crypto: ccp - Ignore tag length when decrypting GCM ciphertext

commit e2664ecbb2f26225ac6646876f2899558ffb2604 upstream. AES GCM input buffers for decryption contain AAD+CTEXT+TAG. Only decrypt the ciphertext, and use the tag for comparison. Fixes: 36cf515b ("crypto: ccp - Enable support for AES GCM on v5 CCPs") Cc: <stable@vger.kernel.org> Signed-off-by: N Gary R Hook <gary.hook@amd.com> Signed-off-by: N Herbert Xu <herbert@gondor.apana.org.au> Signed-off-by: N Greg Kroah-Hartman <gregkh@linuxfoundation.org>

crypto: ccp - Ignore tag length when decrypting GCM ciphertext
commit e2664ecbb2f26225ac6646876f2899558ffb2604 upstream. AES GCM input buffers for decryption contain AAD+CTEXT+TAG. Only decrypt the ciphertext, and use the tag for comparison. Fixes: 36cf515b ("crypto: ccp - Enable support for AES GCM on v5 CCPs") Cc: <stable@vger.kernel.org> Signed-off-by: N Gary R Hook <gary.hook@amd.com> Signed-off-by: N Herbert Xu <herbert@gondor.apana.org.au> Signed-off-by: N Greg Kroah-Hartman <gregkh@linuxfoundation.org>
6dbc3b74 · Gary R Hook · Greg Kroah-Hartman · 30692ede · 6dbc3b74
隐藏空白更改
内联并排

Showing with 1 addition and 2 deletion

drivers/crypto/ccp/ccp-ops.c drivers/crypto/ccp/ccp-ops.c +1 -2

未找到文件。
--- a/drivers/crypto/ccp/ccp-ops.c
+++ b/drivers/crypto/ccp/ccp-ops.c
@@ -785,8 +785,7 @@ static int ccp_run_aes_gcm_cmd(struct ccp_cmd_queue *cmd_q,
 		while (src.sg_wa.bytes_left) {
 			ccp_prepare_data(&src, &dst, &op, AES_BLOCK_SIZE, true);
 			if (!src.sg_wa.bytes_left) {
-				unsigned int nbytes = aes->src_len
+				unsigned int nbytes = ilen % AES_BLOCK_SIZE;
-						      % AES_BLOCK_SIZE;
 				if (nbytes) {
 					op.eom = 1;