Openwrt/target/linux/ipq40xx/patches-5.4/0009-v5.6-crypto-qce-fix-xts-aes-qce-key-sizes.patch

From 7de4c2bd196f111e39cc60f6197654aff23ba2b4 Mon Sep 17 00:00:00 2001
From: Eneas U de Queiroz <cotequeiroz@gmail.com>
Date: Fri, 20 Dec 2019 16:02:14 -0300
Subject: [PATCH 03/11] crypto: qce - fix xts-aes-qce key sizes

XTS-mode uses two keys, so the keysizes should be doubled in
skcipher_def, and halved when checking if it is AES-128/192/256.

Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
---
 drivers/crypto/qce/skcipher.c | 13 ++++++++-----
 1 file changed, 8 insertions(+), 5 deletions(-)

--- a/drivers/crypto/qce/skcipher.c
+++ b/drivers/crypto/qce/skcipher.c
@@ -154,12 +154,13 @@ static int qce_skcipher_setkey(struct cr
 {
 	struct crypto_tfm *tfm = crypto_skcipher_tfm(ablk);
 	struct qce_cipher_ctx *ctx = crypto_tfm_ctx(tfm);
+	unsigned long flags = to_cipher_tmpl(ablk)->alg_flags;
 	int ret;
 
 	if (!key || !keylen)
 		return -EINVAL;
 
-	switch (keylen) {
+	switch (IS_XTS(flags) ? keylen >> 1 : keylen) {
 	case AES_KEYSIZE_128:
 	case AES_KEYSIZE_256:
 		break;
@@ -213,13 +214,15 @@ static int qce_skcipher_crypt(struct skc
 	struct qce_cipher_ctx *ctx = crypto_skcipher_ctx(tfm);
 	struct qce_cipher_reqctx *rctx = skcipher_request_ctx(req);
 	struct qce_alg_template *tmpl = to_cipher_tmpl(tfm);
+	int keylen;
 	int ret;
 
 	rctx->flags = tmpl->alg_flags;
 	rctx->flags |= encrypt ? QCE_ENCRYPT : QCE_DECRYPT;
+	keylen = IS_XTS(rctx->flags) ? ctx->enc_keylen >> 1 : ctx->enc_keylen;
 
-	if (IS_AES(rctx->flags) && ctx->enc_keylen != AES_KEYSIZE_128 &&
-	    ctx->enc_keylen != AES_KEYSIZE_256) {
+	if (IS_AES(rctx->flags) && keylen != AES_KEYSIZE_128 &&
+	    keylen != AES_KEYSIZE_256) {
 		SYNC_SKCIPHER_REQUEST_ON_STACK(subreq, ctx->fallback);
 
 		skcipher_request_set_sync_tfm(subreq, ctx->fallback);
@@ -311,8 +314,8 @@ static const struct qce_skcipher_def skc
 		.drv_name	= "xts-aes-qce",
 		.blocksize	= AES_BLOCK_SIZE,
 		.ivsize		= AES_BLOCK_SIZE,
-		.min_keysize	= AES_MIN_KEY_SIZE,
-		.max_keysize	= AES_MAX_KEY_SIZE,
+		.min_keysize	= AES_MIN_KEY_SIZE * 2,
+		.max_keysize	= AES_MAX_KEY_SIZE * 2,
 	},
 	{
 		.flags		= QCE_ALG_DES | QCE_MODE_ECB,
ipq40xx: qce - add fixes for AES ciphers This backports commits from master that fix AES ciphers when using the qce driver: - A couple of simple fixes for CTR and XTS modes used with AES: * 041-crypto-qce-fix-ctr-aes-qce-block-chunk-sizes.patch * 042-crypto-qce-fix-xts-aes-qce-key-sizes.patch - A fix for a bug that affected cases when there were more entries in the input sg list than necessary to actually encrypt, resulting in failure in gcm, where the authentication tag is present after the encryption data: * 043-crypto-qce-save-a-sg-table-slot-for-result-buf.patch - A fix to update the IV buffer passed to the driver from the kernel: * 044-crypto-qce-update-the-skcipher-IV.patch - A patch that reduces memory footprint and driver initialization by only initializing the fallback mechanism where it is actually used: * 046-crypto-qce-initialize-fallback-only-for-AES.patch - Three patches that make gcm and xts modes work with the qce driver, and improve performance with small blocks: * 047-crypto-qce-use-cryptlen-when-adding-extra-sgl.patch * 048-crypto-qce-use-AES-fallback-for-small-requests.patch * 049-crypto-qce-handle-AES-XTS-cases-that-qce-fails.patch - A patch that allows the hashes/ciphers to be built individually. * 051-crypto-qce-allow-building-only-hashes-ciphers.patch Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com> [renumbered patches, added patches from dropped commit, refreshed, 5.4] Signed-off-by: Christian Lamparter <chunkeey@gmail.com> 2019-12-20 13:52:17 +00:00			`From 7de4c2bd196f111e39cc60f6197654aff23ba2b4 Mon Sep 17 00:00:00 2001`
			`From: Eneas U de Queiroz <cotequeiroz@gmail.com>`
			`Date: Fri, 20 Dec 2019 16:02:14 -0300`
			`Subject: [PATCH 03/11] crypto: qce - fix xts-aes-qce key sizes`

