On Fri, Feb 03, 2023 at 09:04:59AM +0800, Herbert Xu wrote:
On Wed, Feb 01, 2023 at 03:59:44PM +0000, Giovanni Cabiddu wrote: .
@@ -435,8 +435,8 @@ static void qat_alg_skcipher_init_com(struct qat_alg_skcipher_ctx *ctx, } else if (aes_v2_capable && mode == ICP_QAT_HW_CIPHER_CTR_MODE) { ICP_QAT_FW_LA_SLICE_TYPE_SET(header->serv_specif_flags, ICP_QAT_FW_LA_USE_UCS_SLICE_TYPE);
memcpy(cd->ucs_aes.key, key, keylen);keylen = round_up(keylen, 16);
keylen = round_up(keylen, 16);
Now cd->ucs_aes.key contains potentially unitialised data, should we zero them?
The content descriptor structure (cd) is already initialized to zero before the function qat_alg_skcipher_init_com() is called. This is done in (1) qat_alg_skcipher_newkey() implicitly by dma_alloc_coherent(), the first time setkey() is called for a tfm or (2) qat_alg_skcipher_rekey() explicitly, for subsequent calls to sekey().
Regards,