| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Sun, 31 Oct 2021 13:28:58 +0100
From: Ard Biesheuvel <ardb@...nel.org>
To: Nicolas Toromanoff <nicolas.toromanoff@...s.st.com>
Cc: Herbert Xu <herbert@...dor.apana.org.au>,
"David S . Miller" <davem@...emloft.net>,
Maxime Coquelin <mcoquelin.stm32@...il.com>,
Alexandre Torgue <alexandre.torgue@...s.st.com>,
Marek Vasut <marex@...x.de>,
Linux Crypto Mailing List <linux-crypto@...r.kernel.org>,
linux-stm32@...md-mailman.stormreply.com,
Linux ARM <linux-arm-kernel@...ts.infradead.org>,
Linux Kernel Mailing List <linux-kernel@...r.kernel.org>
Subject: Re: [PATCH 3/8] crypto: stm32/cryp - fix CTR counter carry
On Fri, 29 Oct 2021 at 16:01, Nicolas Toromanoff
<nicolas.toromanoff@...s.st.com> wrote:
>
> Fix issue in CTR counter overflow, the carry-over is now properly
> managed.
> Fixes: bbb2832620ac ("crypto: stm32 - Fix sparse warnings")
>
> Signed-off-by: Nicolas Toromanoff <nicolas.toromanoff@...s.st.com>
> ---
> drivers/crypto/stm32/stm32-cryp.c | 19 ++++++++++---------
> 1 file changed, 10 insertions(+), 9 deletions(-)
>
> diff --git a/drivers/crypto/stm32/stm32-cryp.c b/drivers/crypto/stm32/stm32-cryp.c
> index 7b55ad6d2f1a..6eeeca0d70ce 100644
> --- a/drivers/crypto/stm32/stm32-cryp.c
> +++ b/drivers/crypto/stm32/stm32-cryp.c
> @@ -163,7 +163,7 @@ struct stm32_cryp {
> struct scatter_walk in_walk;
> struct scatter_walk out_walk;
>
> - u32 last_ctr[4];
> + __be32 last_ctr[4];
> u32 gcm_ctr;
> };
>
> @@ -1219,25 +1219,26 @@ static void stm32_cryp_check_ctr_counter(struct stm32_cryp *cryp)
>
> if (unlikely(cryp->last_ctr[3] == 0xFFFFFFFF)) {
> cryp->last_ctr[3] = 0;
> - cryp->last_ctr[2]++;
> + cryp->last_ctr[2] = cpu_to_be32(be32_to_cpu(cryp->last_ctr[2]) + 1);
> if (!cryp->last_ctr[2]) {
> - cryp->last_ctr[1]++;
> + cryp->last_ctr[1] = cpu_to_be32(be32_to_cpu(cryp->last_ctr[1]) + 1);
> if (!cryp->last_ctr[1])
> - cryp->last_ctr[0]++;
> + cryp->last_ctr[0] = cpu_to_be32(be32_to_cpu(cryp->last_ctr[0]) + 1);
> }
>
crypto_inc() ??
> cr = stm32_cryp_read(cryp, CRYP_CR);
> stm32_cryp_write(cryp, CRYP_CR, cr & ~CR_CRYPEN);
>
> - stm32_cryp_hw_write_iv(cryp, (__be32 *)cryp->last_ctr);
> + stm32_cryp_hw_write_iv(cryp, cryp->last_ctr);
>
> stm32_cryp_write(cryp, CRYP_CR, cr);
> }
>
> - cryp->last_ctr[0] = stm32_cryp_read(cryp, CRYP_IV0LR);
> - cryp->last_ctr[1] = stm32_cryp_read(cryp, CRYP_IV0RR);
> - cryp->last_ctr[2] = stm32_cryp_read(cryp, CRYP_IV1LR);
> - cryp->last_ctr[3] = stm32_cryp_read(cryp, CRYP_IV1RR);
> + /* The IV registers are BE */
> + cryp->last_ctr[0] = cpu_to_be32(stm32_cryp_read(cryp, CRYP_IV0LR));
> + cryp->last_ctr[1] = cpu_to_be32(stm32_cryp_read(cryp, CRYP_IV0RR));
> + cryp->last_ctr[2] = cpu_to_be32(stm32_cryp_read(cryp, CRYP_IV1LR));
> + cryp->last_ctr[3] = cpu_to_be32(stm32_cryp_read(cryp, CRYP_IV1RR));
> }
>
> static bool stm32_cryp_irq_read_data(struct stm32_cryp *cryp)
> --
> 2.17.1
>
Powered by blists - more mailing lists