crypto: marvell - Don't corrupt state of an STD req for re-stepped ahash

mv_cesa_hash_std_step() copies the creq->state into the SRAM at each
step, but this is only required on the first one. By doing that, we
overwrite the engine state, and get erroneous results when the crypto
request is split in several chunks to fit in the internal SRAM.

This commit changes the function to copy the state only on the first
step.

Fixes: commit 2786cee8e50b ("crypto: marvell - Move SRAM I/O op...")
Signed-off-by: Romain Perier <romain.perier@free-electrons.com>
Cc: <stable@vger.kernel.org>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>

diff --git a/drivers/crypto/marvell/hash.c b/drivers/crypto/marvell/hash.c
index daff388..77712b3 100644 (file)
--- a/drivers/crypto/marvell/hash.c
+++ b/drivers/crypto/marvell/hash.c
@@ -168,9 +168,11 @@ static void mv_cesa_ahash_std_step(struct ahash_request *req)
        mv_cesa_adjust_op(engine, &creq->op_tmpl);
        memcpy_toio(engine->sram, &creq->op_tmpl, sizeof(creq->op_tmpl));
 
-       digsize = crypto_ahash_digestsize(crypto_ahash_reqtfm(req));
-       for (i = 0; i < digsize / 4; i++)
-               writel_relaxed(creq->state[i], engine->regs + CESA_IVDIG(i));
+       if (!sreq->offset) {
+               digsize = crypto_ahash_digestsize(crypto_ahash_reqtfm(req));
+               for (i = 0; i < digsize / 4; i++)
+                       writel_relaxed(creq->state[i], engine->regs + CESA_IVDIG(i));
+       }
 
        if (creq->cache_ptr)
                memcpy_toio(engine->sram + CESA_SA_DATA_SRAM_OFFSET,