commit 6212f2c7f70c591efb0d9f3d50ad29112392fee2 · tjh.dev/kernel

tjh.dev / kernel

Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git

kernel os linux

[CRYPTO] xts: Use proper alignment

The XTS blockmode uses a copy of the IV which is saved on the stack
and may or may not be properly aligned. If it is not, it will break
hardware cipher like the geode or padlock.
This patch encrypts the IV in place so we don't have to worry about
alignment.

Signed-off-by: Sebastian Siewior <sebastian@breakpoint.cc>
Tested-by: Stefan Hellermann <stefan@the2masters.de>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>

authored by Sebastian Siewior and committed by Herbert Xu 18 years ago 6212f2c7 bc97f19d

+6 -7

1 changed file

expand all

unified split

crypto

xts.c

+6 -7

crypto/xts.c

··· 77 } 78 79 struct sinfo { 80 - be128 t; 81 struct crypto_tfm *tfm; 82 void (*fn)(struct crypto_tfm *, u8 *, const u8 *); 83 }; 84 85 static inline void xts_round(struct sinfo *s, void *dst, const void *src) 86 { 87 - be128_xor(dst, &s->t, src); /* PP <- T xor P */ 88 s->fn(s->tfm, dst, dst); /* CC <- E(Key1,PP) */ 89 - be128_xor(dst, dst, &s->t); /* C <- T xor CC */ 90 } 91 92 static int crypt(struct blkcipher_desc *d, ··· 101 .tfm = crypto_cipher_tfm(ctx->child), 102 .fn = fn 103 }; 104 - be128 *iv; 105 u8 *wsrc; 106 u8 *wdst; 107 ··· 108 if (!w->nbytes) 109 return err; 110 111 avail = w->nbytes; 112 113 wsrc = w->src.virt.addr; 114 wdst = w->dst.virt.addr; 115 116 /* calculate first value of T */ 117 - iv = (be128 *)w->iv; 118 - tw(crypto_cipher_tfm(ctx->tweak), (void *)&s.t, w->iv); 119 120 goto first; 121 122 for (;;) { 123 do { 124 - gf128mul_x_ble(&s.t, &s.t); 125 126 first: 127 xts_round(&s, wdst, wsrc);

··· 77 } 78 79 struct sinfo { 80 + be128 *t; 81 struct crypto_tfm *tfm; 82 void (*fn)(struct crypto_tfm *, u8 *, const u8 *); 83 }; 84 85 static inline void xts_round(struct sinfo *s, void *dst, const void *src) 86 { 87 + be128_xor(dst, s->t, src); /* PP <- T xor P */ 88 s->fn(s->tfm, dst, dst); /* CC <- E(Key1,PP) */ 89 + be128_xor(dst, dst, s->t); /* C <- T xor CC */ 90 } 91 92 static int crypt(struct blkcipher_desc *d, ··· 101 .tfm = crypto_cipher_tfm(ctx->child), 102 .fn = fn 103 }; 104 u8 *wsrc; 105 u8 *wdst; 106 ··· 109 if (!w->nbytes) 110 return err; 111 112 + s.t = (be128 *)w->iv; 113 avail = w->nbytes; 114 115 wsrc = w->src.virt.addr; 116 wdst = w->dst.virt.addr; 117 118 /* calculate first value of T */ 119 + tw(crypto_cipher_tfm(ctx->tweak), w->iv, w->iv); 120 121 goto first; 122 123 for (;;) { 124 do { 125 + gf128mul_x_ble(s.t, s.t); 126 127 first: 128 xts_round(&s, wdst, wsrc);