• Ard Biesheuvel's avatar
    crypto: arm/aes update NEON AES module to latest OpenSSL version · 001eabfd
    Ard Biesheuvel authored
    This updates the bit sliced AES module to the latest version in the
    upstream OpenSSL repository (e620e5ae37bc). This is needed to fix a
    bug in the XTS decryption path, where data chunked in a certain way
    could trigger the ciphertext stealing code, which is not supposed to
    be active in the kernel build (The kernel implementation of XTS only
    supports round multiples of the AES block size of 16 bytes, whereas
    the conformant OpenSSL implementation of XTS supports inputs of
    arbitrary size by applying ciphertext stealing). This is fixed in
    the upstream version by adding the missing #ifndef XTS_CHAIN_TWEAK
    around the offending instructions.
    
    The upstream code also contains the change applied by Russell to
    build the code unconditionally, i.e., even if __LINUX_ARM_ARCH__ < 7,
    but implemented slightly differently.
    
    Cc: stable@vger.kernel.org
    Fixes: e4e7f10b ("ARM: add support for bit sliced AES using NEON instructions")
    Reported-by: default avatarAdrian Kotelba <adrian.kotelba@gmail.com>
    Signed-off-by: default avatarArd Biesheuvel <ard.biesheuvel@linaro.org>
    Tested-by: default avatarMilan Broz <gmazyland@gmail.com>
    Signed-off-by: default avatarHerbert Xu <herbert@gondor.apana.org.au>
    001eabfd
bsaes-armv7.pl 61.7 KB