Commit bd03b021 authored by Pascal van Leeuwen's avatar Pascal van Leeuwen Committed by Herbert Xu
Browse files

crypto: inside-secure - Prevent missing of processing errors 



On systems with coherence issues, packet processed could succeed while
it should have failed, e.g. because of an authentication fail.
This is because the driver would read stale status information that had
all error bits initialised to zero = no error.
Since this is potential a security risk, we want to prevent it from being
a possibility at all. So initialize all error bits to error state, so
that reading stale status information will always result in errors.

Signed-off-by: default avatarPascal van Leeuwen <pvanleeuwen@rambus.com>
Acked-by: default avatarAntoine Tenart <antoine.tenart@bootlin.com>
Signed-off-by: default avatarHerbert Xu <herbert@gondor.apana.org.au>
parent 9b20cbf8

drivers/crypto/inside-secure/safexcel_ring.c

+5 −4
Original line number Diff line number Diff line
@@ -236,8 +236,8 @@ struct safexcel_result_desc *safexcel_add_rdesc(struct safexcel_crypto_priv *pri 


	rdesc->particle_size = len;

	rdesc->rsvd0 = 0;

	rdesc->descriptor_overflow = 0;

	rdesc->buffer_overflow = 0;

	rdesc->descriptor_overflow = 1; /* assume error */

	rdesc->buffer_overflow = 1;     /* assume error */

	rdesc->last_seg = last;

	rdesc->first_seg = first;

	rdesc->result_size = EIP197_RD64_RESULT_SIZE;
@@ -245,9 +245,10 @@ struct safexcel_result_desc *safexcel_add_rdesc(struct safexcel_crypto_priv *pri 
	rdesc->data_lo = lower_32_bits(data);

	rdesc->data_hi = upper_32_bits(data);



	/* Clear length & error code in result token */

	/* Clear length in result token */

	rtoken->packet_length = 0;

	rtoken->error_code = 0;

	/* Assume errors - HW will clear if not the case */

	rtoken->error_code = 0x7fff;



	return rdesc;

}

CRA Git | Maintained and supported by SUSTech CRA and CCSE