Commit e326df53 authored by Linus Torvalds's avatar Linus Torvalds
Browse files

Merge tag 'v6.8-p5' of git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6 

Pull crypto fixes from Herbert Xu:
 "This fixes a regression in lskcipher and an out-of-bound access
  in arm64/neonbs"

* tag 'v6.8-p5' of git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6:
  crypto: arm64/neonbs - fix out-of-bounds access on short input
  crypto: lskcipher - Copy IV in lskcipher glue code always
parents cf118294 1c0cf6d1

arch/arm64/crypto/aes-neonbs-glue.c

+11 −0
Original line number Diff line number Diff line
@@ -227,8 +227,19 @@ static int ctr_encrypt(struct skcipher_request *req) 
			src += blocks * AES_BLOCK_SIZE;

		}

		if (nbytes && walk.nbytes == walk.total) {

			u8 buf[AES_BLOCK_SIZE];

			u8 *d = dst;



			if (unlikely(nbytes < AES_BLOCK_SIZE))

				src = dst = memcpy(buf + sizeof(buf) - nbytes,

						   src, nbytes);



			neon_aes_ctr_encrypt(dst, src, ctx->enc, ctx->key.rounds,

					     nbytes, walk.iv);



			if (unlikely(nbytes < AES_BLOCK_SIZE))

				memcpy(d, dst, nbytes);



			nbytes = 0;

		}

		kernel_neon_end();

crypto/lskcipher.c

+2 −4
Original line number Diff line number Diff line
@@ -212,13 +212,12 @@ static int crypto_lskcipher_crypt_sg(struct skcipher_request *req, 


	ivsize = crypto_lskcipher_ivsize(tfm);

	ivs = PTR_ALIGN(ivs, crypto_skcipher_alignmask(skcipher) + 1);

	memcpy(ivs, req->iv, ivsize);



	flags = req->base.flags & CRYPTO_TFM_REQ_MAY_SLEEP;



	if (req->base.flags & CRYPTO_SKCIPHER_REQ_CONT)

		flags |= CRYPTO_LSKCIPHER_FLAG_CONT;

	else

		memcpy(ivs, req->iv, ivsize);



	if (!(req->base.flags & CRYPTO_SKCIPHER_REQ_NOTFINAL))

		flags |= CRYPTO_LSKCIPHER_FLAG_FINAL;
@@ -234,7 +233,6 @@ static int crypto_lskcipher_crypt_sg(struct skcipher_request *req, 
		flags |= CRYPTO_LSKCIPHER_FLAG_CONT;

	}



	if (flags & CRYPTO_LSKCIPHER_FLAG_FINAL)

	memcpy(req->iv, ivs, ivsize);



	return err;