[CRYPTO] Handle unaligned iv from encrypt_iv/decrypt_iv

Even though cit_iv is now always aligned, the user can still supply an unaligned iv through crypto_cipher_encrypt_iv/crypto_cipher_decrypt_iv. This patch will check the alignment of the user-supplied iv and copy it if necessary. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> Signed-off-by: David S. Miller <davem@davemloft.net>

[CRYPTO] Handle unaligned iv from encrypt_iv/decrypt_iv
Even though cit_iv is now always aligned, the user can still supply an unaligned iv through crypto_cipher_encrypt_iv/crypto_cipher_decrypt_iv. This patch will check the alignment of the user-supplied iv and copy it if necessary. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> Signed-off-by: David S. Miller <davem@davemloft.net>
Herbert Xu · David S. Miller
1 parent fbdae9f3e7
Showing 1 changed file with 27 additions and 2 deletions Side-by-side Diff
crypto/cipher.c
@@ -154,6 +154,31 @@
 	return 0;
 }
  
+static int crypt_iv_unaligned(struct cipher_desc *desc,
+			      struct scatterlist *dst,
+			      struct scatterlist *src,
+			      unsigned int nbytes)
+{
+	struct crypto_tfm *tfm = desc->tfm;
+	unsigned int alignmask = crypto_tfm_alg_alignmask(tfm);
+	u8 *iv = desc->info;
+
+	if (unlikely(((unsigned long)iv & alignmask))) {
+		unsigned int ivsize = tfm->crt_cipher.cit_ivsize;
+		u8 buffer[ivsize + alignmask];
+		u8 *tmp = (u8 *)ALIGN((unsigned long)buffer, alignmask + 1);
+		int err;
+
+		desc->info = memcpy(tmp, iv, ivsize);
+		err = crypt(desc, dst, src, nbytes);
+		memcpy(iv, tmp, ivsize);
+
+		return err;
+	}
+
+	return crypt(desc, dst, src, nbytes);
+}
+
 static unsigned int cbc_process_encrypt(const struct cipher_desc *desc,
 					u8 *dst, const u8 *src,
 					unsigned int nbytes)
@@ -298,7 +323,7 @@
 	desc.prfn = cipher->cia_encrypt_cbc ?: cbc_process_encrypt;
 	desc.info = iv;
  
-	return crypt(&desc, dst, src, nbytes);
+	return crypt_iv_unaligned(&desc, dst, src, nbytes);
 }
  
 static int cbc_decrypt(struct crypto_tfm *tfm,
@@ -330,7 +355,7 @@
 	desc.prfn = cipher->cia_decrypt_cbc ?: cbc_process_decrypt;
 	desc.info = iv;
  
-	return crypt(&desc, dst, src, nbytes);
+	return crypt_iv_unaligned(&desc, dst, src, nbytes);
 }
  
 static int nocrypt(struct crypto_tfm *tfm,
...	...	@@ -154,6 +154,31 @@
154	154	return 0;
155	155	}
156	156
	157	+static int crypt_iv_unaligned(struct cipher_desc *desc,
	158	+ struct scatterlist *dst,
	159	+ struct scatterlist *src,
	160	+ unsigned int nbytes)
	161	+{
	162	+ struct crypto_tfm *tfm = desc->tfm;
	163	+ unsigned int alignmask = crypto_tfm_alg_alignmask(tfm);
	164	+ u8 *iv = desc->info;
	165	+
	166	+ if (unlikely(((unsigned long)iv & alignmask))) {
	167	+ unsigned int ivsize = tfm->crt_cipher.cit_ivsize;
	168	+ u8 buffer[ivsize + alignmask];
	169	+ u8 tmp = (u8 )ALIGN((unsigned long)buffer, alignmask + 1);
	170	+ int err;
	171	+
	172	+ desc->info = memcpy(tmp, iv, ivsize);
	173	+ err = crypt(desc, dst, src, nbytes);
	174	+ memcpy(iv, tmp, ivsize);
	175	+
	176	+ return err;
	177	+ }
	178	+
	179	+ return crypt(desc, dst, src, nbytes);
	180	+}
	181	+
157	182	static unsigned int cbc_process_encrypt(const struct cipher_desc *desc,
158	183	u8 dst, const u8 src,
159	184	unsigned int nbytes)
...	...	@@ -298,7 +323,7 @@
298	323	desc.prfn = cipher->cia_encrypt_cbc ?: cbc_process_encrypt;
299	324	desc.info = iv;
300	325
301		- return crypt(&desc, dst, src, nbytes);
	326	+ return crypt_iv_unaligned(&desc, dst, src, nbytes);
302	327	}
303	328
304	329	static int cbc_decrypt(struct crypto_tfm *tfm,
...	...	@@ -330,7 +355,7 @@
330	355	desc.prfn = cipher->cia_decrypt_cbc ?: cbc_process_decrypt;
331	356	desc.info = iv;
332	357
333		- return crypt(&desc, dst, src, nbytes);
	358	+ return crypt_iv_unaligned(&desc, dst, src, nbytes);
334	359	}
335	360
336	361	static int nocrypt(struct crypto_tfm *tfm,