diff options
author | Linus Torvalds <torvalds@g5.osdl.org> | 2006-03-21 12:33:19 -0500 |
---|---|---|
committer | Linus Torvalds <torvalds@g5.osdl.org> | 2006-03-21 12:33:19 -0500 |
commit | ec1248e70edc5cf7b485efcc7b41e44e10f422e5 (patch) | |
tree | 80ca10a1ad9dc572e131a56a93fcf0c63c14d168 | |
parent | 3d1f337b3e7378923c89f37afb573a918ef40be5 (diff) | |
parent | 55e9dce37ddf3ab358ba1d1e9eef4ee4bd8174a6 (diff) |
Merge master.kernel.org:/pub/scm/linux/kernel/git/herbert/crypto-2.6
* master.kernel.org:/pub/scm/linux/kernel/git/herbert/crypto-2.6:
[CRYPTO] aes: Fixed array boundary violation
[CRYPTO] tcrypt: Fix key alignment
[CRYPTO] all: Add missing cra_alignmask
[CRYPTO] all: Use kzalloc where possible
[CRYPTO] api: Align tfm context as wide as possible
[CRYPTO] twofish: Use rol32/ror32 where appropriate
-rw-r--r-- | arch/x86_64/crypto/aes.c | 7 | ||||
-rw-r--r-- | crypto/aes.c | 7 | ||||
-rw-r--r-- | crypto/api.c | 6 | ||||
-rw-r--r-- | crypto/deflate.c | 3 | ||||
-rw-r--r-- | crypto/des.c | 1 | ||||
-rw-r--r-- | crypto/serpent.c | 1 | ||||
-rw-r--r-- | crypto/tcrypt.h | 25 | ||||
-rw-r--r-- | crypto/twofish.c | 21 | ||||
-rw-r--r-- | drivers/crypto/padlock-aes.c | 6 | ||||
-rw-r--r-- | include/linux/crypto.h | 10 |
10 files changed, 49 insertions, 38 deletions
diff --git a/arch/x86_64/crypto/aes.c b/arch/x86_64/crypto/aes.c index fb1b961a2e2f..6f77e7700d32 100644 --- a/arch/x86_64/crypto/aes.c +++ b/arch/x86_64/crypto/aes.c | |||
@@ -77,12 +77,11 @@ static inline u8 byte(const u32 x, const unsigned n) | |||
77 | struct aes_ctx | 77 | struct aes_ctx |
78 | { | 78 | { |
79 | u32 key_length; | 79 | u32 key_length; |
80 | u32 E[60]; | 80 | u32 buf[120]; |
81 | u32 D[60]; | ||
82 | }; | 81 | }; |
83 | 82 | ||
84 | #define E_KEY ctx->E | 83 | #define E_KEY (&ctx->buf[0]) |
85 | #define D_KEY ctx->D | 84 | #define D_KEY (&ctx->buf[60]) |
86 | 85 | ||
87 | static u8 pow_tab[256] __initdata; | 86 | static u8 pow_tab[256] __initdata; |
88 | static u8 log_tab[256] __initdata; | 87 | static u8 log_tab[256] __initdata; |
diff --git a/crypto/aes.c b/crypto/aes.c index 0a6a5c143686..a5017292e066 100644 --- a/crypto/aes.c +++ b/crypto/aes.c | |||
@@ -75,12 +75,11 @@ byte(const u32 x, const unsigned n) | |||
75 | 75 | ||
76 | struct aes_ctx { | 76 | struct aes_ctx { |
77 | int key_length; | 77 | int key_length; |
78 | u32 E[60]; | 78 | u32 buf[120]; |
79 | u32 D[60]; | ||
80 | }; | 79 | }; |
81 | 80 | ||
82 | #define E_KEY ctx->E | 81 | #define E_KEY (&ctx->buf[0]) |
83 | #define D_KEY ctx->D | 82 | #define D_KEY (&ctx->buf[60]) |
84 | 83 | ||
85 | static u8 pow_tab[256] __initdata; | 84 | static u8 pow_tab[256] __initdata; |
86 | static u8 log_tab[256] __initdata; | 85 | static u8 log_tab[256] __initdata; |
diff --git a/crypto/api.c b/crypto/api.c index e26156f71839..80bba637fba7 100644 --- a/crypto/api.c +++ b/crypto/api.c | |||
