fix(aes-gcm): correct the DMA completion wait condition for hardware GCM case

DMA operation completion must wait until the last DMA descriptor
ownership has been changed to hardware, that is hardware is completed
the write operation for entire data. Earlier for the hardware GCM case,
the first DMA descriptor was checked and it could have resulted in some
race condition for non interrupt (MBEDTLS_AES_USE_INTERRUPT disabled) case.

components/mbedtls/port/aes/dma/esp_aes.c

@@ -495,6 +495,7 @@ cleanup:
 int esp_aes_process_dma_gcm(esp_aes_context *ctx, const unsigned char *input, unsigned char *output, size_t len, lldesc_t *aad_desc, size_t aad_len)
 {
     lldesc_t *in_desc_head = NULL, *out_desc_head = NULL, *len_desc = NULL;
+    lldesc_t *out_desc_tail = NULL; /* pointer to the final output descriptor */
     lldesc_t stream_in_desc, stream_out_desc;
     lldesc_t *block_desc = NULL, *block_in_desc = NULL, *block_out_desc = NULL;
     size_t lldesc_num;
@@ -544,6 +545,8 @@ int esp_aes_process_dma_gcm(esp_aes_context *ctx, const unsigned char *input, un
 
         lldesc_append(&in_desc_head, block_in_desc);
         lldesc_append(&out_desc_head, block_out_desc);
+
+        out_desc_tail = &block_out_desc[lldesc_num - 1];
     }
 
     /* Any leftover bytes which are appended as an additional DMA list */
@@ -555,6 +558,8 @@ int esp_aes_process_dma_gcm(esp_aes_context *ctx, const unsigned char *input, un
 
         lldesc_append(&in_desc_head, &stream_in_desc);
         lldesc_append(&out_desc_head, &stream_out_desc);
+
+        out_desc_tail = &stream_out_desc;
     }
 
 
@@ -593,7 +598,7 @@ int esp_aes_process_dma_gcm(esp_aes_context *ctx, const unsigned char *input, un
 
     aes_hal_transform_dma_gcm_start(blocks);
 
-    if (esp_aes_dma_wait_complete(use_intr, out_desc_head) < 0) {
+    if (esp_aes_dma_wait_complete(use_intr, out_desc_tail) < 0) {
         ESP_LOGE(TAG, "esp_aes_dma_wait_complete failed");
         ret = -1;
         goto cleanup;