crypto: ccp - Ignore tag length when decrypting GCM ciphertext

commit e2664ecbb2f26225ac6646876f2899558ffb2604 upstream. AES GCM input buffers for decryption contain AAD+CTEXT+TAG. Only decrypt the ciphertext, and use the tag for comparison. Fixes: 36cf515b9bbe2 ("crypto: ccp - Enable support for AES GCM on v5 CCPs") Cc: <stable@vger.kernel.org> Signed-off-by: Gary R Hook <gary.hook@amd.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
author: Gary R Hook <gary.hook@amd.com> 2019-07-30 16:05:26 +0000
committer: Greg Kroah-Hartman <gregkh@linuxfoundation.org> 2019-08-16 10:13:45 +0200
commit: e88103ea43dbb43db5094fa0343d87380b91a204 (patch)
tree: 48a32eeefddac69821c2f3b601c32a66bd3e1ced /drivers/crypto
parent: 45511e4d8940733d31be7a4b81963c629703d8dc (diff)
1 files changed, 1 insertions, 2 deletions
diff --git a/drivers/crypto/ccp/ccp-ops.c b/drivers/crypto/ccp/ccp-ops.c
index abeba386efda..895eb250addb 100644
--- a/drivers/crypto/ccp/ccp-ops.c
+++ b/drivers/crypto/ccp/ccp-ops.c
@@ -752,8 +752,7 @@ static int ccp_run_aes_gcm_cmd(struct ccp_cmd_queue *cmd_q,
 		while (src.sg_wa.bytes_left) {
 			ccp_prepare_data(&src, &dst, &op, AES_BLOCK_SIZE, true);
 			if (!src.sg_wa.bytes_left) {
-				unsigned int nbytes = aes->src_len
-						      % AES_BLOCK_SIZE;
+				unsigned int nbytes = ilen % AES_BLOCK_SIZE;
 
 				if (nbytes) {
 					op.eom = 1;
author	Gary R Hook <gary.hook@amd.com>	2019-07-30 16:05:26 +0000
committer	Greg Kroah-Hartman <gregkh@linuxfoundation.org>	2019-08-16 10:13:45 +0200
commit	e88103ea43dbb43db5094fa0343d87380b91a204 (patch)
tree	48a32eeefddac69821c2f3b601c32a66bd3e1ced /drivers/crypto
parent	45511e4d8940733d31be7a4b81963c629703d8dc (diff)