Re: [PATCH 3/5] crypto: hisilicon/sec - fix the max length of AAD for the CCM mode

From: Herbert Xu
Date: Fri Aug 06 2021 - 04:32:27 EST


On Sat, Jul 31, 2021 at 11:26:34AM +0800, Kai Ye wrote:
>
> @@ -2218,6 +2219,10 @@ static int sec_aead_spec_check(struct sec_ctx *ctx, struct sec_req *sreq)
> }
>
> if (c_mode == SEC_CMODE_CCM) {
> + if (unlikely(req->assoclen > SEC_MAX_CCM_AAD_LEN)) {
> + dev_err(dev, "CCM input aad parameter is too long!\n");
> + return -EINVAL;
> + }

You shouldn't be printing messages on a code path that can be
triggered by userspace without rate limit.

Thanks,
--
Email: Herbert Xu <herbert@xxxxxxxxxxxxxxxxxxx>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt