Merge tag 'v6.8-p5' of git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6

Pull crypto fixes from Herbert Xu:
 "This fixes a regression in lskcipher and an out-of-bound access
  in arm64/neonbs"

* tag 'v6.8-p5' of git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6:
  crypto: arm64/neonbs - fix out-of-bounds access on short input
  crypto: lskcipher - Copy IV in lskcipher glue code always

diff --git a/arch/arm64/crypto/aes-neonbs-glue.c b/arch/arm64/crypto/aes-neonbs-glue.c
index bac4cabef6073e5b0c652d0ed031ea7cce97c72f..467ac2f768ac2bb423b92eb797dce8bde697f259 100644 (file)
--- a/arch/arm64/crypto/aes-neonbs-glue.c
+++ b/arch/arm64/crypto/aes-neonbs-glue.c
@@ -227,8 +227,19 @@ static int ctr_encrypt(struct skcipher_request *req)
                        src += blocks * AES_BLOCK_SIZE;
                }
                if (nbytes && walk.nbytes == walk.total) {
+                       u8 buf[AES_BLOCK_SIZE];
+                       u8 *d = dst;
+
+                       if (unlikely(nbytes < AES_BLOCK_SIZE))
+                               src = dst = memcpy(buf + sizeof(buf) - nbytes,
+                                                  src, nbytes);
+
                        neon_aes_ctr_encrypt(dst, src, ctx->enc, ctx->key.rounds,
                                             nbytes, walk.iv);
+
+                       if (unlikely(nbytes < AES_BLOCK_SIZE))
+                               memcpy(d, dst, nbytes);
+
                        nbytes = 0;
                }
                kernel_neon_end();

diff --git a/crypto/lskcipher.c b/crypto/lskcipher.c
index 0b6dd8aa21f2edace686fb5531705698e7acc18d..0f1bd7dcde245988bb7d01dc9d0e32655669bdf8 100644 (file)
--- a/crypto/lskcipher.c
+++ b/crypto/lskcipher.c
@@ -212,13 +212,12 @@ static int crypto_lskcipher_crypt_sg(struct skcipher_request *req,
 
        ivsize = crypto_lskcipher_ivsize(tfm);
        ivs = PTR_ALIGN(ivs, crypto_skcipher_alignmask(skcipher) + 1);
+       memcpy(ivs, req->iv, ivsize);
 
        flags = req->base.flags & CRYPTO_TFM_REQ_MAY_SLEEP;
 
        if (req->base.flags & CRYPTO_SKCIPHER_REQ_CONT)
                flags |= CRYPTO_LSKCIPHER_FLAG_CONT;
-       else
-               memcpy(ivs, req->iv, ivsize);
 
        if (!(req->base.flags & CRYPTO_SKCIPHER_REQ_NOTFINAL))
                flags |= CRYPTO_LSKCIPHER_FLAG_FINAL;
@@ -234,8 +233,7 @@ static int crypto_lskcipher_crypt_sg(struct skcipher_request *req,
                flags |= CRYPTO_LSKCIPHER_FLAG_CONT;
        }
 
-       if (flags & CRYPTO_LSKCIPHER_FLAG_FINAL)
-               memcpy(req->iv, ivs, ivsize);
+       memcpy(req->iv, ivs, ivsize);
 
        return err;
 }