@@ -165,7 +165,7 @@ static unsigned int crypto_ctxsize(struct crypto_alg *alg, int flags) | |||
165 | break; | 165 | break; |
166 | } | 166 | } |
167 | 167 | ||
168 | return len + alg->cra_alignmask; | 168 | return len + (alg->cra_alignmask & ~(crypto_tfm_ctx_alignment() - 1)); |
169 | } | 169 | } |
170 | 170 | ||
171 | struct crypto_tfm *crypto_alloc_tfm(const char *name, u32 flags) | 171 | struct crypto_tfm *crypto_alloc_tfm(const char *name, u32 flags) |
@@ -179,12 +179,10 @@ struct crypto_tfm *crypto_alloc_tfm(const char *name, u32 flags) | |||
179 | goto out; | 179 | goto out; |
180 | 180 | ||
181 | tfm_size = sizeof(*tfm) + crypto_ctxsize(alg, flags); | 181 | tfm_size = sizeof(*tfm) + crypto_ctxsize(alg, flags); |
182 | tfm = kmalloc(tfm_size, GFP_KERNEL); | 182 | tfm = kzalloc(tfm_size, GFP_KERNEL); |
183 | if (tfm == NULL) | 183 | if (tfm == NULL) |
184 | goto out_put; | 184 | goto out_put; |
185 | 185 | ||
186 | memset(tfm, 0, tfm_size); | ||
187 | |||
188 | tfm->__crt_alg = alg; | 186 | tfm->__crt_alg = alg; |
189 | 187 | ||
190 | if (crypto_init_flags(tfm, flags)) | 188 | if (crypto_init_flags(tfm, flags)) |
diff --git a/crypto/deflate.c b/crypto/deflate.c index bc73342cd1ec..f209368d62ae 100644 --- a/crypto/deflate.c +++ b/crypto/deflate.c | |||
@@ -73,12 +73,11 @@ static int deflate_decomp_init(struct deflate_ctx *ctx) | |||
73 | int ret = 0; | 73 | int ret = 0; |
74 | struct z_stream_s *stream = &ctx->decomp_stream; | 74 | struct z_stream_s *stream = &ctx->decomp_stream; |
75 | 75 | ||
76 | stream->workspace = kmalloc(zlib_inflate_workspacesize(), GFP_KERNEL); | 76 | stream->workspace = kzalloc(zlib_inflate_workspacesize(), GFP_KERNEL); |
77 | if (!stream->workspace ) { | 77 | if (!stream->workspace ) { |
78 | ret = -ENOMEM; | 78 | ret = -ENOMEM; |
79 | goto out; | 79 | goto out; |
80 | } | 80 | } |
81 | memset(stream->workspace, 0, zlib_inflate_workspacesize()); | ||
82 | ret = zlib_inflateInit2(stream, -DEFLATE_DEF_WINBITS); | 81 | ret = zlib_inflateInit2(stream, -DEFLATE_DEF_WINBITS); |
83 | if (ret != Z_OK) { | 82 | if (ret != Z_OK) { |
84 | ret = -EINVAL; | 83 | ret = -EINVAL; |
diff --git a/crypto/des.c b/crypto/des.c index 7bb548653dc6..2d74cab40c3e 100644 --- a/crypto/des.c +++ b/crypto/des.c | |||
@@ -965,6 +965,7 @@ static struct crypto_alg des3_ede_alg = { | |||
965 | .cra_blocksize = DES3_EDE_BLOCK_SIZE, | 965 | .cra_blocksize = DES3_EDE_BLOCK_SIZE, |
966 | .cra_ctxsize = sizeof(struct des3_ede_ctx), | 966 | .cra_ctxsize = sizeof(struct des3_ede_ctx), |
967 | .cra_module = THIS_MODULE, | 967 | .cra_module = THIS_MODULE, |
968 | .cra_alignmask = 3, | ||
968 | .cra_list = LIST_HEAD_INIT(des3_ede_alg.cra_list), | 969 | .cra_list = LIST_HEAD_INIT(des3_ede_alg.cra_list), |
969 | .cra_u = { .cipher = { | 970 | .cra_u = { .cipher = { |
970 | .cia_min_keysize = DES3_EDE_KEY_SIZE, | 971 | .cia_min_keysize = DES3_EDE_KEY_SIZE, |
