crypto: talitos – HMAC SNOOP NO AFEU mode requires SW icv checking. [Linux 5.3]

This Linux kernel change "crypto: talitos – HMAC SNOOP NO AFEU mode requires SW icv checking" is included in the Linux 5.3 release. This change is authored by Christophe Leroy <christophe.leroy [at] c-s.fr> on Tue May 21 13:34:15 2019 +0000. The commit for this change in Linux stable tree is 4bbfb83 (patch).

crypto: talitos - HMAC SNOOP NO AFEU mode requires SW icv checking.

In that mode, hardware ICV verification is not supported.

Signed-off-by: Christophe Leroy <christophe.leroy@c-s.fr>
Fixes: 7405c8d7ff97 ("crypto: talitos - templates for AEAD using HMAC_SNOOP_NO_AFEU")
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>

There are 3 lines of Linux source code added/deleted in this change. Code changes to Linux kernel are as follows.

 drivers/crypto/talitos.c | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/drivers/crypto/talitos.c b/drivers/crypto/talitos.c
index a15aa6d..e35581d 100644
--- a/drivers/crypto/talitos.c
+++ b/drivers/crypto/talitos.c
@@ -1545,7 +1545,8 @@ static int aead_decrypt(struct aead_request *req)
    if (IS_ERR(edesc))
        return PTR_ERR(edesc);

-   if ((priv->features & TALITOS_FTR_HW_AUTH_CHECK) &&
+   if ((edesc->desc.hdr & DESC_HDR_TYPE_IPSEC_ESP) &&
+       (priv->features & TALITOS_FTR_HW_AUTH_CHECK) &&
        ((!edesc->src_nents && !edesc->dst_nents) ||
         priv->features & TALITOS_FTR_SRC_LINK_TBL_LEN_INCLUDES_EXTENT)) {

Leave a Reply

Your email address will not be published. Required fields are marked *