diff options
| author | Marcelo Cerri <mhcerri@linux.vnet.ibm.com> | 2013-08-12 18:49:37 -0300 |
|---|---|---|
| committer | Herbert Xu <herbert@gondor.apana.org.au> | 2013-08-14 20:42:04 +1000 |
| commit | c849163b80c05f4567b1adef5db7f377460f88cd (patch) | |
| tree | b7e3e40e463ed921040c1049212e40132103c536 /drivers/crypto/nx/nx-aes-ccm.c | |
| parent | f22d08111a1d23f7432ee8d9c2dd637deb6963bd (diff) | |
| download | linux-c849163b80c05f4567b1adef5db7f377460f88cd.tar.bz2 | |
crypto: nx - fix concurrency issue
The NX driver uses the transformation context to store several fields
containing data related to the state of the operations in progress.
Since a single tfm can be used by different kernel threads at the same
time, we need to protect the data stored into the context.
This patch makes use of spin locks to protect the data where a race
condition can happen.
Reviewed-by: Fionnuala Gunter <fin@linux.vnet.ibm.com>
Reviewed-by: Joy Latten <jmlatten@linux.vnet.ibm.com>
Signed-off-by: Marcelo Cerri <mhcerri@linux.vnet.ibm.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Diffstat (limited to 'drivers/crypto/nx/nx-aes-ccm.c')
| -rw-r--r-- | drivers/crypto/nx/nx-aes-ccm.c | 20 |
1 files changed, 16 insertions, 4 deletions
diff --git a/drivers/crypto/nx/nx-aes-ccm.c b/drivers/crypto/nx/nx-aes-ccm.c index ef5eae6d1400..39d42245bc79 100644 --- a/drivers/crypto/nx/nx-aes-ccm.c +++ b/drivers/crypto/nx/nx-aes-ccm.c @@ -271,10 +271,15 @@ static int ccm_nx_decrypt(struct aead_request *req, unsigned int nbytes = req->cryptlen; unsigned int authsize = crypto_aead_authsize(crypto_aead_reqtfm(req)); struct nx_ccm_priv *priv = &nx_ctx->priv.ccm; + unsigned long irq_flags; int rc = -1; - if (nbytes > nx_ctx->ap->databytelen) - return -EINVAL; + spin_lock_irqsave(&nx_ctx->lock, irq_flags); + + if (nbytes > nx_ctx->ap->databytelen) { + rc = -EINVAL; + goto out; + } nbytes -= authsize; @@ -308,6 +313,7 @@ static int ccm_nx_decrypt(struct aead_request *req, rc = memcmp(csbcpb->cpb.aes_ccm.out_pat_or_mac, priv->oauth_tag, authsize) ? -EBADMSG : 0; out: + spin_unlock_irqrestore(&nx_ctx->lock, irq_flags); return rc; } @@ -318,10 +324,15 @@ static int ccm_nx_encrypt(struct aead_request *req, struct nx_csbcpb *csbcpb = nx_ctx->csbcpb; unsigned int nbytes = req->cryptlen; unsigned int authsize = crypto_aead_authsize(crypto_aead_reqtfm(req)); + unsigned long irq_flags; int rc = -1; - if (nbytes > nx_ctx->ap->databytelen) - return -EINVAL; + spin_lock_irqsave(&nx_ctx->lock, irq_flags); + + if (nbytes > nx_ctx->ap->databytelen) { + rc = -EINVAL; + goto out; + } rc = generate_pat(desc->info, req, nx_ctx, authsize, nbytes, csbcpb->cpb.aes_ccm.in_pat_or_b0); @@ -350,6 +361,7 @@ static int ccm_nx_encrypt(struct aead_request *req, req->dst, nbytes, authsize, SCATTERWALK_TO_SG); out: + spin_unlock_irqrestore(&nx_ctx->lock, irq_flags); return rc; } |