crypto: inside-secure - silently return -EINVAL for input error cases
authorPascal van Leeuwen <pvanleeuwen@insidesecure.com>
Tue, 2 Jul 2019 14:39:53 +0000 (16:39 +0200)
committerHerbert Xu <herbert@gondor.apana.org.au>
Fri, 26 Jul 2019 04:51:58 +0000 (14:51 +1000)
Driver was printing an error message for certain input error cases that
should just return -EINVAL, which caused the related testmgr extra tests
to flood the kernel message log. Ensured those cases remain silent while
making some other device-specific errors a bit more verbose.

Signed-off-by: Pascal van Leeuwen <pvanleeuwen@verimatrix.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
drivers/crypto/inside-secure/safexcel.c

index df43a2c6933b7fbba757cf2602e0001ed63d01e1..045919651272ebc9e7ee8501d9981d783ce48930 100644 (file)
@@ -589,16 +589,31 @@ finalize:
 inline int safexcel_rdesc_check_errors(struct safexcel_crypto_priv *priv,
                                       struct safexcel_result_desc *rdesc)
 {
-       if (likely(!rdesc->result_data.error_code))
+       if (likely((!rdesc->descriptor_overflow) &&
+                  (!rdesc->buffer_overflow) &&
+                  (!rdesc->result_data.error_code)))
                return 0;
 
-       if (rdesc->result_data.error_code & 0x407f) {
-               /* Fatal error (bits 0-7, 14) */
+       if (rdesc->descriptor_overflow)
+               dev_err(priv->dev, "Descriptor overflow detected");
+
+       if (rdesc->buffer_overflow)
+               dev_err(priv->dev, "Buffer overflow detected");
+
+       if (rdesc->result_data.error_code & 0x4067) {
+               /* Fatal error (bits 0,1,2,5,6 & 14) */
                dev_err(priv->dev,
-                       "cipher: result: result descriptor error (0x%x)\n",
+                       "result descriptor error (%x)",
                        rdesc->result_data.error_code);
+               return -EIO;
+       } else if (rdesc->result_data.error_code &
+                  (BIT(7) | BIT(4) | BIT(3))) {
+               /*
+                * Give priority over authentication fails:
+                * Blocksize & overflow errors, something wrong with the input!
+                */
                return -EINVAL;
-       } else if (rdesc->result_data.error_code == BIT(9)) {
+       } else if (rdesc->result_data.error_code & BIT(9)) {
                /* Authentication failed */
                return -EBADMSG;
        }