crypto: talitos - HMAC SNOOP NO AFEU mode requires SW icv checking.
authorChristophe Leroy <christophe.leroy@c-s.fr>
Tue, 21 May 2019 13:34:15 +0000 (13:34 +0000)
committerGreg Kroah-Hartman <gregkh@linuxfoundation.org>
Sat, 21 Sep 2019 05:14:07 +0000 (07:14 +0200)
commit 4bbfb839259a9c96a0be872e16f7471b7136aee5 upstream.

In that mode, hardware ICV verification is not supported.

Signed-off-by: Christophe Leroy <christophe.leroy@c-s.fr>
Fixes: 7405c8d7ff97 ("crypto: talitos - templates for AEAD using HMAC_SNOOP_NO_AFEU")
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
drivers/crypto/talitos.c

index 4c8fee7..30f8bbe 100644 (file)
@@ -1475,7 +1475,8 @@ static int aead_decrypt(struct aead_request *req)
        if (IS_ERR(edesc))
                return PTR_ERR(edesc);
 
-       if ((priv->features & TALITOS_FTR_HW_AUTH_CHECK) &&
+       if ((edesc->desc.hdr & DESC_HDR_TYPE_IPSEC_ESP) &&
+           (priv->features & TALITOS_FTR_HW_AUTH_CHECK) &&
            ((!edesc->src_nents && !edesc->dst_nents) ||
             priv->features & TALITOS_FTR_SRC_LINK_TBL_LEN_INCLUDES_EXTENT)) {