From owner-p4-projects@FreeBSD.ORG Mon Sep 8 04:49:25 2014 Return-Path: Delivered-To: p4-projects@freebsd.org Received: by hub.freebsd.org (Postfix, from userid 32767) id DAEAD9D7; Mon, 8 Sep 2014 04:49:24 +0000 (UTC) Delivered-To: perforce@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id D54AD7FE for ; Mon, 8 Sep 2014 04:49:17 +0000 (UTC) Received: from skunkworks.freebsd.org (skunkworks.freebsd.org [IPv6:2001:1900:2254:2068::682:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 95C4F1A6B for ; Mon, 8 Sep 2014 04:49:17 +0000 (UTC) Received: from skunkworks.freebsd.org ([127.0.1.74]) by skunkworks.freebsd.org (8.14.9/8.14.9) with ESMTP id s884nHfR020568 for ; Mon, 8 Sep 2014 04:49:17 GMT (envelope-from jmg@freebsd.org) Received: (from perforce@localhost) by skunkworks.freebsd.org (8.14.9/8.14.9/Submit) id s884nHJC020565 for perforce@freebsd.org; Mon, 8 Sep 2014 04:49:17 GMT (envelope-from jmg@freebsd.org) Date: Mon, 8 Sep 2014 04:49:17 GMT Message-Id: <201409080449.s884nHJC020565@skunkworks.freebsd.org> X-Authentication-Warning: skunkworks.freebsd.org: perforce set sender to jmg@freebsd.org using -f From: John-Mark Gurney Subject: PERFORCE change 1198701 for review To: Perforce Change Reviews Precedence: bulk X-BeenThere: p4-projects@freebsd.org X-Mailman-Version: 2.1.18-1 List-Id: p4 projects tree changes List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 08 Sep 2014 04:49:25 -0000 http://p4web.freebsd.org/@@1198701?ac=10 Change 1198701 by jmg@jmg_carbon2 on 2014/08/14 07:39:04 spell crd_alg properly instead of checking the length... properly only free an allocation when allocated by using the common cleanup code... don't need to zero auth data buffer, it's associated data and not confidential... add some comments... Affected files ... .. //depot/projects/opencrypto/sys/crypto/aesni/aesni.c#3 edit Differences ... ==== //depot/projects/opencrypto/sys/crypto/aesni/aesni.c#3 (text+ko) ==== @@ -328,7 +328,7 @@ } /* CBC & XTS can only handle full blocks for now */ - if ((enccrd->crd_len == CRYPTO_AES_CBC || enccrd->crd_len == + if ((enccrd->crd_alg == CRYPTO_AES_CBC || enccrd->crd_alg == CRYPTO_AES_XTS) && (enccrd->crd_len % AES_BLOCK_LEN) != 0) { error = EINVAL; goto out; @@ -442,6 +442,9 @@ printf("%02hhx", ptr[i]); } +/* + * authcrd contains the associated date. + */ static int aesni_cipher_process(struct aesni_session *ses, struct cryptodesc *enccrd, struct cryptodesc *authcrd, struct cryptop *crp) @@ -463,10 +466,8 @@ authallocated = 0; if (authcrd != NULL) { authbuf = aesni_cipher_alloc(authcrd, crp, &authallocated); - if (authbuf == NULL) { - free(buf, M_AESNI); - return (ENOMEM); - } + if (authbuf == NULL) + goto out1; } td = curthread; @@ -574,7 +575,7 @@ crypto_copyback(crp->crp_flags, crp->crp_buf, enccrd->crd_skip, enccrd->crd_len, buf); - /* OpenBSD doesn't copy this back. */ + /* OpenBSD doesn't copy this back. Why not? */ if ((enccrd->crd_flags & CRD_F_ENCRYPT) != 0) crypto_copydata(crp->crp_flags, crp->crp_buf, enccrd->crd_skip + enccrd->crd_len - AES_BLOCK_LEN, @@ -592,9 +593,7 @@ bzero(buf, enccrd->crd_len); free(buf, M_AESNI); } - if (authallocated) { - bzero(authbuf, authcrd->crd_len); + if (authallocated) free(authbuf, M_AESNI); - } return (error); }