diff --git a/crypto/serpent.c b/crypto/serpent.c index 52ad1a492620..e366406ab49d 100644 --- a/crypto/serpent.c +++ b/crypto/serpent.c | |||
@@ -481,6 +481,7 @@ static struct crypto_alg serpent_alg = { | |||
481 | .cra_flags = CRYPTO_ALG_TYPE_CIPHER, | 481 | .cra_flags = CRYPTO_ALG_TYPE_CIPHER, |
482 | .cra_blocksize = SERPENT_BLOCK_SIZE, | 482 | .cra_blocksize = SERPENT_BLOCK_SIZE, |
483 | .cra_ctxsize = sizeof(struct serpent_ctx), | 483 | .cra_ctxsize = sizeof(struct serpent_ctx), |
484 | .cra_alignmask = 3, | ||
484 | .cra_module = THIS_MODULE, | 485 | .cra_module = THIS_MODULE, |
485 | .cra_list = LIST_HEAD_INIT(serpent_alg.cra_list), | 486 | .cra_list = LIST_HEAD_INIT(serpent_alg.cra_list), |
486 | .cra_u = { .cipher = { | 487 | .cra_u = { .cipher = { |
diff --git a/crypto/tcrypt.h b/crypto/tcrypt.h index 733d07ed75e9..1f683ba794ee 100644 --- a/crypto/tcrypt.h +++ b/crypto/tcrypt.h | |||
@@ -26,37 +26,38 @@ | |||
26 | #define MAX_IVLEN 32 | 26 | #define MAX_IVLEN 32 |
27 | 27 | ||
28 | struct hash_testvec { | 28 | struct hash_testvec { |
29 | /* only used with keyed hash algorithms */ | ||
30 | char key[128] __attribute__ ((__aligned__(4))); | ||
29 | char plaintext[128]; | 31 | char plaintext[128]; |
30 | unsigned char psize; | ||
31 | char digest[MAX_DIGEST_SIZE]; | 32 | char digest[MAX_DIGEST_SIZE]; |
32 | unsigned char np; | ||
33 | unsigned char tap[MAX_TAP]; | 33 | unsigned char tap[MAX_TAP]; |
34 | char key[128]; /* only used with keyed hash algorithms */ | 34 | unsigned char psize; |
35 | unsigned char np; | ||
35 | unsigned char ksize; | 36 | unsigned char ksize; |
36 | }; | 37 | }; |
37 | 38 | ||
38 | struct hmac_testvec { | 39 | struct hmac_testvec { |
39 | char key[128]; | 40 | char key[128]; |
40 | unsigned char ksize; | ||
41 | char plaintext[128]; | 41 | char plaintext[128]; |
42 | unsigned char psize; | ||
43 | char digest[MAX_DIGEST_SIZE]; | 42 | char digest[MAX_DIGEST_SIZE]; |
44 | unsigned char np; | ||
45 | unsigned char tap[MAX_TAP]; | 43 | unsigned char tap[MAX_TAP]; |
44 | unsigned char ksize; | ||
45 | unsigned char psize; | ||
46 | unsigned char np; | ||
46 | }; | 47 | }; |
47 | 48 | ||
48 | struct cipher_testvec { | 49 | struct cipher_testvec { |
50 | char key[MAX_KEYLEN] __attribute__ ((__aligned__(4))); | ||
51 | char iv[MAX_IVLEN]; | ||
52 | char input[48]; | ||
53 | char result[48]; | ||
54 | unsigned char tap[MAX_TAP]; | ||
55 | int np; | ||
49 | unsigned char fail; | 56 | unsigned char fail; |
50 | unsigned char wk; /* weak key flag */ | 57 | unsigned char wk; /* weak key flag */ |
51 | char key[MAX_KEYLEN]; | ||
52 | unsigned char klen; | 58 | unsigned char klen; |
53 | char iv[MAX_IVLEN]; | ||
54 | char input[48]; | ||
55 | unsigned char ilen; | 59 | unsigned char ilen; |
56 | char result[48]; | ||
57 | unsigned char rlen; | 60 | unsigned char rlen; |
58 | int np; | ||
59 | unsigned char tap[MAX_TAP]; | ||
60 | }; | 61 | }; |
