| From: Eric Biggers <ebiggers@google.com> |
| Date: Mon, 19 Feb 2018 23:48:12 -0800 |
| Subject: crypto: x86/cast5-avx - fix ECB encryption when long sg follows short |
| one |
| |
| commit 8f461b1e02ed546fbd0f11611138da67fd85a30f upstream. |
| |
| With ecb-cast5-avx, if a 128+ byte scatterlist element followed a |
| shorter one, then the algorithm accidentally encrypted/decrypted only 8 |
| bytes instead of the expected 128 bytes. Fix it by setting the |
| encryption/decryption 'fn' correctly. |
| |
| Fixes: c12ab20b162c ("crypto: cast5/avx - avoid using temporary stack buffers") |
| Signed-off-by: Eric Biggers <ebiggers@google.com> |
| Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> |
| Signed-off-by: Ben Hutchings <ben@decadent.org.uk> |
| --- |
| arch/x86/crypto/cast5_avx_glue.c | 3 +-- |
| 1 file changed, 1 insertion(+), 2 deletions(-) |
| |
| --- a/arch/x86/crypto/cast5_avx_glue.c |
| +++ b/arch/x86/crypto/cast5_avx_glue.c |
| @@ -67,8 +67,6 @@ static int ecb_crypt(struct blkcipher_de |
| void (*fn)(struct cast5_ctx *ctx, u8 *dst, const u8 *src); |
| int err; |
| |
| - fn = (enc) ? cast5_ecb_enc_16way : cast5_ecb_dec_16way; |
| - |
| err = blkcipher_walk_virt(desc, walk); |
| desc->flags &= ~CRYPTO_TFM_REQ_MAY_SLEEP; |
| |
| @@ -80,6 +78,7 @@ static int ecb_crypt(struct blkcipher_de |
| |
| /* Process multi-block batch */ |
| if (nbytes >= bsize * CAST5_PARALLEL_BLOCKS) { |
| + fn = (enc) ? cast5_ecb_enc_16way : cast5_ecb_dec_16way; |
| do { |
| fn(ctx, wdst, wsrc); |
| |