Commit ba95487d authored by Kim Phillips's avatar Kim Phillips Committed by Herbert Xu
Browse files

crypto: talitos - Avoid consecutive packets going out with same IV 



The SEC's h/w IV out implementation DMAs the trailing encrypted payload
block of the last encryption to ctx->iv.  Since the last encryption may
still be pending completion, we can sufficiently prevent successive
packets from being transmitted with the same IV by xoring with sequence
number.

Also initialize alg_list earlier to prevent oopsing on a failed probe.

Signed-off-by: default avatarKim Phillips <kim.phillips@freescale.com>
Signed-off-by: default avatarLee Nipper <lee.nipper@freescale.com>
Signed-off-by: default avatarHerbert Xu <herbert@gondor.apana.org.au>
parent 6bfb09a1

drivers/crypto/talitos.c

+4 −2
Original line number Original line Diff line number Diff line
@@ -1157,6 +1157,8 @@ static int aead_authenc_givencrypt( 
	edesc->desc.hdr = ctx->desc_hdr_template | DESC_HDR_MODE0_ENCRYPT;

	edesc->desc.hdr = ctx->desc_hdr_template | DESC_HDR_MODE0_ENCRYPT;





	memcpy(req->giv, ctx->iv, crypto_aead_ivsize(authenc));

	memcpy(req->giv, ctx->iv, crypto_aead_ivsize(authenc));

	/* avoid consecutive packets going out with same IV */

	*(__be64 *)req->giv ^= cpu_to_be64(req->seq);





	return ipsec_esp(edesc, areq, req->giv, req->seq,

	return ipsec_esp(edesc, areq, req->giv, req->seq,

			 ipsec_esp_encrypt_done);

			 ipsec_esp_encrypt_done);
@@ -1449,6 +1451,8 @@ static int talitos_probe(struct of_device *ofdev, 




	priv->ofdev = ofdev;

	priv->ofdev = ofdev;





	INIT_LIST_HEAD(&priv->alg_list);



	tasklet_init(&priv->done_task, talitos_done, (unsigned long)dev);

	tasklet_init(&priv->done_task, talitos_done, (unsigned long)dev);

	tasklet_init(&priv->error_task, talitos_error, (unsigned long)dev);

	tasklet_init(&priv->error_task, talitos_error, (unsigned long)dev);
@@ -1575,8 +1579,6 @@ static int talitos_probe(struct of_device *ofdev, 
	}

	}





	/* register crypto algorithms the device supports */

	/* register crypto algorithms the device supports */

	INIT_LIST_HEAD(&priv->alg_list);



	for (i = 0; i < ARRAY_SIZE(driver_algs); i++) {

	for (i = 0; i < ARRAY_SIZE(driver_algs); i++) {

		if (hw_supports(dev, driver_algs[i].desc_hdr_template)) {

		if (hw_supports(dev, driver_algs[i].desc_hdr_template)) {

			struct talitos_crypto_alg *t_alg;

			struct talitos_crypto_alg *t_alg;

CRA Git | Maintained and supported by SUSTech CRA and CCSE