summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorPascal van Leeuwen <pvanleeuwen@insidesecure.com>2019-07-02 16:39:53 +0200
committerHerbert Xu <herbert@gondor.apana.org.au>2019-07-26 06:51:58 +0200
commit384ce433884af04c2063ec8a0ec0464b3fb6f1d2 (patch)
treeeedc48314e7eddb30b4bcd02a7a577bb5b39236b
parentcrypto: inside-secure - keep ivsize for DES ECB modes at 0 (diff)
downloadlinux-384ce433884af04c2063ec8a0ec0464b3fb6f1d2.tar.xz
linux-384ce433884af04c2063ec8a0ec0464b3fb6f1d2.zip
crypto: inside-secure - silently return -EINVAL for input error cases
Driver was printing an error message for certain input error cases that should just return -EINVAL, which caused the related testmgr extra tests to flood the kernel message log. Ensured those cases remain silent while making some other device-specific errors a bit more verbose. Signed-off-by: Pascal van Leeuwen <pvanleeuwen@verimatrix.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
-rw-r--r--drivers/crypto/inside-secure/safexcel.c25
1 files changed, 20 insertions, 5 deletions
diff --git a/drivers/crypto/inside-secure/safexcel.c b/drivers/crypto/inside-secure/safexcel.c
index df43a2c6933b..045919651272 100644
--- a/drivers/crypto/inside-secure/safexcel.c
+++ b/drivers/crypto/inside-secure/safexcel.c
@@ -589,16 +589,31 @@ finalize:
inline int safexcel_rdesc_check_errors(struct safexcel_crypto_priv *priv,
struct safexcel_result_desc *rdesc)
{
- if (likely(!rdesc->result_data.error_code))
+ if (likely((!rdesc->descriptor_overflow) &&
+ (!rdesc->buffer_overflow) &&
+ (!rdesc->result_data.error_code)))
return 0;
- if (rdesc->result_data.error_code & 0x407f) {
- /* Fatal error (bits 0-7, 14) */
+ if (rdesc->descriptor_overflow)
+ dev_err(priv->dev, "Descriptor overflow detected");
+
+ if (rdesc->buffer_overflow)
+ dev_err(priv->dev, "Buffer overflow detected");
+
+ if (rdesc->result_data.error_code & 0x4067) {
+ /* Fatal error (bits 0,1,2,5,6 & 14) */
dev_err(priv->dev,
- "cipher: result: result descriptor error (0x%x)\n",
+ "result descriptor error (%x)",
rdesc->result_data.error_code);
+ return -EIO;
+ } else if (rdesc->result_data.error_code &
+ (BIT(7) | BIT(4) | BIT(3))) {
+ /*
+ * Give priority over authentication fails:
+ * Blocksize & overflow errors, something wrong with the input!
+ */
return -EINVAL;
- } else if (rdesc->result_data.error_code == BIT(9)) {
+ } else if (rdesc->result_data.error_code & BIT(9)) {
/* Authentication failed */
return -EBADMSG;
}