Skip to content

Commit

Permalink
crypto: tegra - Fix IV usage for AES ECB
Browse files Browse the repository at this point in the history 
Modifying the crypto_request turns out to be not the right way to handle
the stale value issue with the IV. Though the IV is not used for AES ECB,
it eventually get used in algorithms like LRW in the next step after
AES ECB encryption/decryption. Setting req->iv to NULL breaks the
implementation of such algorithms. Hence modify only the local reqctx
to check for IV.

Fixes: bde5582 ("crypto: tegra - Set IV to NULL explicitly for AES ECB")
Signed-off-by: Akhil R <akhilrajeev@nvidia.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
  • Loading branch information
Akhil R authored and Herbert Xu committed Apr 7, 2025
1 parent 0af2f6b commit 1ddaff4
Showing 1 changed file with 1 addition and 4 deletions.
5 changes: 1 addition & 4 deletions drivers/crypto/tegra/tegra-se-aes.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -269,7 +269,7 @@ static int tegra_aes_do_one_req(struct crypto_engine *engine, void *areq)
unsigned int cmdlen, key1_id, key2_id;
int ret;

rctx->iv = (u32 *)req->iv;
rctx->iv = (ctx->alg == SE_ALG_ECB) ? NULL : (u32 *)req->iv;
rctx->len = req->cryptlen;
key1_id = ctx->key1_id;
key2_id = ctx->key2_id;
Expand Down Expand Up @@ -498,9 +498,6 @@ static int tegra_aes_crypt(struct skcipher_request *req, bool encrypt)
if (!req->cryptlen)
return 0;

if (ctx->alg == SE_ALG_ECB)
req->iv = NULL;

rctx->encrypt = encrypt;

return crypto_transfer_skcipher_request_to_engine(ctx->se->engine, req);
Expand Down

0 comments on commit 1ddaff4

Please sign in to comment.