-fallback-for-small-requests.patch
* 049-crypto-qce-handle-AES-XTS-cases-that-qce-fails.patch
- A patch that allows the hashes/ciphers to be built individually.
* 051-crypto-qce-allow-building-only-hashes-ciphers.patch
Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
[renumbered patches, added patches from dropped commit, refreshed, 5.4]
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
Diffstat (limited to 'target/linux/ipq40xx/patches-4.19/043-crypto-qce-save-a-sg-table-slot-for-result-buf.patch')
| -rw-r--r-- | target/linux/ipq40xx/patches-4.19/043-crypto-qce-save-a-sg-table-slot-for-result-buf.patch | 79 |
1 files changed, 79 insertions, 0 deletions
diff --git a/target/linux/ipq40xx/patches-4.19/043-crypto-qce-save-a-sg-table-slot-for-result-buf.patch b/target/linux/ipq40xx/patches-4.19/043-crypto-qce-save-a-sg-table-slot-for-result-buf.patch new file mode 100644 index 0000000000..95650690fb --- /dev/null +++ b/target/linux/ipq40xx/patches-4.19/043-crypto-qce-save-a-sg-table-slot-for-result-buf.patch @@ -0,0 +1,79 @@ +From 31f796293b6c38126a466414c565827b9cfdbe39 Mon Sep 17 00:00:00 2001 +From: Eneas U de Queiroz <cotequeiroz@gmail.com> +Date: Wed, 20 Nov 2019 21:39:11 -0300 +Subject: [PATCH] crypto: qce - save a sg table slot for result buf + +When ctr-aes-qce is used for gcm-mode, an extra sg entry for the +authentication tag is present, causing trouble when the qce driver +prepares the dst-results eg table for dma. + +It computes the number of entries needed with sg_nents_for_len, leaving +out the tag entry. Then it creates a sg table with that number plus +one, used to store a "result" sg. + +When copying the sg table, it does not limit the number of entries +copied, so tha extra slot is filled with the authentication tag sg. +When the driver tries to add the result sg, the list is full, and it +returns EINVAL. + +By limiting the number of sg entries copied to the dest table, the slot +for the result buffer is guaranteed to be unused. + +Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com> + +--- a/drivers/crypto/qce/dma.c ++++ b/drivers/crypto/qce/dma.c +@@ -55,7 +55,8 @@ void qce_dma_release(struct qce_dma_data + } + + struct scatterlist * +-qce_sgtable_add(struct sg_table *sgt, struct scatterlist *new_sgl) ++qce_sgtable_add(struct sg_table *sgt, struct scatterlist *new_sgl, ++ int max_ents) + { + struct scatterlist *sg = sgt->sgl, *sg_last = NULL; + +@@ -68,12 +69,13 @@ qce_sgtable_add(struct sg_table *sgt, st + if (!sg) + return ERR_PTR(-EINVAL); + +- while (new_sgl && sg) { ++ while (new_sgl && sg && max_ents) { + sg_set_page(sg, sg_page(new_sgl), new_sgl->length, + new_sgl->offset); + sg_last = sg; + sg = sg_next(sg); + new_sgl = sg_next(new_sgl); ++ max_ents--; + } + + return sg_last; +--- a/drivers/crypto/qce/dma.h ++++ b/drivers/crypto/qce/dma.h +@@ -50,6 +50,7 @@ int qce_dma_prep_sgs(struct qce_dma_data + void qce_dma_issue_pending(struct qce_dma_data *dma); + int qce_dma_terminate_all(struct qce_dma_data *dma); + struct scatterlist * +-qce_sgtable_add(struct sg_table *sgt, struct scatterlist *sg_add); ++qce_sgtable_add(struct sg_table *sgt, struct scatterlist *sg_add, ++ int max_ents); + + #endif /* _DMA_H_ */ +--- a/drivers/crypto/qce/skcipher.c ++++ b/drivers/crypto/qce/skcipher.c +@@ -103,13 +103,13 @@ qce_skcipher_async_req_handle(struct cry + + sg_init_one(&rctx->result_sg, qce->dma.result_buf, QCE_RESULT_BUF_SZ); + +- sg = qce_sgtable_add(&rctx->dst_tbl, req->dst); ++ sg = qce_sgtable_add(&rctx->dst_tbl, req->dst, rctx->dst_nents - 1); + if (IS_ERR(sg)) { + ret = PTR_ERR(sg); + goto error_free; + } + +- sg = qce_sgtable_add(&rctx->dst_tbl, &rctx->result_sg); ++ sg = qce_sgtable_add(&rctx->dst_tbl, &rctx->result_sg, 1); + if (IS_ERR(sg)) { + ret = PTR_ERR(sg); + goto error_free; |