61 | 62 | ||
62 | struct cipher_speed { | 63 | struct cipher_speed { |
diff --git a/crypto/twofish.c b/crypto/twofish.c index a26d885486fb..ddfd5a3fcc5f 100644 --- a/crypto/twofish.c +++ b/crypto/twofish.c | |||
@@ -44,6 +44,7 @@ | |||
44 | #include <linux/types.h> | 44 | #include <linux/types.h> |
45 | #include <linux/errno.h> | 45 | #include <linux/errno.h> |
46 | #include <linux/crypto.h> | 46 | #include <linux/crypto.h> |
47 | #include <linux/bitops.h> | ||
47 | 48 | ||
48 | 49 | ||
49 | /* The large precomputed tables for the Twofish cipher (twofish.c) | 50 | /* The large precomputed tables for the Twofish cipher (twofish.c) |
@@ -542,9 +543,9 @@ static const u8 calc_sb_tbl[512] = { | |||
542 | #define CALC_K(a, j, k, l, m, n) \ | 543 | #define CALC_K(a, j, k, l, m, n) \ |
543 | x = CALC_K_2 (k, l, k, l, 0); \ | 544 | x = CALC_K_2 (k, l, k, l, 0); \ |
544 | y = CALC_K_2 (m, n, m, n, 4); \ | 545 | y = CALC_K_2 (m, n, m, n, 4); \ |
545 | y = (y << 8) + (y >> 24); \ | 546 | y = rol32(y, 8); \ |
546 | x += y; y += x; ctx->a[j] = x; \ | 547 | x += y; y += x; ctx->a[j] = x; \ |
547 | ctx->a[(j) + 1] = (y << 9) + (y >> 23) | 548 | ctx->a[(j) + 1] = rol32(y, 9) |
548 | 549 | ||
549 | #define CALC_K192_2(a, b, c, d, j) \ | 550 | #define CALC_K192_2(a, b, c, d, j) \ |
550 | CALC_K_2 (q0[a ^ key[(j) + 16]], \ | 551 | CALC_K_2 (q0[a ^ key[(j) + 16]], \ |
@@ -555,9 +556,9 @@ static const u8 calc_sb_tbl[512] = { | |||
555 | #define CALC_K192(a, j, k, l, m, n) \ | 556 | #define CALC_K192(a, j, k, l, m, n) \ |
556 | x = CALC_K192_2 (l, l, k, k, 0); \ | 557 | x = CALC_K192_2 (l, l, k, k, 0); \ |
557 | y = CALC_K192_2 (n, n, m, m, 4); \ | 558 | y = CALC_K192_2 (n, n, m, m, 4); \ |
558 | y = (y << 8) + (y >> 24); \ | 559 | y = rol32(y, 8); \ |
559 | x += y; y += x; ctx->a[j] = x; \ | 560 | x += y; y += x; ctx->a[j] = x; \ |
560 | ctx->a[(j) + 1] = (y << 9) + (y >> 23) | 561 | ctx->a[(j) + 1] = rol32(y, 9) |
561 | 562 | ||
562 | #define CALC_K256_2(a, b, j) \ | 563 | #define CALC_K256_2(a, b, j) \ |
563 | CALC_K192_2 (q1[b ^ key[(j) + 24]], \ | 564 | CALC_K192_2 (q1[b ^ key[(j) + 24]], \ |
@@ -568,9 +569,9 @@ static const u8 calc_sb_tbl[512] = { | |||
568 | #define CALC_K256(a, j, k, l, m, n) \ | 569 | #define CALC_K256(a, j, k, l, m, n) \ |
569 | x = CALC_K256_2 (k, l, 0); \ | 570 | x = CALC_K256_2 (k, l, 0); \ |
570 | y = CALC_K256_2 (m, n, 4); \ | 571 | y = CALC_K256_2 (m, n, 4); \ |
571 | y = (y << 8) + (y >> 24); \ | 572 | y = rol32(y, 8); \ |
572 | x += y; y += x; ctx->a[j] = x; \ | 573 | x += y; y += x; ctx->a[j] = x; \ |
573 | ctx->a[(j) + 1] = (y << 9) + (y >> 23) | 574 | ctx->a[(j) + 1] = rol32(y, 9) |
574 | 575 | ||
575 | 576 | ||
576 | /* Macros to compute the g() function in the encryption and decryption | 577 | /* Macros to compute the g() function in the encryption and decryption |
@@ -594,15 +595,15 @@ static const u8 calc_sb_tbl[512] = { | |||
