diff options
author | Pascal van Leeuwen <pvanleeuwen@insidesecure.com> | 2019-07-02 16:39:53 +0200 |
---|---|---|
committer | Herbert Xu <herbert@gondor.apana.org.au> | 2019-07-26 06:51:58 +0200 |
commit | 384ce433884af04c2063ec8a0ec0464b3fb6f1d2 (patch) | |
tree | eedc48314e7eddb30b4bcd02a7a577bb5b39236b | |
parent | crypto: inside-secure - keep ivsize for DES ECB modes at 0 (diff) | |
download | linux-384ce433884af04c2063ec8a0ec0464b3fb6f1d2.tar.xz linux-384ce433884af04c2063ec8a0ec0464b3fb6f1d2.zip |
crypto: inside-secure - silently return -EINVAL for input error cases
Driver was printing an error message for certain input error cases that
should just return -EINVAL, which caused the related testmgr extra tests
to flood the kernel message log. Ensured those cases remain silent while
making some other device-specific errors a bit more verbose.
Signed-off-by: Pascal van Leeuwen <pvanleeuwen@verimatrix.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
-rw-r--r-- | drivers/crypto/inside-secure/safexcel.c | 25 |
1 files changed, 20 insertions, 5 deletions
diff --git a/drivers/crypto/inside-secure/safexcel.c b/drivers/crypto/inside-secure/safexcel.c index df43a2c6933b..045919651272 100644 --- a/drivers/crypto/inside-secure/safexcel.c +++ b/drivers/crypto/inside-secure/safexcel.c @@ -589,16 +589,31 @@ finalize: inline int safexcel_rdesc_check_errors(struct safexcel_crypto_priv *priv, struct safexcel_result_desc *rdesc) { - if (likely(!rdesc->result_data.error_code)) + if (likely((!rdesc->descriptor_overflow) && + (!rdesc->buffer_overflow) && + (!rdesc->result_data.error_code))) return 0; - if (rdesc->result_data.error_code & 0x407f) { - /* Fatal error (bits 0-7, 14) */ + if (rdesc->descriptor_overflow) + dev_err(priv->dev, "Descriptor overflow detected"); + + if (rdesc->buffer_overflow) + dev_err(priv->dev, "Buffer overflow detected"); + + if (rdesc->result_data.error_code & 0x4067) { + /* Fatal error (bits 0,1,2,5,6 & 14) */ dev_err(priv->dev, - "cipher: result: result descriptor error (0x%x)\n", + "result descriptor error (%x)", rdesc->result_data.error_code); + return -EIO; + } else if (rdesc->result_data.error_code & + (BIT(7) | BIT(4) | BIT(3))) { + /* + * Give priority over authentication fails: + * Blocksize & overflow errors, something wrong with the input! + */ return -EINVAL; - } else if (rdesc->result_data.error_code == BIT(9)) { + } else if (rdesc->result_data.error_code & BIT(9)) { /* Authentication failed */ return -EBADMSG; } |