| From: Ard Biesheuvel <ard.biesheuvel@linaro.org> |
| Date: Tue, 11 Oct 2016 19:15:15 +0100 |
| Subject: crypto: arm64/sha1-ce - fix for big endian |
| |
| commit ee71e5f1e7d25543ee63a80451871f8985b8d431 upstream. |
| |
| The SHA1 digest is an array of 5 32-bit quantities, so we should refer |
| to them as such in order for this code to work correctly when built for |
| big endian. So replace 16 byte scalar loads and stores with 4x4 vector |
| ones where appropriate. |
| |
| Fixes: 2c98833a42cd ("arm64/crypto: SHA-1 using ARMv8 Crypto Extensions") |
| Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org> |
| Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> |
| [bwh: Backported to 3.16: use x2 instead of x0] |
| Signed-off-by: Ben Hutchings <ben@decadent.org.uk> |
| --- |
| arch/arm64/crypto/sha1-ce-core.S | 4 ++-- |
| 1 file changed, 2 insertions(+), 2 deletions(-) |
| |
| --- a/arch/arm64/crypto/sha1-ce-core.S |
| +++ b/arch/arm64/crypto/sha1-ce-core.S |
| @@ -78,7 +78,7 @@ ENTRY(sha1_ce_transform) |
| ld1r {k3.4s}, [x6] |
| |
| /* load state */ |
| - ldr dga, [x2] |
| + ld1 {dgav.4s}, [x2] |
| ldr dgb, [x2, #16] |
| |
| /* load partial state (if supplied) */ |
| @@ -147,7 +147,7 @@ CPU_LE( rev32 v11.16b, v11.16b ) |
| b 2b |
| |
| /* store new state */ |
| -3: str dga, [x2] |
| +3: st1 {dgav.4s}, [x2] |
| str dgb, [x2, #16] |
| ret |
| ENDPROC(sha1_ce_transform) |