			`XTS-mode uses two keys, so the keysizes should be doubled in`
			`skcipher_def, and halved when checking if it is AES-128/192/256.`

			`Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>`
			`Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>`
			`---`
			`drivers/crypto/qce/skcipher.c \| 13 ++++++++-----`
			`1 file changed, 8 insertions(+), 5 deletions(-)`

			`--- a/drivers/crypto/qce/skcipher.c`
			`+++ b/drivers/crypto/qce/skcipher.c`
			`@@ -154,12 +154,13 @@ static int qce_skcipher_setkey(struct cr`
			`{`
			`struct crypto_tfm *tfm = crypto_skcipher_tfm(ablk);`
			`struct qce_cipher_ctx *ctx = crypto_tfm_ctx(tfm);`
			`+ unsigned long flags = to_cipher_tmpl(ablk)->alg_flags;`
			`int ret;`

			`if (!key \|\| !keylen)`
			`return -EINVAL;`

			`- switch (keylen) {`
			`+ switch (IS_XTS(flags) ? keylen >> 1 : keylen) {`
			`case AES_KEYSIZE_128:`
			`case AES_KEYSIZE_256:`
			`break;`
			`@@ -213,13 +214,15 @@ static int qce_skcipher_crypt(struct skc`
			`struct qce_cipher_ctx *ctx = crypto_skcipher_ctx(tfm);`
			`struct qce_cipher_reqctx *rctx = skcipher_request_ctx(req);`
			`struct qce_alg_template *tmpl = to_cipher_tmpl(tfm);`
			`+ int keylen;`
			`int ret;`

			`rctx->flags = tmpl->alg_flags;`
			`rctx->flags \|= encrypt ? QCE_ENCRYPT : QCE_DECRYPT;`
			`+ keylen = IS_XTS(rctx->flags) ? ctx->enc_keylen >> 1 : ctx->enc_keylen;`

			`- if (IS_AES(rctx->flags) && ctx->enc_keylen != AES_KEYSIZE_128 &&`
			`- ctx->enc_keylen != AES_KEYSIZE_256) {`
			`+ if (IS_AES(rctx->flags) && keylen != AES_KEYSIZE_128 &&`
			`+ keylen != AES_KEYSIZE_256) {`
			`SYNC_SKCIPHER_REQUEST_ON_STACK(subreq, ctx->fallback);`

			`skcipher_request_set_sync_tfm(subreq, ctx->fallback);`
			`@@ -311,8 +314,8 @@ static const struct qce_skcipher_def skc`
			`.drv_name = "xts-aes-qce",`
			`.blocksize = AES_BLOCK_SIZE,`
			`.ivsize = AES_BLOCK_SIZE,`
			`- .min_keysize = AES_MIN_KEY_SIZE,`
			`- .max_keysize = AES_MAX_KEY_SIZE,`
			`+ .min_keysize = AES_MIN_KEY_SIZE * 2,`
			`+ .max_keysize = AES_MAX_KEY_SIZE * 2,`
			`},`
			`{`
			`.flags = QCE_ALG_DES \| QCE_MODE_ECB,`