Message ID | 1627701996-4589-3-git-send-email-yekai13@huawei.com (mailing list archive) |
---|---|
State | Changes Requested |
Delegated to: | Herbert Xu |
Headers | show |
Series | crypto: hisilicon - some misc bugfix for SEC engine | expand |
On Sat, Jul 31, 2021 at 11:26:33AM +0800, Kai Ye wrote: > Modify the print of information that might lead to user misunderstanding. > Currently only XTS mode need the fallback tfm when using 192bit key. > Others algs not need soft fallback tfm. So others algs can return > directly. > > Signed-off-by: Kai Ye <yekai13@huawei.com> > --- > drivers/crypto/hisilicon/sec2/sec_crypto.c | 15 +++++++-------- > 1 file changed, 7 insertions(+), 8 deletions(-) I don't think this is a good change. > @@ -2032,13 +2032,12 @@ static int sec_skcipher_soft_crypto(struct sec_ctx *ctx, > struct skcipher_request *sreq, bool encrypt) > { > struct sec_cipher_ctx *c_ctx = &ctx->c_ctx; > + SYNC_SKCIPHER_REQUEST_ON_STACK(subreq, c_ctx->fbtfm); > struct device *dev = ctx->dev; > int ret; > > - SYNC_SKCIPHER_REQUEST_ON_STACK(subreq, c_ctx->fbtfm); > - > if (!c_ctx->fbtfm) { > - dev_err(dev, "failed to check fallback tfm\n"); > + dev_err(dev, "the soft tfm isn't supported in the current system.\n"); If we end up in this code path you'll be spamming the printk buffer on every single request. This is not acceptable. At least rate limit these messages. Thanks,
diff --git a/drivers/crypto/hisilicon/sec2/sec_crypto.c b/drivers/crypto/hisilicon/sec2/sec_crypto.c index bf93c98..b3ac1bd 100644 --- a/drivers/crypto/hisilicon/sec2/sec_crypto.c +++ b/drivers/crypto/hisilicon/sec2/sec_crypto.c @@ -641,15 +641,15 @@ static int sec_skcipher_fbtfm_init(struct crypto_skcipher *tfm) struct sec_cipher_ctx *c_ctx = &ctx->c_ctx; c_ctx->fallback = false; + + /* Currently, only XTS mode need fallback tfm when using 192bit key */ if (likely(strncmp(alg, "xts", SEC_XTS_NAME_SZ))) return 0; c_ctx->fbtfm = crypto_alloc_sync_skcipher(alg, 0, CRYPTO_ALG_NEED_FALLBACK); - if (IS_ERR(c_ctx->fbtfm)) { - pr_err("failed to alloc fallback tfm!\n"); - return PTR_ERR(c_ctx->fbtfm); - } + if (IS_ERR(c_ctx->fbtfm)) + c_ctx->fbtfm = NULL; return 0; } @@ -808,7 +808,7 @@ static int sec_skcipher_setkey(struct crypto_skcipher *tfm, const u8 *key, } memcpy(c_ctx->c_key, key, keylen); - if (c_ctx->fallback) { + if (c_ctx->fallback && c_ctx->fbtfm) { ret = crypto_sync_skcipher_setkey(c_ctx->fbtfm, key, keylen); if (ret) { dev_err(dev, "failed to set fallback skcipher key!\n"); @@ -2032,13 +2032,12 @@ static int sec_skcipher_soft_crypto(struct sec_ctx *ctx, struct skcipher_request *sreq, bool encrypt) { struct sec_cipher_ctx *c_ctx = &ctx->c_ctx; + SYNC_SKCIPHER_REQUEST_ON_STACK(subreq, c_ctx->fbtfm); struct device *dev = ctx->dev; int ret; - SYNC_SKCIPHER_REQUEST_ON_STACK(subreq, c_ctx->fbtfm); - if (!c_ctx->fbtfm) { - dev_err(dev, "failed to check fallback tfm\n"); + dev_err(dev, "the soft tfm isn't supported in the current system.\n"); return -EINVAL; }
Modify the print of information that might lead to user misunderstanding. Currently only XTS mode need the fallback tfm when using 192bit key. Others algs not need soft fallback tfm. So others algs can return directly. Signed-off-by: Kai Ye <yekai13@huawei.com> --- drivers/crypto/hisilicon/sec2/sec_crypto.c | 15 +++++++-------- 1 file changed, 7 insertions(+), 8 deletions(-)