crypto: vmx - fix copy-paste error in CTR mode

commit dcf7b48212c0fab7df69e84fab22d6cb7c8c0fb9 upstream.

The original assembly imported from OpenSSL has two copy-paste
errors in handling CTR mode. When dealing with a 2 or 3 block tail,
the code branches to the CBC decryption exit path, rather than to
the CTR exit path.

This leads to corruption of the IV, which leads to subsequent blocks
being corrupted.

This can be detected with libkcapi test suite, which is available at
https://github.com/smuellerDD/libkcapi

Reported-by: Ondrej Mosnáček <omosnacek@gmail.com>
Fixes: 5c380d623ed3 ("crypto: vmx - Add support for VMS instructions by ASM")
Cc: stable@vger.kernel.org
Signed-off-by: Daniel Axtens <dja@axtens.net>
Tested-by: Michael Ellerman <mpe@ellerman.id.au>
Tested-by: Ondrej Mosnacek <omosnacek@gmail.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>

diff --git a/drivers/crypto/vmx/aesp8-ppc.pl b/drivers/crypto/vmx/aesp8-ppc.pl
index 228053921b3f024f468dbcf720c31bcb3cc58437..c5c3e0d57e6a99504cd0b9c8cd5dc2636ac2bb56 100644 (file)
--- a/drivers/crypto/vmx/aesp8-ppc.pl
+++ b/drivers/crypto/vmx/aesp8-ppc.pl
@@ -1795,7 +1795,7 @@ Lctr32_enc8x_three:
        stvx_u          $out1,$x10,$out
        stvx_u          $out2,$x20,$out
        addi            $out,$out,0x30
-       b               Lcbc_dec8x_done
+       b               Lctr32_enc8x_done
 
 .align 5
 Lctr32_enc8x_two:
@@ -1807,7 +1807,7 @@ Lctr32_enc8x_two:
        stvx_u          $out0,$x00,$out
        stvx_u          $out1,$x10,$out
        addi            $out,$out,0x20
-       b               Lcbc_dec8x_done
+       b               Lctr32_enc8x_done
 
 .align 5
 Lctr32_enc8x_one: