lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Sun, 19 Nov 2017 15:32:18 +0100
From:   Greg Kroah-Hartman <gregkh@...uxfoundation.org>
To:     linux-kernel@...r.kernel.org, stable@...r.kernel.org
Cc:     Greg Kroah-Hartman <gregkh@...uxfoundation.org>,
        Eric Biggers <ebiggers@...gle.com>,
        Ard Biesheuvel <ard.biesheuvel@...aro.org>
Subject: [PATCH 4.4 10/59] [PATCH -stable] arm: crypto: reduce priority of bit-sliced AES cipher

4.4-stable review patch.  If anyone has any objections, please let me know.

------------------

From: Eric Biggers <ebiggers@...gle.com>

[ Not upstream because this is a minimal fix for a bug where arm32
  kernels can use a much slower implementation of AES than is actually
  available, potentially forcing vendors to disable encryption on their
  devices.]

All the aes-bs (bit-sliced) and aes-ce (cryptographic extensions)
algorithms had a priority of 300.  This is undesirable because it means
an aes-bs algorithm may be used when an aes-ce algorithm is available.
The aes-ce algorithms have much better performance (up to 10x faster).

Fix it by decreasing the priority of the aes-bs algorithms to 250.

This was fixed upstream by commit cc477bf64573 ("crypto: arm/aes -
replace bit-sliced OpenSSL NEON code"), but it was just a small part of
a complete rewrite.  This patch just fixes the priority bug for older
kernels.

Signed-off-by: Eric Biggers <ebiggers@...gle.com>
Acked-by: Ard Biesheuvel <ard.biesheuvel@...aro.org>
---
 arch/arm/crypto/aesbs-glue.c |    6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

--- a/arch/arm/crypto/aesbs-glue.c
+++ b/arch/arm/crypto/aesbs-glue.c
@@ -357,7 +357,7 @@ static struct crypto_alg aesbs_algs[] =
 }, {
 	.cra_name		= "cbc(aes)",
 	.cra_driver_name	= "cbc-aes-neonbs",
-	.cra_priority		= 300,
+	.cra_priority		= 250,
 	.cra_flags		= CRYPTO_ALG_TYPE_ABLKCIPHER|CRYPTO_ALG_ASYNC,
 	.cra_blocksize		= AES_BLOCK_SIZE,
 	.cra_ctxsize		= sizeof(struct async_helper_ctx),
@@ -377,7 +377,7 @@ static struct crypto_alg aesbs_algs[] =
 }, {
 	.cra_name		= "ctr(aes)",
 	.cra_driver_name	= "ctr-aes-neonbs",
-	.cra_priority		= 300,
+	.cra_priority		= 250,
 	.cra_flags		= CRYPTO_ALG_TYPE_ABLKCIPHER|CRYPTO_ALG_ASYNC,
 	.cra_blocksize		= 1,
 	.cra_ctxsize		= sizeof(struct async_helper_ctx),
@@ -397,7 +397,7 @@ static struct crypto_alg aesbs_algs[] =
 }, {
 	.cra_name		= "xts(aes)",
 	.cra_driver_name	= "xts-aes-neonbs",
-	.cra_priority		= 300,
+	.cra_priority		= 250,
 	.cra_flags		= CRYPTO_ALG_TYPE_ABLKCIPHER|CRYPTO_ALG_ASYNC,
 	.cra_blocksize		= AES_BLOCK_SIZE,
 	.cra_ctxsize		= sizeof(struct async_helper_ctx),

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