diff options
| author | Eric Biggers <ebiggers@google.com> | 2019-01-31 23:51:39 -0800 |
|---|---|---|
| committer | Herbert Xu <herbert@gondor.apana.org.au> | 2019-02-08 15:30:08 +0800 |
| commit | 2060e284e9595fc3baed6e035903c05b93266555 (patch) | |
| tree | 684f2477a73cb2966574a1aecf5fe474be9816b8 /arch/x86/Makefile | |
| parent | ba6771c0a0bc2fac9d6a8759bab8493bd1cffe3b (diff) | |
| download | linux-2060e284e9595fc3baed6e035903c05b93266555.tar.gz linux-2060e284e9595fc3baed6e035903c05b93266555.tar.bz2 linux-2060e284e9595fc3baed6e035903c05b93266555.zip | |
crypto: x86/morus - fix handling chunked inputs and MAY_SLEEP
The x86 MORUS implementations all fail the improved AEAD tests because
they produce the wrong result with some data layouts. The issue is that
they assume that if the skcipher_walk API gives 'nbytes' not aligned to
the walksize (a.k.a. walk.stride), then it is the end of the data. In
fact, this can happen before the end.
Also, when the CRYPTO_TFM_REQ_MAY_SLEEP flag is given, they can
incorrectly sleep in the skcipher_walk_*() functions while preemption
has been disabled by kernel_fpu_begin().
Fix these bugs.
Fixes: 56e8e57fc3a7 ("crypto: morus - Add common SIMD glue code for MORUS")
Cc: <stable@vger.kernel.org> # v4.18+
Cc: Ondrej Mosnacek <omosnace@redhat.com>
Signed-off-by: Eric Biggers <ebiggers@google.com>
Reviewed-by: Ondrej Mosnacek <omosnace@redhat.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Diffstat (limited to 'arch/x86/Makefile')
0 files changed, 0 insertions, 0 deletions