summaryrefslogtreecommitdiff
path: root/lib/crc32defs.h
diff options
context:
space:
mode:
authorJason A. Donenfeld <Jason@zx2c4.com>2020-03-19 05:27:32 +0300
committerHerbert Xu <herbert@gondor.apana.org.au>2020-03-20 06:35:27 +0300
commitc8cfcb78c65877313cda7bcbace624d3dbd1f3b3 (patch)
treea8a322ebcd9ebc7475c33426d898c649a4bb1e8d /lib/crc32defs.h
parent1579f1bc3b753d17a44de3457d5c6f4a5b14c752 (diff)
downloadlinux-c8cfcb78c65877313cda7bcbace624d3dbd1f3b3.tar.xz
crypto: arm64/chacha - correctly walk through blocks
Prior, passing in chunks of 2, 3, or 4, followed by any additional chunks would result in the chacha state counter getting out of sync, resulting in incorrect encryption/decryption, which is a pretty nasty crypto vuln: "why do images look weird on webpages?" WireGuard users never experienced this prior, because we have always, out of tree, used a different crypto library, until the recent Frankenzinc addition. This commit fixes the issue by advancing the pointers and state counter by the actual size processed. It also fixes up a bug in the (optional, costly) stride test that prevented it from running on arm64. Fixes: b3aad5bad26a ("crypto: arm64/chacha - expose arm64 ChaCha routine as library function") Reported-and-tested-by: Emil Renner Berthing <kernel@esmil.dk> Cc: Ard Biesheuvel <ardb@kernel.org> Cc: stable@vger.kernel.org # v5.5+ Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com> Reviewed-by: Eric Biggers <ebiggers@google.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Diffstat (limited to 'lib/crc32defs.h')
0 files changed, 0 insertions, 0 deletions