[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <AM0PR04MB6004B49C47CA3E8F264812DCE7FCA@AM0PR04MB6004.eurprd04.prod.outlook.com>
Date: Mon, 25 Sep 2023 09:03:52 +0000
From: Gaurav Jain <gaurav.jain@....com>
To: Kamlesh Gurudasani <kamlesh@...com>,
Eric Biggers <ebiggers@...nel.org>
CC: Horia Geanta <horia.geanta@....com>,
Pankaj Gupta <pankaj.gupta@....com>,
Varun Sethi <V.Sethi@....com>,
Meenakshi Aggarwal <meenakshi.aggarwal@....com>,
Herbert Xu <herbert@...dor.apana.org.au>,
"David S . Miller" <davem@...emloft.net>,
Aisheng Dong <aisheng.dong@....com>,
Silvano Di Ninno <silvano.dininno@....com>,
"linux-crypto@...r.kernel.org" <linux-crypto@...r.kernel.org>,
"linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>,
dl-linux-imx <linux-imx@....com>
Subject: RE: [EXTERNAL] RE: [EXT] Re: [PATCH] crypto: caam/jr - fix Chacha20 +
Poly1305 self test failure
Hi Kamlesh
> -----Original Message-----
> From: Kamlesh Gurudasani <kamlesh@...com>
> Sent: Friday, September 22, 2023 12:47 PM
> To: Gaurav Jain <gaurav.jain@....com>; Eric Biggers <ebiggers@...nel.org>
> Cc: Horia Geanta <horia.geanta@....com>; Pankaj Gupta
> <pankaj.gupta@....com>; Varun Sethi <V.Sethi@....com>; Meenakshi
> Aggarwal <meenakshi.aggarwal@....com>; Herbert Xu
> <herbert@...dor.apana.org.au>; David S . Miller <davem@...emloft.net>;
> Aisheng Dong <aisheng.dong@....com>; Silvano Di Ninno
> <silvano.dininno@....com>; linux-crypto@...r.kernel.org; linux-
> kernel@...r.kernel.org; dl-linux-imx <linux-imx@....com>
> Subject: Re: [EXTERNAL] RE: [EXT] Re: [PATCH] crypto: caam/jr - fix Chacha20 +
> Poly1305 self test failure
>
> Caution: This is an external email. Please take care when clicking links or
> opening attachments. When in doubt, report the message using the 'Report this
> email' button
>
>
> Gaurav Jain <gaurav.jain@....com> writes:
>
> > Hi Eric
> >
> >> -----Original Message-----
> >> From: Eric Biggers <ebiggers@...nel.org>
> >> Sent: Friday, September 22, 2023 8:11 AM
> >> To: Gaurav Jain <gaurav.jain@....com>
> >> Cc: Horia Geanta <horia.geanta@....com>; Pankaj Gupta
> >> <pankaj.gupta@....com>; Varun Sethi <V.Sethi@....com>; Meenakshi
> >> Aggarwal <meenakshi.aggarwal@....com>; Herbert Xu
> >> <herbert@...dor.apana.org.au>; David S . Miller
> >> <davem@...emloft.net>; Aisheng Dong <aisheng.dong@....com>; Silvano
> >> Di Ninno <silvano.dininno@....com>; linux-crypto@...r.kernel.org;
> >> linux- kernel@...r.kernel.org; dl-linux-imx <linux-imx@....com>
> >> Subject: [EXT] Re: [PATCH] crypto: caam/jr - fix Chacha20 + Poly1305
> >> self test failure
> >>
> >> Caution: This is an external email. Please take care when clicking
> >> links or opening attachments. When in doubt, report the message using
> >> the 'Report this email' button
> >>
> >>
> >> On Thu, Sep 21, 2023 at 06:12:37PM +0530, Gaurav Jain wrote:
> >> > key buffer is not copied in chachapoly_setkey function, results in
> >> > wrong output for encryption/decryption operation.
> >> >
> >> > fix this by memcpy the key in caam_ctx key arrary
> Not sure, but do you mean array*?
>
> >> >
> >> > Fixes: d6bbd4eea243 ("crypto: caam/jr - add support for Chacha20 +
> >> > Poly1305")
> >> > Signed-off-by: Gaurav Jain <gaurav.jain@....com>
> >> > ---
> >> > drivers/crypto/caam/caamalg.c | 3 ++-
> >> > 1 file changed, 2 insertions(+), 1 deletion(-)
> >> >
> >> > diff --git a/drivers/crypto/caam/caamalg.c
> >> > b/drivers/crypto/caam/caamalg.c index eba2d750c3b0..066f08a3a040
> >> > 100644
> >> > --- a/drivers/crypto/caam/caamalg.c
> >> > +++ b/drivers/crypto/caam/caamalg.c
> >> > @@ -575,7 +575,8 @@ static int chachapoly_setkey(struct crypto_aead
> >> > *aead,
> >> const u8 *key,
> >> > if (keylen != CHACHA_KEY_SIZE + saltlen)
> >> > return -EINVAL;
> >> >
> >> > - ctx->cdata.key_virt = key;
> >> > + memcpy(ctx->key, key, keylen);
> >> > + ctx->cdata.key_virt = ctx->key;
> >> > ctx->cdata.keylen = keylen - saltlen;
> >> >
> >>
> >> Huh, so this driver just ignored the key? Is anyone using the
> >> ChaCha20Poly1305 support in this driver? Based on this bug existing,
> >> that seems unlikely. If that's the case, wouldn't it be better just
> >> to remove the ChaCha20Poly1305 support from this driver so that the code
> doesn't need to be maintained?
> >
> > This algorithm is used in IPSEC and we are also going to use
> ChaCha20Poly1305 support for Kernel TLS.
> > Gaurav
> Does this mean IPSEC doesn't call setkey() or the key value was such that it didn't
> affect even after failing to actually set the key?
Our test passed with older kernel versions, This issue was caught in testing with the latest kernel version only.
Regards
Gaurav
>
> -Kamlesh
Powered by blists - more mailing lists