From patchwork Sun Jan 14 16:41:16 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ard Biesheuvel X-Patchwork-Id: 124441 Delivered-To: patch@linaro.org Received: by 10.46.64.148 with SMTP id r20csp421624lje; Sun, 14 Jan 2018 08:41:34 -0800 (PST) X-Google-Smtp-Source: ACJfBoualT+HmsffLiAcu6q+ZxXgdqQTox7129IN98H1rQ2RcNfWKNBm3awqTbLGD61jI7a3/oJJ X-Received: by 10.99.175.76 with SMTP id s12mr25318456pgo.328.1515948093986; Sun, 14 Jan 2018 08:41:33 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1515948093; cv=none; d=google.com; s=arc-20160816; b=0PAyHPhRB7aWXXMbXzc1xl/JsPs1Zi6u0dCtwsVzXi6REm2I08zb4YVAycX3f2Tgit +ZjOnnwdOjOjbDiOTkjcpE0VuSzIu7dtBWOsF4d5/KmaJVYoCMLvIDICjVCSulut5D75 DGnFShOOXluvSocb8lMSBsHu5YLg4p3yjNaEgwoaSspgT9gsS5ICJdTqz3O519RIkkCJ JCO7qVvzR8aiMyFedqBcVO+iHhOq7/E7qjId1bUdhFuEgCmfn1lgEANBatgeIU2mBN3v 1h7dxJEDCqEIlwfO1SKCGe+eTLdrz45IDOiNqVgneaFCaWTeLy/HJhApxyCPPp1Cy8ew JVeA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:references:in-reply-to:message-id:date :subject:cc:to:from:dkim-signature:arc-authentication-results; bh=mTQl3u17/xJbHEh1O6fNQ1UIvhljDtL76EQsnUId8nI=; b=ieagj4f/hhrQ2YRjj4nuWCIkQ3I/HYbcznJIlbXgvBA4MrkcbV4T5NIn1EnMdoDaNf H6P3mcRj2apo4+u1T58qK8X6gCT4t+B58ZmYra8X4y5i68nIpy9pO6ue7ESh1W3L6xk3 VoU0lGn1Pz5hig2RnpuA0nf7PQybt3+graYlsDlRXNOlDTjCYVpM4mGmVvQY1AyxcpCD RbuE1Pu+U40D7UZ6jX1WQcdvTXAUcq8IgWzZfXOa8FXFMGfaBMgCxi/gxAAgLxswEE/k 0z+JoljAH6eFPAEfnGZMnotKNyGS3JnWpI0wVnWR9X/+9xgAysNYBQ/oG56GokpI+EsU 9D4Q== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=bBiFW0C7; spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id e186si18965997pfe.182.2018.01.14.08.41.33; Sun, 14 Jan 2018 08:41:33 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=bBiFW0C7; spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1751780AbeANQlc (ORCPT + 1 other); Sun, 14 Jan 2018 11:41:32 -0500 Received: from mail-wm0-f66.google.com ([74.125.82.66]:44477 "EHLO mail-wm0-f66.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1751759AbeANQlc (ORCPT ); Sun, 14 Jan 2018 11:41:32 -0500 Received: by mail-wm0-f66.google.com with SMTP id t74so1887731wme.3 for ; Sun, 14 Jan 2018 08:41:31 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=mTQl3u17/xJbHEh1O6fNQ1UIvhljDtL76EQsnUId8nI=; b=bBiFW0C7ongfflpvziDj+idjFHbtCIpGLd7COZovesB2jUlC7ivQ+gfPI3r3S9idgZ NorBNsKqTjHFRpgp/ru9ZdCcTur6KBjV8cL5rnBIadVPiMEoMIzdbZ46YIL8/uwtWE0W XPyUmz9PEVj9D6NcsWAY1pF7Yha543ZKVlv+s= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=mTQl3u17/xJbHEh1O6fNQ1UIvhljDtL76EQsnUId8nI=; b=HwtCOkUEeWueuQ88ZeTKXO8xwfHTvOJ1K9UuTrs49PCc8AXiZMb0G+kqDQwA8hQoyx HP3cAsqVQmtSWy847g86K+UazTcK4FkFqWRlK2u8aT3Zk3lH2kTnOz2yPZGM1ldWAjEp 2PdNbhKrGM9xbVCMOKsxeupYCh0rVvAvIhhxMpGArfPxKzO4qSGM8GFR9fVxIzdP1GxC sfAFXAr8LGMWXVl0+qknNaDJ4lYwnkKD9Wilqh6qrobwfeaqdURDi7krYxLsDkkjml+I 39Fc6mAE8TuKEEYeIXj8+0FESOmLCJwi02lqBnZ8aqcHHD4UC5X9TyPHPq7ecnTMvqwR ETJQ== X-Gm-Message-State: AKwxytcbJqrneC5djvI1WG0t859O0kPtbkrmFbca6tKX8fQXxMzPqsTX wZDOjJLPY2vfqz9Bwmkx4sdUhw== X-Received: by 10.28.234.10 with SMTP id i10mr8388082wmh.14.1515948091005; Sun, 14 Jan 2018 08:41:31 -0800 (PST) Received: from localhost.localdomain ([105.141.218.128]) by smtp.gmail.com with ESMTPSA id q6sm24104197wrc.36.2018.01.14.08.41.28 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Sun, 14 Jan 2018 08:41:30 -0800 (PST) From: Ard Biesheuvel To: linux-arm-kernel@lists.infradead.org, linux-crypto@vger.kernel.org Cc: herbert@gondor.apana.org.au, will.deacon@arm.com, catalin.marinas@arm.com, steve.capper@linaro.org, jgarzik@redhat.com, arnd@arndb.de, Ard Biesheuvel Subject: [PATCH v2 1/3] crypto/generic: sha3 - fixes for alignment and big endian operation Date: Sun, 14 Jan 2018 16:41:16 +0000 Message-Id: <20180114164118.18330-2-ard.biesheuvel@linaro.org> X-Mailer: git-send-email 2.11.0 In-Reply-To: <20180114164118.18330-1-ard.biesheuvel@linaro.org> References: <20180114164118.18330-1-ard.biesheuvel@linaro.org> Sender: linux-crypto-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org Ensure that the input is byte swabbed before injecting it into the SHA3 transform. Use the get_unaligned() accessor for this so that we don't perform unaligned access inadvertently on architectures that do not support that. Signed-off-by: Ard Biesheuvel --- crypto/sha3_generic.c | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) -- 2.11.0 diff --git a/crypto/sha3_generic.c b/crypto/sha3_generic.c index 7e8ed96236ce..a68be626017c 100644 --- a/crypto/sha3_generic.c +++ b/crypto/sha3_generic.c @@ -18,6 +18,7 @@ #include #include #include +#include #define KECCAK_ROUNDS 24 @@ -149,7 +150,7 @@ static int sha3_update(struct shash_desc *desc, const u8 *data, unsigned int i; for (i = 0; i < sctx->rsizw; i++) - sctx->st[i] ^= ((u64 *) src)[i]; + sctx->st[i] ^= get_unaligned_le64(src + 8 * i); keccakf(sctx->st); done += sctx->rsiz; @@ -174,7 +175,7 @@ static int sha3_final(struct shash_desc *desc, u8 *out) sctx->buf[sctx->rsiz - 1] |= 0x80; for (i = 0; i < sctx->rsizw; i++) - sctx->st[i] ^= ((u64 *) sctx->buf)[i]; + sctx->st[i] ^= get_unaligned_le64(sctx->buf + 8 * i); keccakf(sctx->st);