| Message ID | e25e423595ead12913c9d6444438d89d85270a37.1662430815.git.pliem@maxlinear.com |
|---|---|
| State | Accepted |
| Commit | 664593407e936b6438fbfaaf98876910fd31cf9a |
| Headers | show |
| Series | [v2] crypto: inside_secure - Change swab to swab32 | expand |
Quoting Peter Harliman Liem (2022-09-06 04:51:28) > The use of swab() is causing failures in 64-bit arch, as it > translates to __swab64() instead of the intended __swab32(). > It eventually causes wrong results in xcbcmac & cmac algo. > > Fixes: 78cf1c8bfcb8 ("crypto: inside-secure - Move ipad/opad into safexcel_context") > Signed-off-by: Peter Harliman Liem <pliem@maxlinear.com> Acked-by: Antoine Tenart <atenart@kernel.org> Thanks! > --- > v2: > Add fixes tag > > drivers/crypto/inside-secure/safexcel_hash.c | 8 ++++---- > 1 file changed, 4 insertions(+), 4 deletions(-) > > diff --git a/drivers/crypto/inside-secure/safexcel_hash.c b/drivers/crypto/inside-secure/safexcel_hash.c > index bc60b5802256..2124416742f8 100644 > --- a/drivers/crypto/inside-secure/safexcel_hash.c > +++ b/drivers/crypto/inside-secure/safexcel_hash.c > @@ -383,7 +383,7 @@ static int safexcel_ahash_send_req(struct crypto_async_request *async, int ring, > u32 x; > > x = ipad[i] ^ ipad[i + 4]; > - cache[i] ^= swab(x); > + cache[i] ^= swab32(x); > } > } > cache_len = AES_BLOCK_SIZE; > @@ -821,7 +821,7 @@ static int safexcel_ahash_final(struct ahash_request *areq) > u32 *result = (void *)areq->result; > > /* K3 */ > - result[i] = swab(ctx->base.ipad.word[i + 4]); > + result[i] = swab32(ctx->base.ipad.word[i + 4]); > } > areq->result[0] ^= 0x80; // 10- padding > crypto_cipher_encrypt_one(ctx->kaes, areq->result, areq->result); > @@ -2106,7 +2106,7 @@ static int safexcel_xcbcmac_setkey(struct crypto_ahash *tfm, const u8 *key, > crypto_cipher_encrypt_one(ctx->kaes, (u8 *)key_tmp + AES_BLOCK_SIZE, > "\x3\x3\x3\x3\x3\x3\x3\x3\x3\x3\x3\x3\x3\x3\x3\x3"); > for (i = 0; i < 3 * AES_BLOCK_SIZE / sizeof(u32); i++) > - ctx->base.ipad.word[i] = swab(key_tmp[i]); > + ctx->base.ipad.word[i] = swab32(key_tmp[i]); > > crypto_cipher_clear_flags(ctx->kaes, CRYPTO_TFM_REQ_MASK); > crypto_cipher_set_flags(ctx->kaes, crypto_ahash_get_flags(tfm) & > @@ -2189,7 +2189,7 @@ static int safexcel_cmac_setkey(struct crypto_ahash *tfm, const u8 *key, > return ret; > > for (i = 0; i < len / sizeof(u32); i++) > - ctx->base.ipad.word[i + 8] = swab(aes.key_enc[i]); > + ctx->base.ipad.word[i + 8] = swab32(aes.key_enc[i]); > > /* precompute the CMAC key material */ > crypto_cipher_clear_flags(ctx->kaes, CRYPTO_TFM_REQ_MASK); > -- > 2.17.1 >
diff --git a/drivers/crypto/inside-secure/safexcel_hash.c b/drivers/crypto/inside-secure/safexcel_hash.c index bc60b5802256..2124416742f8 100644 --- a/drivers/crypto/inside-secure/safexcel_hash.c +++ b/drivers/crypto/inside-secure/safexcel_hash.c @@ -383,7 +383,7 @@ static int safexcel_ahash_send_req(struct crypto_async_request *async, int ring, u32 x; x = ipad[i] ^ ipad[i + 4]; - cache[i] ^= swab(x); + cache[i] ^= swab32(x); } } cache_len = AES_BLOCK_SIZE; @@ -821,7 +821,7 @@ static int safexcel_ahash_final(struct ahash_request *areq) u32 *result = (void *)areq->result; /* K3 */ - result[i] = swab(ctx->base.ipad.word[i + 4]); + result[i] = swab32(ctx->base.ipad.word[i + 4]); } areq->result[0] ^= 0x80; // 10- padding crypto_cipher_encrypt_one(ctx->kaes, areq->result, areq->result); @@ -2106,7 +2106,7 @@ static int safexcel_xcbcmac_setkey(struct crypto_ahash *tfm, const u8 *key, crypto_cipher_encrypt_one(ctx->kaes, (u8 *)key_tmp + AES_BLOCK_SIZE, "\x3\x3\x3\x3\x3\x3\x3\x3\x3\x3\x3\x3\x3\x3\x3\x3"); for (i = 0; i < 3 * AES_BLOCK_SIZE / sizeof(u32); i++) - ctx->base.ipad.word[i] = swab(key_tmp[i]); + ctx->base.ipad.word[i] = swab32(key_tmp[i]); crypto_cipher_clear_flags(ctx->kaes, CRYPTO_TFM_REQ_MASK); crypto_cipher_set_flags(ctx->kaes, crypto_ahash_get_flags(tfm) & @@ -2189,7 +2189,7 @@ static int safexcel_cmac_setkey(struct crypto_ahash *tfm, const u8 *key, return ret; for (i = 0; i < len / sizeof(u32); i++) - ctx->base.ipad.word[i + 8] = swab(aes.key_enc[i]); + ctx->base.ipad.word[i + 8] = swab32(aes.key_enc[i]); /* precompute the CMAC key material */ crypto_cipher_clear_flags(ctx->kaes, CRYPTO_TFM_REQ_MASK);
The use of swab() is causing failures in 64-bit arch, as it translates to __swab64() instead of the intended __swab32(). It eventually causes wrong results in xcbcmac & cmac algo. Fixes: 78cf1c8bfcb8 ("crypto: inside-secure - Move ipad/opad into safexcel_context") Signed-off-by: Peter Harliman Liem <pliem@maxlinear.com> --- v2: Add fixes tag drivers/crypto/inside-secure/safexcel_hash.c | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-)