594 | x = G1 (a); y = G2 (b); \ | 595 | x = G1 (a); y = G2 (b); \ |
595 | x += y; y += x + ctx->k[2 * (n) + 1]; \ | 596 | x += y; y += x + ctx->k[2 * (n) + 1]; \ |
596 | (c) ^= x + ctx->k[2 * (n)]; \ | 597 | (c) ^= x + ctx->k[2 * (n)]; \ |
597 | (c) = ((c) >> 1) + ((c) << 31); \ | 598 | (c) = ror32((c), 1); \ |
598 | (d) = (((d) << 1)+((d) >> 31)) ^ y | 599 | (d) = rol32((d), 1) ^ y |
599 | 600 | ||
600 | #define DECROUND(n, a, b, c, d) \ | 601 | #define DECROUND(n, a, b, c, d) \ |
601 | x = G1 (a); y = G2 (b); \ | 602 | x = G1 (a); y = G2 (b); \ |
602 | x += y; y += x; \ | 603 | x += y; y += x; \ |
603 | (d) ^= y + ctx->k[2 * (n) + 1]; \ | 604 | (d) ^= y + ctx->k[2 * (n) + 1]; \ |
604 | (d) = ((d) >> 1) + ((d) << 31); \ | 605 | (d) = ror32((d), 1); \ |
605 | (c) = (((c) << 1)+((c) >> 31)); \ | 606 | (c) = rol32((c), 1); \ |
606 | (c) ^= (x + ctx->k[2 * (n)]) | 607 | (c) ^= (x + ctx->k[2 * (n)]) |
607 | 608 | ||
608 | /* Encryption and decryption cycles; each one is simply two Feistel rounds | 609 | /* Encryption and decryption cycles; each one is simply two Feistel rounds |
diff --git a/drivers/crypto/padlock-aes.c b/drivers/crypto/padlock-aes.c index 0c08c58252be..5158a9db4bc5 100644 --- a/drivers/crypto/padlock-aes.c +++ b/drivers/crypto/padlock-aes.c | |||
@@ -284,7 +284,11 @@ aes_hw_extkey_available(uint8_t key_len) | |||
284 | 284 | ||
285 | static inline struct aes_ctx *aes_ctx(void *ctx) | 285 | static inline struct aes_ctx *aes_ctx(void *ctx) |
286 | { | 286 | { |
287 | return (struct aes_ctx *)ALIGN((unsigned long)ctx, PADLOCK_ALIGNMENT); | 287 | unsigned long align = PADLOCK_ALIGNMENT; |
288 | |||
289 | if (align <= crypto_tfm_ctx_alignment()) | ||
290 | align = 1; | ||
291 | return (struct aes_ctx *)ALIGN((unsigned long)ctx, align); | ||
288 | } | 292 | } |
289 | 293 | ||
290 | static int | 294 | static int |
diff --git a/include/linux/crypto.h b/include/linux/crypto.h index d88bf8aa8b47..0ab1bc1152ca 100644 --- a/include/linux/crypto.h +++ b/include/linux/crypto.h | |||
@@ -229,6 +229,8 @@ struct crypto_tfm { | |||
229 | } crt_u; | 229 | } crt_u; |
230 | 230 | ||
231 | struct crypto_alg *__crt_alg; | 231 | struct crypto_alg *__crt_alg; |
232 | |||
233 | char __crt_ctx[] __attribute__ ((__aligned__)); | ||
232 | }; | 234 | }; |
233 | 235 | ||
234 | /* | 236 | /* |
@@ -301,7 +303,13 @@ static inline unsigned int crypto_tfm_alg_alignmask(struct crypto_tfm *tfm) | |||
301 | 303 | ||
302 | static inline void *crypto_tfm_ctx(struct crypto_tfm *tfm) | 304 | static inline void *crypto_tfm_ctx(struct crypto_tfm *tfm) |
303 | { | 305 | { |
304 | return (void *)&tfm[1]; | 306 | return tfm->__crt_ctx; |
307 | } | ||
308 | |||
309 | static inline unsigned int crypto_tfm_ctx_alignment(void) | ||
310 | { | ||
311 | struct crypto_tfm *tfm; | ||
312 | return __alignof__(tfm->__crt_ctx); | ||
305 | } | 313 | } |
306 | 314 | ||
307 | /* | 315 | /* |