diff options
author | Kim Phillips <kim.phillips@freescale.com> | 2008-09-14 16:41:19 -0400 |
---|---|---|
committer | Herbert Xu <herbert@gondor.apana.org.au> | 2008-09-14 16:41:19 -0400 |
commit | ba95487df97f9c45cfdae2a47de56235e7a13dc5 (patch) | |
tree | e8581dd7fb9951f3baf0cb6d687a5bd65644df6d /drivers/crypto/talitos.c | |
parent | 6bfb09a1005193be5c81ebac9f3ef85210142650 (diff) |
crypto: talitos - Avoid consecutive packets going out with same IV
The SEC's h/w IV out implementation DMAs the trailing encrypted payload
block of the last encryption to ctx->iv. Since the last encryption may
still be pending completion, we can sufficiently prevent successive
packets from being transmitted with the same IV by xoring with sequence
number.
Also initialize alg_list earlier to prevent oopsing on a failed probe.
Signed-off-by: Kim Phillips <kim.phillips@freescale.com>
Signed-off-by: Lee Nipper <lee.nipper@freescale.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Diffstat (limited to 'drivers/crypto/talitos.c')
-rw-r--r-- | drivers/crypto/talitos.c | 6 |
1 files changed, 4 insertions, 2 deletions
diff --git a/drivers/crypto/talitos.c b/drivers/crypto/talitos.c index ee827a7f7c6a..b6ad3ac5916e 100644 --- a/drivers/crypto/talitos.c +++ b/drivers/crypto/talitos.c | |||
@@ -1157,6 +1157,8 @@ static int aead_authenc_givencrypt( | |||
1157 | edesc->desc.hdr = ctx->desc_hdr_template | DESC_HDR_MODE0_ENCRYPT; | 1157 | edesc->desc.hdr = ctx->desc_hdr_template | DESC_HDR_MODE0_ENCRYPT; |
1158 | 1158 | ||
1159 | memcpy(req->giv, ctx->iv, crypto_aead_ivsize(authenc)); | 1159 | memcpy(req->giv, ctx->iv, crypto_aead_ivsize(authenc)); |
1160 | /* avoid consecutive packets going out with same IV */ | ||
1161 | *(__be64 *)req->giv ^= cpu_to_be64(req->seq); | ||
1160 | 1162 | ||
1161 | return ipsec_esp(edesc, areq, req->giv, req->seq, | 1163 | return ipsec_esp(edesc, areq, req->giv, req->seq, |
1162 | ipsec_esp_encrypt_done); | 1164 | ipsec_esp_encrypt_done); |
@@ -1449,6 +1451,8 @@ static int talitos_probe(struct of_device *ofdev, | |||
1449 | 1451 | ||
1450 | priv->ofdev = ofdev; | 1452 | priv->ofdev = ofdev; |
1451 | 1453 | ||
1454 | INIT_LIST_HEAD(&priv->alg_list); | ||
1455 | |||
1452 | tasklet_init(&priv->done_task, talitos_done, (unsigned long)dev); | 1456 | tasklet_init(&priv->done_task, talitos_done, (unsigned long)dev); |
1453 | tasklet_init(&priv->error_task, talitos_error, (unsigned long)dev); | 1457 | tasklet_init(&priv->error_task, talitos_error, (unsigned long)dev); |
1454 | 1458 | ||
@@ -1575,8 +1579,6 @@ static int talitos_probe(struct of_device *ofdev, | |||
1575 | } | 1579 | } |
1576 | 1580 | ||
1577 | /* register crypto algorithms the device supports */ | 1581 | /* register crypto algorithms the device supports */ |
1578 | INIT_LIST_HEAD(&priv->alg_list); | ||
1579 | |||
1580 | for (i = 0; i < ARRAY_SIZE(driver_algs); i++) { | 1582 | for (i = 0; i < ARRAY_SIZE(driver_algs); i++) { |
1581 | if (hw_supports(dev, driver_algs[i].desc_hdr_template)) { | 1583 | if (hw_supports(dev, driver_algs[i].desc_hdr_template)) { |
1582 | struct talitos_crypto_alg *t_alg; | 1584 | struct talitos_crypto_alg *t_alg; |