From: Wenkai Lin <linwenkai6@hisilicon.com> driver inclusion category: feature bugzilla: https://atomgit.com/openeuler/kernel/issues/9217 CVE: NA ---------------------------------------------------------------------- The IV has been modified for ctr mode and needs to be restored to ensure that subsequent tasks use the correct IV. Signed-off-by: Wenkai Lin <linwenkai6@hisilicon.com> Signed-off-by: Ruibin Deng <dengruibin@h-partners.com> --- drivers/crypto/hisilicon/sec2/sec_crypto.c | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/drivers/crypto/hisilicon/sec2/sec_crypto.c b/drivers/crypto/hisilicon/sec2/sec_crypto.c index 9353948f177a..dbe4fb4cafa5 100644 --- a/drivers/crypto/hisilicon/sec2/sec_crypto.c +++ b/drivers/crypto/hisilicon/sec2/sec_crypto.c @@ -1971,6 +1971,7 @@ static int sec_request_init(struct sec_ctx *ctx, struct sec_req *req) static int sec_process(struct sec_ctx *ctx, struct sec_req *req) { + bool need_copy_iv = false; int ret; ret = sec_request_init(ctx, req); @@ -1983,8 +1984,10 @@ static int sec_process(struct sec_ctx *ctx, struct sec_req *req) /* Output IV as decrypto */ if (!req->c_req.encrypt && (ctx->c_ctx.c_mode == SEC_CMODE_CBC || - ctx->c_ctx.c_mode == SEC_CMODE_CTR)) + ctx->c_ctx.c_mode == SEC_CMODE_CTR)) { + need_copy_iv = true; sec_update_iv(req, ctx->alg_type); + } ret = ctx->req_op->bd_send(ctx, req); if (likely(ret == -EINPROGRESS || ret == -EBUSY)) @@ -1994,7 +1997,7 @@ static int sec_process(struct sec_ctx *ctx, struct sec_req *req) err_send_req: /* As failing, restore the IV from user */ - if (ctx->c_ctx.c_mode == SEC_CMODE_CBC && !req->c_req.encrypt) { + if (need_copy_iv) { if (ctx->alg_type == SEC_SKCIPHER) memcpy(req->c_req.sk_req->iv, req->c_req.c_ivin, ctx->c_ctx.ivsize); -- 2.43.0