Commit 3d2ea7d9 authored by Ard Biesheuvel's avatar Ard Biesheuvel Committed by Xie XiuQi
Browse files

crypto: arm64/aes-ccm - fix logical bug in AAD MAC handling 



mainline inclusion
from mainline-5.0
commit eaf46edf
category: bugfix
bugzilla: 11154
CVE: NA

-------------------------------------------------

The NEON MAC calculation routine fails to handle the case correctly
where there is some data in the buffer, and the input fills it up
exactly. In this case, we enter the loop at the end with w8 == 0,
while a negative value is assumed, and so the loop carries on until
the increment of the 32-bit counter wraps around, which is quite
obviously wrong.

So omit the loop altogether in this case, and exit right away.

Reported-by: default avatarEric Biggers <ebiggers@kernel.org>
Fixes: a3fd8210 ("arm64/crypto: AES in CCM mode using ARMv8 Crypto ...")
Cc: stable@vger.kernel.org
Signed-off-by: default avatarArd Biesheuvel <ard.biesheuvel@linaro.org>
Signed-off-by: default avatarHerbert Xu <herbert@gondor.apana.org.au>
Signed-off-by: default avatarChen Zhou <chenzhou10@huawei.com>
Reviewed-by: default avatarYang Yingliang <yangyingliang@huawei.com>
Signed-off-by: default avatarYang Yingliang <yangyingliang@huawei.com>
parent 88afc282
Show whitespace changes
Inline Side-by-side
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Please to comment