D32104.diff
No OneTemporary
Actions

Size

2 KB

Referenced Files

None

Subscribers

None

D32104.diff
View Options

	diff --git a/sys/crypto/ccp/ccp_hardware.c b/sys/crypto/ccp/ccp_hardware.c
	--- a/sys/crypto/ccp/ccp_hardware.c
	+++ b/sys/crypto/ccp/ccp_hardware.c
	@@ -1356,10 +1356,9 @@
	crypto_read_iv(crp, iv);

	/*
	- * If the input IV is 12 bytes, append an explicit counter of 1.
	+ * Append an explicit counter of 1 for GCM.
	*/
	- if (csp->csp_cipher_alg == CRYPTO_AES_NIST_GCM_16 &&
	- csp->csp_ivlen == 12)
	+ if (csp->csp_cipher_alg == CRYPTO_AES_NIST_GCM_16)
	(uint32_t )&iv[12] = htobe32(1);

	if (csp->csp_cipher_alg == CRYPTO_AES_XTS &&
	diff --git a/sys/dev/cxgbe/crypto/t4_crypto.c b/sys/dev/cxgbe/crypto/t4_crypto.c
	--- a/sys/dev/cxgbe/crypto/t4_crypto.c
	+++ b/sys/dev/cxgbe/crypto/t4_crypto.c
	@@ -1136,26 +1136,7 @@
	else
	op_type = CHCR_DECRYPT_OP;

	- /*
	- * The IV handling for GCM in OCF is a bit more complicated in
	- * that IPSec provides a full 16-byte IV (including the
	- * counter), whereas the /dev/crypto interface sometimes
	- * provides a full 16-byte IV (if no IV is provided in the
	- * ioctl) and sometimes a 12-byte IV (if the IV was explicit).
	- *
	- * When provided a 12-byte IV, assume the IV is really 16 bytes
	- * with a counter in the last 4 bytes initialized to 1.
	- *
	- * While iv_len is checked below, the value is currently
	- * always set to 12 when creating a GCM session in this driver
	- * due to limitations in OCF (there is no way to know what the
	- * IV length of a given request will be). This means that the
	- * driver always assumes as 12-byte IV for now.
	- */
	- if (s->blkcipher.iv_len == 12)
	- iv_len = AES_BLOCK_LEN;
	- else
	- iv_len = s->blkcipher.iv_len;
	+ iv_len = AES_BLOCK_LEN;

	/*
	* GCM requests should always provide an explicit IV.
	@@ -1293,9 +1274,8 @@
	crwr = wrtod(wr);
	memset(crwr, 0, wr_len);

	- memcpy(iv, crp->crp_iv, s->blkcipher.iv_len);
	- if (s->blkcipher.iv_len == 12)
	- (uint32_t )&iv[12] = htobe32(1);
	+ crypto_read_iv(crp, iv);
	+ (uint32_t )&iv[12] = htobe32(1);

	ccr_populate_wreq(sc, s, crwr, kctx_len, wr_len, imm_len, sgl_len, 0,
	crp);
	@@ -1448,15 +1428,11 @@
	if (error)
	goto out;

	- /*
	- * This assumes a 12-byte IV from the crp. See longer comment
	- * above in ccr_gcm() for more details.
	- */
	if ((crp->crp_flags & CRYPTO_F_IV_SEPARATE) == 0) {
	error = EINVAL;
	goto out;
	}
	- memcpy(iv, crp->crp_iv, 12);
	+ crypto_read_iv(crp, iv);
	(uint32_t )&iv[12] = htobe32(1);

	axf->Reinit(auth_ctx, iv, sizeof(iv));
	@@ -1770,7 +1746,7 @@
	*/
	memset(iv, 0, iv_len);
	iv[0] = (15 - AES_CCM_IV_LEN) - 1;
	- memcpy(iv + 1, crp->crp_iv, AES_CCM_IV_LEN);
	+ crypto_read_iv(crp, iv + 1);

	ccr_populate_wreq(sc, s, crwr, kctx_len, wr_len, imm_len, sgl_len, 0,
	crp);
	@@ -1943,7 +1919,7 @@
	error = EINVAL;
	goto out;
	}
	- memcpy(iv, crp->crp_iv, AES_CCM_IV_LEN);
	+ crypto_read_iv(crp, iv);

	auth_ctx->aes_cbc_mac_ctx.authDataLength = crp->crp_aad_length;
	auth_ctx->aes_cbc_mac_ctx.cryptDataLength = crp->crp_payload_length;

File Metadata

Mime Type: text/plain
Expires: Sun, Nov 17, 7:17 PM (20 h, 42 m)
Storage Engine: blob
Storage Format: Raw Data
Storage Handle: 14683629
Default Alt Text: D32104.diff (2 KB)

D32104.diffNo OneTemporaryActions

D32104.diffView Options

File Metadata

Event Timeline

D32104.diff
No OneTemporary
Actions

D32104.diff
View Options