diff options
author | Nathan Huckleberry <nhuck@google.com> | 2022-05-20 18:14:58 +0000 |
---|---|---|
committer | Herbert Xu <herbert@gondor.apana.org.au> | 2022-06-10 16:40:17 +0800 |
commit | c0eb7591c1ed9cbdb0ad796bb56aed13748b55fa (patch) | |
tree | dbf756feed52b5bf4d6719c382d767fd933a409c /arch/arm64/crypto/aes-glue.c | |
parent | crypto: arm64/aes-xctr - Add accelerated implementation of XCTR (diff) | |
download | linux-dev-c0eb7591c1ed9cbdb0ad796bb56aed13748b55fa.tar.xz linux-dev-c0eb7591c1ed9cbdb0ad796bb56aed13748b55fa.zip |
crypto: arm64/aes-xctr - Improve readability of XCTR and CTR modes
Added some clarifying comments, changed the register allocations to make
the code clearer, and added register aliases.
Signed-off-by: Nathan Huckleberry <nhuck@google.com>
Reviewed-by: Eric Biggers <ebiggers@google.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Diffstat (limited to 'arch/arm64/crypto/aes-glue.c')
-rw-r--r-- | arch/arm64/crypto/aes-glue.c | 16 |
1 files changed, 16 insertions, 0 deletions
diff --git a/arch/arm64/crypto/aes-glue.c b/arch/arm64/crypto/aes-glue.c index b6883288234c..162787c7aa86 100644 --- a/arch/arm64/crypto/aes-glue.c +++ b/arch/arm64/crypto/aes-glue.c @@ -464,6 +464,14 @@ static int __maybe_unused xctr_encrypt(struct skcipher_request *req) u8 *dst = walk.dst.virt.addr; u8 buf[AES_BLOCK_SIZE]; + /* + * If given less than 16 bytes, we must copy the partial block + * into a temporary buffer of 16 bytes to avoid out of bounds + * reads and writes. Furthermore, this code is somewhat unusual + * in that it expects the end of the data to be at the end of + * the temporary buffer, rather than the start of the data at + * the start of the temporary buffer. + */ if (unlikely(nbytes < AES_BLOCK_SIZE)) src = dst = memcpy(buf + sizeof(buf) - nbytes, src, nbytes); @@ -501,6 +509,14 @@ static int __maybe_unused ctr_encrypt(struct skcipher_request *req) u8 *dst = walk.dst.virt.addr; u8 buf[AES_BLOCK_SIZE]; + /* + * If given less than 16 bytes, we must copy the partial block + * into a temporary buffer of 16 bytes to avoid out of bounds + * reads and writes. Furthermore, this code is somewhat unusual + * in that it expects the end of the data to be at the end of + * the temporary buffer, rather than the start of the data at + * the start of the temporary buffer. + */ if (unlikely(nbytes < AES_BLOCK_SIZE)) src = dst = memcpy(buf + sizeof(buf) - nbytes, src, nbytes); |