diff options
Diffstat (limited to 'meta/recipes-kernel/cryptodev/files/0003-convert-to-new-AEAD-interface-in-kernels-v4.2.patch')
| -rw-r--r-- | meta/recipes-kernel/cryptodev/files/0003-convert-to-new-AEAD-interface-in-kernels-v4.2.patch | 102 |
1 files changed, 102 insertions, 0 deletions
diff --git a/meta/recipes-kernel/cryptodev/files/0003-convert-to-new-AEAD-interface-in-kernels-v4.2.patch b/meta/recipes-kernel/cryptodev/files/0003-convert-to-new-AEAD-interface-in-kernels-v4.2.patch new file mode 100644 index 0000000000..860230778b --- /dev/null +++ b/meta/recipes-kernel/cryptodev/files/0003-convert-to-new-AEAD-interface-in-kernels-v4.2.patch @@ -0,0 +1,102 @@ +From a705360197260d28535746ae98c461ba2cfb7a9e Mon Sep 17 00:00:00 2001 +From: Cristian Stoica <cristian.stoica@nxp.com> +Date: Thu, 4 May 2017 15:06:22 +0300 +Subject: [PATCH 3/3] convert to new AEAD interface in kernels v4.2+ + +The crypto API for AEAD ciphers changed in recent kernels so that +associated data is now part of both source and destination scatter +gathers. The source, destination and associated data buffers need +to be stiched accordingly for the operations to succeed: + +src_sg: auth_buf + src_buf +dst_sg: auth_buf + (dst_buf + tag space) + +This patch fixes a kernel crash observed with cipher-gcm test. + +See also kernel patch: 81c4c35eb61a69c229871c490b011c1171511d5a + crypto: ccm - Convert to new AEAD interface + +Reported-by: Phil Sutter <phil@nwl.cc> +Signed-off-by: Cristian Stoica <cristian.stoica@nxp.com> + +Upstream-Status: Backport + +Commit ID: a705360197260d2853574 + +Signed-off-by: Hongzhi.Song <hongzhi.song@windriver.com> +--- + authenc.c | 40 ++++++++++++++++++++++++++++++++++++++-- + 1 file changed, 38 insertions(+), 2 deletions(-) + +diff --git a/authenc.c b/authenc.c +index 95727b4..692951f 100644 +--- a/authenc.c ++++ b/authenc.c +@@ -688,12 +688,20 @@ free_auth_buf: + + static int crypto_auth_zc_aead(struct csession *ses_ptr, struct kernel_crypt_auth_op *kcaop) + { +- struct scatterlist *dst_sg, *auth_sg, *src_sg; ++ struct scatterlist *dst_sg; ++ struct scatterlist *src_sg; + struct crypt_auth_op *caop = &kcaop->caop; + unsigned char *auth_buf = NULL; +- struct scatterlist tmp; + int ret; + ++#if (LINUX_VERSION_CODE < KERNEL_VERSION(4, 2, 0)) ++ struct scatterlist tmp; ++ struct scatterlist *auth_sg; ++#else ++ struct scatterlist auth1[2]; ++ struct scatterlist auth2[2]; ++#endif ++ + if (unlikely(ses_ptr->cdata.init == 0 || + (ses_ptr->cdata.stream == 0 && ses_ptr->cdata.aead == 0))) { + derr(0, "Only stream and AEAD ciphers are allowed for authenc"); +@@ -718,6 +726,7 @@ static int crypto_auth_zc_aead(struct csession *ses_ptr, struct kernel_crypt_aut + goto free_auth_buf; + } + ++#if (LINUX_VERSION_CODE < KERNEL_VERSION(4, 2, 0)) + if (caop->auth_src && caop->auth_len > 0) { + if (unlikely(copy_from_user(auth_buf, caop->auth_src, caop->auth_len))) { + derr(1, "unable to copy auth data from userspace."); +@@ -733,6 +742,33 @@ static int crypto_auth_zc_aead(struct csession *ses_ptr, struct kernel_crypt_aut + + ret = auth_n_crypt(ses_ptr, kcaop, auth_sg, caop->auth_len, + src_sg, dst_sg, caop->len); ++#else ++ if (caop->auth_src && caop->auth_len > 0) { ++ if (unlikely(copy_from_user(auth_buf, caop->auth_src, caop->auth_len))) { ++ derr(1, "unable to copy auth data from userspace."); ++ ret = -EFAULT; ++ goto free_pages; ++ } ++ ++ sg_init_table(auth1, 2); ++ sg_set_buf(auth1, auth_buf, caop->auth_len); ++ sg_chain(auth1, 2, src_sg); ++ ++ if (src_sg == dst_sg) { ++ src_sg = auth1; ++ dst_sg = auth1; ++ } else { ++ sg_init_table(auth2, 2); ++ sg_set_buf(auth2, auth_buf, caop->auth_len); ++ sg_chain(auth2, 2, dst_sg); ++ src_sg = auth1; ++ dst_sg = auth2; ++ } ++ } ++ ++ ret = auth_n_crypt(ses_ptr, kcaop, NULL, caop->auth_len, ++ src_sg, dst_sg, caop->len); ++#endif + + free_pages: + release_user_pages(ses_ptr); +-- +2.11.0 + |