]> git.ipfire.org Git - thirdparty/kernel/stable.git/commitdiff
crypto: tegra - Use HMAC fallback when keyslots are full
authorAkhil R <akhilrajeev@nvidia.com>
Mon, 24 Feb 2025 09:16:10 +0000 (14:46 +0530)
committerGreg Kroah-Hartman <gregkh@linuxfoundation.org>
Thu, 10 Apr 2025 12:39:17 +0000 (14:39 +0200)
[ Upstream commit f80a2e2e77bedd0aa645a60f89b4f581c70accda ]

The intermediate results for HMAC is stored in the allocated keyslot by
the hardware. Dynamic allocation of keyslot during an operation is hence
not possible. As the number of keyslots are limited in the hardware,
fallback to the HMAC software implementation if keyslots are not available

Fixes: 0880bb3b00c8 ("crypto: tegra - Add Tegra Security Engine driver")
Signed-off-by: Akhil R <akhilrajeev@nvidia.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Signed-off-by: Sasha Levin <sashal@kernel.org>
drivers/crypto/tegra/tegra-se-hash.c

index 5aead114bd9679cfbf17c2577432e77bf9de3434..726e30c0e63ebb8fba32f9558015aad548527784 100644 (file)
@@ -567,13 +567,18 @@ static int tegra_hmac_setkey(struct crypto_ahash *tfm, const u8 *key,
                             unsigned int keylen)
 {
        struct tegra_sha_ctx *ctx = crypto_ahash_ctx(tfm);
+       int ret;
 
        if (aes_check_keylen(keylen))
                return tegra_hmac_fallback_setkey(ctx, key, keylen);
 
+       ret = tegra_key_submit(ctx->se, key, keylen, ctx->alg, &ctx->key_id);
+       if (ret)
+               return tegra_hmac_fallback_setkey(ctx, key, keylen);
+
        ctx->fallback = false;
 
-       return tegra_key_submit(ctx->se, key, keylen, ctx->alg, &ctx->key_id);
+       return 0;
 }
 
 static int tegra_sha_update(struct ahash_request *req)