diff options
| author | Nathan Chancellor <natechancellor@gmail.com> | 2020-10-17 19:41:12 -0700 |
|---|---|---|
| committer | dragonGR <alex@dragongr.dev> | 2020-10-21 17:48:12 +0300 |
| commit | b95c30af9b48bddb166a50c8cd8e5b046b443ca5 (patch) | |
| tree | 5b6d24aa3d4f44570343affa07e7ea50cc7cb766 /drivers/crypto/qat | |
| parent | 15c7ef27ab40e8ccda729e0736eb91a7e387e2bb (diff) | |
Changes in 4.14.202: (19 commits)
Bluetooth: fix kernel oops in store_pending_adv_report
Bluetooth: A2MP: Fix not initializing all members
Bluetooth: L2CAP: Fix calling sk_filter on non-socket based channel
Bluetooth: MGMT: Fix not checking if BT_HS is enabled
Bluetooth: Consolidate encryption handling in hci_encrypt_cfm
Bluetooth: Fix update of connection state in `hci_encrypt_cfm`
Bluetooth: Disconnect if E0 is used for Level 4
media: usbtv: Fix refcounting mixup
USB: serial: option: add Cellient MPL200 card
USB: serial: option: Add Telit FT980-KS composition
staging: comedi: check validity of wMaxPacketSize of usb endpoints found
USB: serial: pl2303: add device-id for HP GC device
USB: serial: ftdi_sio: add support for FreeCalypso JTAG+UART adapters
reiserfs: Initialize inode keys properly
reiserfs: Fix oops during mount
drivers/net/ethernet/marvell/mvmdio.c: Fix non OF case
crypto: bcm - Verify GCM/CCM key length in setkey
crypto: qat - check cipher length for aead AES-CBC-HMAC-SHA
Linux 4.14.202
Signed-off-by: Nathan Chancellor <natechancellor@gmail.com>
Diffstat (limited to 'drivers/crypto/qat')
| -rw-r--r-- | drivers/crypto/qat/qat_common/qat_algs.c | 10 |
1 files changed, 9 insertions, 1 deletions
diff --git a/drivers/crypto/qat/qat_common/qat_algs.c b/drivers/crypto/qat/qat_common/qat_algs.c index baffae817259..bb875245644f 100644 --- a/drivers/crypto/qat/qat_common/qat_algs.c +++ b/drivers/crypto/qat/qat_common/qat_algs.c @@ -825,6 +825,11 @@ static int qat_alg_aead_dec(struct aead_request *areq) struct icp_qat_fw_la_bulk_req *msg; int digst_size = crypto_aead_authsize(aead_tfm); int ret, ctr = 0; + u32 cipher_len; + + cipher_len = areq->cryptlen - digst_size; + if (cipher_len % AES_BLOCK_SIZE != 0) + return -EINVAL; ret = qat_alg_sgl_to_bufl(ctx->inst, areq->src, areq->dst, qat_req); if (unlikely(ret)) @@ -839,7 +844,7 @@ static int qat_alg_aead_dec(struct aead_request *areq) qat_req->req.comn_mid.src_data_addr = qat_req->buf.blp; qat_req->req.comn_mid.dest_data_addr = qat_req->buf.bloutp; cipher_param = (void *)&qat_req->req.serv_specif_rqpars; - cipher_param->cipher_length = areq->cryptlen - digst_size; + cipher_param->cipher_length = cipher_len; cipher_param->cipher_offset = areq->assoclen; memcpy(cipher_param->u.cipher_IV_array, areq->iv, AES_BLOCK_SIZE); auth_param = (void *)((uint8_t *)cipher_param + sizeof(*cipher_param)); @@ -868,6 +873,9 @@ static int qat_alg_aead_enc(struct aead_request *areq) uint8_t *iv = areq->iv; int ret, ctr = 0; + if (areq->cryptlen % AES_BLOCK_SIZE != 0) + return -EINVAL; + ret = qat_alg_sgl_to_bufl(ctx->inst, areq->src, areq->dst, qat_req); if (unlikely(ret)) return ret; |