mirror of
https://github.com/openwrt/openwrt.git
synced 2024-12-20 14:13:16 +00:00
d540725871
Without this patch, the chacha block counter is not incremented on neon rounds, resulting in incorrect calculations and corrupt packets. This also switches to using `--no-numbered --zero-commit` so that future diffs are smaller. Reported-by: Hans Geiblinger <cybrnook2002@yahoo.com> Reviewed-by: Ilya Lipnitskiy <ilya.lipnitskiy@gmail.com> Cc: David Bauer <mail@david-bauer.net> Cc: Petr Štetiar <ynezz@true.cz> Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
34 lines
1.3 KiB
Diff
34 lines
1.3 KiB
Diff
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
|
|
From: Eric Biggers <ebiggers@google.com>
|
|
Date: Fri, 23 Oct 2020 15:27:48 -0700
|
|
Subject: [PATCH] crypto: x86/poly1305 - add back a needed assignment
|
|
|
|
commit c3a98c3ad5c0dc60a1ac66bf91147a3f39cac96b upstream.
|
|
|
|
One of the assignments that was removed by commit 4a0c1de64bf9 ("crypto:
|
|
x86/poly1305 - Remove assignments with no effect") is actually needed,
|
|
since it affects the return value.
|
|
|
|
This fixes the following crypto self-test failure:
|
|
|
|
alg: shash: poly1305-simd test failed (wrong result) on test vector 2, cfg="init+update+final aligned buffer"
|
|
|
|
Fixes: 4a0c1de64bf9 ("crypto: x86/poly1305 - Remove assignments with no effect")
|
|
Signed-off-by: Eric Biggers <ebiggers@google.com>
|
|
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
|
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
|
|
---
|
|
arch/x86/crypto/poly1305_glue.c | 1 +
|
|
1 file changed, 1 insertion(+)
|
|
|
|
--- a/arch/x86/crypto/poly1305_glue.c
|
|
+++ b/arch/x86/crypto/poly1305_glue.c
|
|
@@ -157,6 +157,7 @@ static unsigned int crypto_poly1305_setd
|
|
dctx->s[1] = get_unaligned_le32(&inp[4]);
|
|
dctx->s[2] = get_unaligned_le32(&inp[8]);
|
|
dctx->s[3] = get_unaligned_le32(&inp[12]);
|
|
+ acc += POLY1305_BLOCK_SIZE;
|
|
dctx->sset = true;
|
|
}
|
|
}
|