From patchwork Fri Apr 15 11:22:34 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Gaurav Jain X-Patchwork-Id: 1617758 X-Patchwork-Delegate: sbabic@denx.de Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: bilbo.ozlabs.org; dkim=pass (1024-bit key; unprotected) header.d=nxp.com header.i=@nxp.com header.a=rsa-sha256 header.s=selector2 header.b=Vbri4CEy; dkim-atps=neutral Authentication-Results: ozlabs.org; spf=pass (sender SPF authorized) smtp.mailfrom=lists.denx.de (client-ip=2a01:238:438b:c500:173d:9f52:ddab:ee01; helo=phobos.denx.de; envelope-from=u-boot-bounces@lists.denx.de; receiver=) Received: from phobos.denx.de (phobos.denx.de [IPv6:2a01:238:438b:c500:173d:9f52:ddab:ee01]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits)) (No client certificate requested) by bilbo.ozlabs.org (Postfix) with ESMTPS id 4Kfv8P5mMZz9sFq for ; Fri, 15 Apr 2022 21:23:17 +1000 (AEST) Received: from h2850616.stratoserver.net (localhost [IPv6:::1]) by phobos.denx.de (Postfix) with ESMTP id 4D2B58191C; Fri, 15 Apr 2022 13:23:08 +0200 (CEST) Authentication-Results: phobos.denx.de; dmarc=pass (p=none dis=none) header.from=nxp.com Authentication-Results: phobos.denx.de; spf=pass smtp.mailfrom=u-boot-bounces@lists.denx.de Authentication-Results: phobos.denx.de; dkim=pass (1024-bit key; unprotected) header.d=nxp.com header.i=@nxp.com header.b="Vbri4CEy"; dkim-atps=neutral Received: by phobos.denx.de (Postfix, from userid 109) id 7091D83923; Fri, 15 Apr 2022 13:23:06 +0200 (CEST) X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on phobos.denx.de X-Spam-Level: X-Spam-Status: No, score=-1.1 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,FORGED_SPF_HELO,SPF_HELO_PASS, T_SCC_BODY_TEXT_LINE,T_SPF_PERMERROR autolearn=no autolearn_force=no version=3.4.2 Received: from EUR05-AM6-obe.outbound.protection.outlook.com (mail-am6eur05on2062b.outbound.protection.outlook.com [IPv6:2a01:111:f400:7e1b::62b]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by phobos.denx.de (Postfix) with ESMTPS id BE8488191C for ; Fri, 15 Apr 2022 13:23:03 +0200 (CEST) Authentication-Results: phobos.denx.de; dmarc=pass (p=none dis=none) header.from=nxp.com Authentication-Results: phobos.denx.de; spf=pass smtp.mailfrom=gaurav.jain@nxp.com ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=TuXCAfWNZBk7wRZ0L7Wlye/MBztnC5t/5vM+ySpIId7diZ7Cn9zEFNSmsR/6gKq2OgYLoePj9NigK2W+QJKaNbaga4yngEqzRNSg1MmlWiZh6ISDz3Sn/OTsX8kNPUw7LCFYzynPBFfOEt/HEJ5dl78gPLapXEBp+5oLvMvzRAkDm6jkxMrbb7dk7YCAYEDt2FftQMBd3W++GeSG71QmLqV9cWm9ma4z5sbpjXeRj/0jwvSGlrH4aYJdr6E1V7B+sje/YYpTscQ3T46LEhw1ik0FT2kQs+qLRM3yvPs19mfXLPOT+mV/GnvRFft6x3cs7mBkuz8H5mnL4S6E/f4oJw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=UMYknW1lPXj1xjFZSxWSyKJXHp670BRxbqK2WUElrgc=; b=RDZRKUn+vq0E/SyWHQRp9YKKqdCof/VfNOq7DfVJJVdBbeC6ia6Op8oaj9sM4ugFAn6ynsirgsK2ZuwKiIvcTTEgMymKEDrGoF29YYRSduvrzaC1Avr4hZSf2vqnxFXzMfdyzjbX3J0Fs+wLhf5e6sB9hkrVzyTxKNvQA4gcaFw7/a0f01w3jRBGLL9LrgaKZACa3JaPHSAB3qzTOjt2Q6CEtx54im6TTapgVs+ZLqbC6vxQ1EGiSVd4Ph61+6EFm2CunxfSoJKYTPcy8qdmsRLrnMxcMXPAO1NfsruQi/O047+FpWD59A4yksG6j0CMR+kgz6rPLVDJXmdT3GezbQ== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=nxp.com; dmarc=pass action=none header.from=nxp.com; dkim=pass header.d=nxp.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=nxp.com; s=selector2; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=UMYknW1lPXj1xjFZSxWSyKJXHp670BRxbqK2WUElrgc=; b=Vbri4CEyBkmrm3omMmotcm9AsBjJZeK249zFzp8It4NDgUxbCxOj+0vnH/5k1MUTpTkeRytEMJOf5djIxaU6Z7zXbwEHNY9kMH72m+u+3g1LJPkhzeXamZ9ouZsDbNuJCzaupPxmwCL53GwqEzv/CLJzlEHJ3xvnAMUljQ/q6HM= Authentication-Results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=nxp.com; Received: from VI1PR04MB5342.eurprd04.prod.outlook.com (2603:10a6:803:46::16) by VI1PR0401MB2558.eurprd04.prod.outlook.com (2603:10a6:800:5c::17) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5164.20; Fri, 15 Apr 2022 11:22:58 +0000 Received: from VI1PR04MB5342.eurprd04.prod.outlook.com ([fe80::c587:139c:5129:6d02]) by VI1PR04MB5342.eurprd04.prod.outlook.com ([fe80::c587:139c:5129:6d02%7]) with mapi id 15.20.5144.030; Fri, 15 Apr 2022 11:22:58 +0000 From: Gaurav Jain To: Stefano Babic , u-boot@lists.denx.de Cc: Priyanka Jain , Ye Li , Horia Geanta , Silvano Di Ninno , Varun Sethi , "NXP i . MX U-Boot Team" , Gaurav Jain , Kshitiz Varshney Subject: [PATCH] crypto/fsl: Clear the memory when blob decapsulation fails Date: Fri, 15 Apr 2022 16:52:34 +0530 Message-Id: <20220415112234.2583506-1-gaurav.jain@nxp.com> X-Mailer: git-send-email 2.25.1 X-ClientProxiedBy: SG2PR06CA0202.apcprd06.prod.outlook.com (2603:1096:4:1::34) To VI1PR04MB5342.eurprd04.prod.outlook.com (2603:10a6:803:46::16) MIME-Version: 1.0 X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-Correlation-Id: 10126d67-7b2f-4087-17c7-08da1ed24b75 X-MS-TrafficTypeDiagnostic: VI1PR0401MB2558:EE_ X-Microsoft-Antispam-PRVS: X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: