crypto: ofb - fix handling partial blocks and make thread-safe - openslx/kernel-qcow2-linux.git

diff options

author	Eric Biggers	2019-01-04 05:16:12 +0100
committer	Herbert Xu	2019-01-11 07:16:57 +0100
commit	b3e3e2db7de4a1ffe8845876c3520b866cd48de1 (patch)
tree	054f67cb1ec199892e706dabe17e95b7cd2b6a87 /crypto/pcbc.c
parent	crypto: cfb - remove bogus memcpy() with src == dest (diff)
download	kernel-qcow2-linux-b3e3e2db7de4a1ffe8845876c3520b866cd48de1.tar.gz kernel-qcow2-linux-b3e3e2db7de4a1ffe8845876c3520b866cd48de1.tar.xz kernel-qcow2-linux-b3e3e2db7de4a1ffe8845876c3520b866cd48de1.zip

crypto: ofb - fix handling partial blocks and make thread-safe

Fix multiple bugs in the OFB implementation: 1. It stored the per-request state 'cnt' in the tfm context, which can be used by multiple threads concurrently (e.g. via AF_ALG). 2. It didn't support messages not a multiple of the block cipher size, despite being a stream cipher. 3. It didn't set cra_blocksize to 1 to indicate it is a stream cipher. To fix these, set the 'chunksize' property to the cipher block size to guarantee that when walking through the scatterlist, a partial block can only occur at the end. Then change the implementation to XOR a block at a time at first, then XOR the partial block at the end if needed. This is the same way CTR and CFB are implemented. As a bonus, this also improves performance in most cases over the current approach. Fixes: e497c51896b3 ("crypto: ofb - add output feedback mode") Cc: <stable@vger.kernel.org> # v4.20+ Cc: Gilad Ben-Yossef <gilad@benyossef.com> Signed-off-by: Eric Biggers <ebiggers@google.com> Reviewed-by: Gilad Ben-Yossef <gilad@benyossef.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>

Diffstat (limited to 'crypto/pcbc.c')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: