korg/linux
0
0
Fork 0
mirror of https://mirrors.bfsu.edu.cn/git/linux.git synced 2024-11-18 01:34:14 +08:00
Code Issues Packages Projects Releases Wiki Activity
0b1e95b2fa
linux/arch
History
Mathias Krause 0b1e95b2fa crypto: aesni - fix "by8" variant for 128 bit keys 
The "by8" counter mode optimization is broken for 128 bit keys with
input data longer than 128 bytes. It uses the wrong key material for
en- and decryption.

The key registers xkey0, xkey4, xkey8 and xkey12 need to be preserved
in case we're handling more than 128 bytes of input data -- they won't
get reloaded after the initial load. They must therefore be (a) loaded
on the first iteration and (b) be preserved for the latter ones. The
implementation for 128 bit keys does not comply with (a) nor (b).

Fix this by bringing the implementation back to its original source
and correctly load the key registers and preserve their values by
*not* re-using the registers for other purposes.

Kudos to James for reporting the issue and providing a test case
showing the discrepancies.

Reported-by: James Yonan <james@openvpn.net>
Cc: Chandramouli Narayanan <mouli@linux.intel.com>
Cc: <stable@vger.kernel.org> # v3.18
Signed-off-by: Mathias Krause <minipli@googlemail.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2015-01-05 21:35:02 +11:00
..
alpha arch: Cleanup read_barrier_depends() and comments 2014-12-11 21:15:05 -05:00
arc Minor updates for ARC for 3.19 2014-12-18 16:26:41 -08:00
arm kernel: Provide READ_ONCE and ASSIGN_ONCE 2014-12-20 16:48:59 -08:00
arm64 kernel: Provide READ_ONCE and ASSIGN_ONCE 2014-12-20 16:48:59 -08:00
avr32 Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-next 2014-12-11 14:27:06 -08:00
blackfin TTY/Serial driver patches for 3.19-rc1 2014-12-14 15:23:32 -08:00
c6x net, lib: kill arch_fast_hash library bits 2014-12-10 15:17:46 -05:00
cris CRISv32: Remove last remnants of ETRAX_SPI_MMC_BOARD 2014-12-20 00:06:13 +01:00
frv Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-next 2014-12-11 14:27:06 -08:00
hexagon Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/rkuo/linux-hexagon-kernel 2014-12-19 17:57:51 -08:00
ia64 __get_cpu_var removed from rest of tree, drop reference from comments in arch/ia64 2014-12-19 17:07:27 -08:00
m32r Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-next 2014-12-11 14:27:06 -08:00
m68k Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-next 2014-12-11 14:27:06 -08:00
metag arch: Add lightweight memory barriers dma_rmb() and dma_wmb() 2014-12-11 21:15:06 -05:00
microblaze Microblaze patches for 3.19-rc1 2014-12-17 09:54:05 -08:00
mips kernel: Provide READ_ONCE and ASSIGN_ONCE 2014-12-20 16:48:59 -08:00
mn10300 Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-next 2014-12-11 14:27:06 -08:00
nios2 nios2/uaccess: fix sparse errors 2014-12-17 13:53:41 +08:00
openrisc net, lib: kill arch_fast_hash library bits 2014-12-10 15:17:46 -05:00
parisc parisc: percpu: update comments referring to __get_cpu_var 2014-12-13 12:42:53 -08:00
powerpc CONFIG_PM_RUNTIME elimination for 3.19-rc1 2014-12-20 13:37:44 -08:00
s390 kernel: Provide READ_ONCE and ASSIGN_ONCE 2014-12-20 16:48:59 -08:00
score net, lib: kill arch_fast_hash library bits 2014-12-10 15:17:46 -05:00
sh PM: Eliminate CONFIG_PM_RUNTIME 2014-12-19 22:55:06 +01:00
sparc sparc32: destroy_context() and switch_mm() needs to disable interrupts. 2014-12-18 12:47:54 -05:00
tile Merge git://git.kernel.org/pub/scm/linux/kernel/git/cmetcalf/linux-tile 2014-12-16 13:54:16 -08:00
um TTY/Serial driver patches for 3.19-rc1 2014-12-14 15:23:32 -08:00
unicore32 Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-next 2014-12-11 14:27:06 -08:00
x86 crypto: aesni - fix "by8" variant for 128 bit keys 2015-01-05 21:35:02 +11:00
xtensa Xtensa fixes for 3.19: 2014-12-16 14:08:53 -08:00
.gitignore
Kconfig