XiWeJhadUNpHxaCLe+/HWHv0+/btv99csDnNmSbR+RrKAGfCcFyyxWwUPeQr30iSh5i1CSS5UnPN6FB1Yo1AlCvP/nHMA7Cu+rRaM/e7yD5oTUF8I0smt2VMd9lnop+AuWxq6FHRUTHOIukjPPQ732xCTZcnWwCuB6ZMSfZlSQJ+COX6n/eDbh4utZ8wnQAeY2N/byc+iWAmuh7+SFuZX1x9AOr405E4GDzR0Jbo6fUraKMQMDYy4+NP6gc7/DklfAJ9BWGbj9/L06AwWWt4GdSkT4TluUhPdi3syGLSV8G9JvvsV9DmVD4bP2Qv3HlQtMK1akh04MCaOdxZl+itX+qSfzHLrZpsAKnW4dlvR9YsiXnlhTLYU5a6CyMoCm+5GoOMs6JktoqjyeA+lKUZGD7hV/AIbh+aW+AQsEF4fiE75g99lIr1KnC7wa4RRTWSlGkXSkJj9T8gpcc4G7AbfmKCxFByO5DRWGvVQQcndeySlVZtijPRRkdJej9wBXc2p/Fu/IuvL2dnu3x6JPiuE6Ho/Of5xRayHT7BnRiN2LT/64OuGG8pQI578PriPShQpLHFJDmTMXz9ZiLFFgLMetdSINH25qyuO8AtMjSuZZQkci644gDHHwDI3fASzy+k7v7IHc4gRBcr5ov9uk3En7xjPJYIryS3QHCFejGMPG3ge7hNknokQWTEaHe+7iT6C+/7LvKmmzyxAPSqJgRBzg== X-Forefront-Antispam-Report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:VI1PR04MB5342.eurprd04.prod.outlook.com; PTR:; CAT:NONE; SFS:(13230001)(4636009)(366004)(44832011)(6486002)(1076003)(54906003)(2616005)(186003)(8936002)(5660300002)(316002)(36756003)(6666004)(55236004)(52116002)(86362001)(2906002)(4326008)(38100700002)(6506007)(38350700002)(6512007)(26005)(66946007)(508600001)(66476007)(8676002)(66556008); DIR:OUT; SFP:1101; X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1 X-MS-Exchange-AntiSpam-MessageData-0: TSr70JfwNR9WI7Mia6bfSYrf/1qgxdbVWWuZxeGzJJY+vHpzqhj5Y462FjTKTF9qJub/MXgit+IQixq/h0KrwUOBXDmItcSGbzn8apEBLTwrkr8RpRvYtPUEwPnXxikFl1l5iNqBiogiFVIAXQaayLloYqxRVJQYDLnDqHaPVH+SXWKh6fSWxx6ht9a43VNfD4b8WQU1jncYQwpfx6Pyl67fxbZX+WIUIHJD5N6gIKcMOAGpIPwev3mzNJuqedBLnYeM9YZedgBban1lT3yH1G+dMNbkc3kd0OLfQvr358C7ANAywpZl1HZ28ohGAXJV9LR8WbhV/N6vPqmGRf03Gq0R8RReBRmp1Vu4lkHan18A+vpNkKGEhiP84aH+9Mje+J7agEn3oeYSl3Q8LZMPHOhNX5K43OETS9EbypnClWhU8XeV72O+z0jGdKXYFXAFX0pa3YSXMCcIBk/GItsyTlbT8d3/Hi5miukNyLjcx+CITT0g/XUUWOhrYLBKsM4sTJIdtc4WVkYTv62lIIfXiNaIAP8mM000tiVaIAoc1Nj0t4PGz0B1I5onkBvi4JZ8/vfzMvRLG/yjRt1EToO15hg0M5B3vUbsb7AZaOUb8mnmyh4Cu8c4otQCv1qhU0Py1Ly/d8MyISuMAsfmDwl5XhoDrg+lUv3Tmk6Xi1/dW/IXmXrBXeAyiaKUEnrqJ0eSJH0TpLL597MR8+cW0s67LfxhNcnn+Y0ghrxKy7PenZ4S9tQkEG/QKeN6CHnEpZRzK3FISUI7+NX5ABB5O/+MbAqfgkYn6EuR5QGtluL1YCY0TNZbym+2AJiO3BLhNNr1Vs2aU5OXugCAeTIoXKj0bOtcw98U0jhKYz71+ljmC82xrxCFKvz21QAmaOrK7PSwltKu29nOoA/SQaZHb1xxTX0+jaj94ik+Rme7A/E/GpaeG7Xkp80xWnU7sYTzc3+XguhkK0dV+4XfIaSB9j1r1jiXyH/LHtBFkKfBRUsNBnVt8SCMcCsVJhBqsOyWBI7e+42GH8BAAJpxVMSSxTUY1J0EeJQQ5/ujUbmeQOEK/x4g+Ax1IWyYo18QY/LbTCpjtUws5u+PrXYhtI+np94gGNaNxo10aRMLNvW1f+wDRwYvB1MHZN/SSj/VI89p3eTxIKm3b89P2ZKR36Hd2acg/pdB8YcmFKmhO8ONN18WNRnHb0G9MootBrkF/y6kf9UiJNt/SsXBu6ayehJk2wEYxKJ9Nx3M+NGWc7sAVOTM9LswqS1vvsjbHFnnGcI5lKtiwwbKYlTfWgKl9Irh+COZPzGwdSuMC1M6udkbLuTGR2TMvoWdzAEMXOeySkJJ0XSP7JCbBZiPSDxzrFrPHIJUEfraQlsYzg1widDTwUXMW8odJfrrL57g9+C03/KrpbybHwNn5muRt2KjxoyMaSNlZ4lmHi+rCrxPK5lg7A1XyGSXuoMMZ3P6qkNwD/GtTPcLGCC4h4SgP+WEE+I4eRL7vgmtBdPXqlQjNl2fIuu5OZ7NmdlVKiH/VHjs3dSn4vF5Cc/Zf8XTUy5PgYBZJhyyJzozTBUhslp7qas6jKxJx9RzG4dVUk02+1EUx6N7/gPCKKhjV0MWyCuxebHiqbPQAIHb7/JOFMwaca06LL7HlRES4mM4NTWf0Nmk1eutY6qhxck6QtT75qiYl/jzn+sRz5+CrBWyeax03KIJ0JWFBpPrRHMstuwUnZRJQULvHnJzVgROsZrrZJejNeT6ugzDTuc05I7N1K96v3Nck5Pd+C8= X-OriginatorOrg: nxp.com X-MS-Exchange-CrossTenant-Network-Message-Id: 10126d67-7b2f-4087-17c7-08da1ed24b75 X-MS-Exchange-CrossTenant-AuthSource: VI1PR04MB5342.eurprd04.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 15 Apr 2022 11:22:58.7870 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 686ea1d3-bc2b-4c6f-a92c-d99c5c301635 X-MS-Exchange-CrossTenant-MailboxType: HOSTED X-MS-Exchange-CrossTenant-UserPrincipalName: 1H/VN4H6q/p6oyOl2g7+VHMeZgWLE1rdcjcc9yDv6WU0dX0l7gJd2mbYyOOIGOTbF2x5SsJFzwAfldxDpfwTgQ== X-MS-Exchange-Transport-CrossTenantHeadersStamped: VI1PR0401MB2558 X-BeenThere: u-boot@lists.denx.de X-Mailman-Version: 2.1.39 Precedence: list List-Id: U-Boot discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: u-boot-bounces@lists.denx.de Sender: "U-Boot" X-Virus-Scanned: clamav-milter 0.103.5 at phobos.denx.de X-Virus-Status: Clean issue: blob decapsulation operation store the decrypted data in memory even if ICV check failed. fix: clear the blob data output memory. Fixes: c5de15cbc8 (crypto/fsl: Add command for encapsulating/decapsulating blobs) Signed-off-by: Gaurav Jain Reviewed-by: Kshitiz Varshney Tested-by: Kshitiz Varshney Reviewed-by: Fabio Estevam --- drivers/crypto/fsl/fsl_blob.c | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/drivers/crypto/fsl/fsl_blob.c b/drivers/crypto/fsl/fsl_blob.c index e8202cc569..9b6e4bca06 100644 --- a/drivers/crypto/fsl/fsl_blob.c +++ b/drivers/crypto/fsl/fsl_blob.c @@ -71,6 +71,10 @@ int blob_decap(u8 *key_mod, u8 *src, u8 *dst, u32 len) ret = run_descriptor_jr(desc); if (ret) { + /* clear the blob data output buffer */ + memset(dst, 0x00, len); + size = ALIGN(len, ARCH_DMA_MINALIGN); + flush_dcache_range((unsigned long)dst, (unsigned long)dst + size); printf("Error in blob decapsulation: %d\n", ret); } else { size = ALIGN(len, ARCH_DMA_MINALIGN);