diff options
| author | John Baldwin <jhb@FreeBSD.org> | 2021-12-30 01:50:23 +0000 |
|---|---|---|
| committer | John Baldwin <jhb@FreeBSD.org> | 2021-12-30 01:50:23 +0000 |
| commit | 61ff0a1f8145622a4db669715fc04e9358e643a6 (patch) | |
| tree | 44bd026c99b353858cb7210a50bb743f0cc189a4 /sys/opencrypto | |
| parent | c3907ef4826f195b0409e89003da6ed88418cd48 (diff) | |
/dev/crypto: Store blocksize in cse rather than txform pointer.
Reviewed by: markj
Sponsored by: Chelsio Communications
Differential Revision: https://reviews.freebsd.org/D33614
Diffstat (limited to 'sys/opencrypto')
| -rw-r--r-- | sys/opencrypto/cryptodev.c | 29 |
1 files changed, 20 insertions, 9 deletions
diff --git a/sys/opencrypto/cryptodev.c b/sys/opencrypto/cryptodev.c index b8b727653847..a8c9f04e1fb7 100644 --- a/sys/opencrypto/cryptodev.c +++ b/sys/opencrypto/cryptodev.c @@ -269,7 +269,7 @@ struct csession { uint32_t ses; struct mtx lock; /* for op submission */ - const struct enc_xform *txform; + u_int blocksize; int hashsize; int ivsize; @@ -499,7 +499,6 @@ cse_create(struct fcrypt *fcr, struct session2_op *sop) cse->key = key; cse->mackey = mackey; cse->cses = cses; - cse->txform = txform; if (sop->maclen != 0) cse->hashsize = sop->maclen; else if (thash != NULL) @@ -508,6 +507,16 @@ cse_create(struct fcrypt *fcr, struct session2_op *sop) cse->hashsize = txform->macsize; cse->ivsize = csp.csp_ivlen; + /* + * NB: This isn't necessarily the block size of the underlying + * MAC or cipher but is instead a restriction on valid input + * sizes. + */ + if (txform != NULL) + cse->blocksize = txform->blocksize; + else + cse->blocksize = 1; + mtx_lock(&fcr->lock); TAILQ_INSERT_TAIL(&fcr->csessions, cse, next); cse->ses = fcr->sesn++; @@ -635,11 +644,9 @@ cryptodev_op(struct csession *cse, const struct crypt_op *cop) return (E2BIG); } - if (cse->txform) { - if ((cop->len % cse->txform->blocksize) != 0) { - SDT_PROBE1(opencrypto, dev, ioctl, error, __LINE__); - return (EINVAL); - } + if ((cop->len % cse->blocksize) != 0) { + SDT_PROBE1(opencrypto, dev, ioctl, error, __LINE__); + return (EINVAL); } if (cop->mac && cse->hashsize == 0) { @@ -866,8 +873,12 @@ cryptodev_aead(struct csession *cse, struct crypt_aead *caead) return (E2BIG); } - if (cse->txform == NULL || cse->hashsize == 0 || caead->tag == NULL || - (caead->len % cse->txform->blocksize) != 0) { + if ((caead->len % cse->blocksize) != 0) { + SDT_PROBE1(opencrypto, dev, ioctl, error, __LINE__); + return (EINVAL); + } + + if (cse->hashsize == 0 || caead->tag == NULL) { SDT_PROBE1(opencrypto, dev, ioctl, error, __LINE__); return (EINVAL); } |