diff options
| author | Eric Biggers <ebiggers@kernel.org> | 2026-04-19 23:33:46 -0700 |
|---|---|---|
| committer | Herbert Xu <herbert@gondor.apana.org.au> | 2026-05-07 16:09:59 +0800 |
| commit | ddc4dedb9ba3c8eecbc8c050fffd46d1b7e75c21 (patch) | |
| tree | d9873c4421300070bee77c16161a86e3a9148e1c /crypto | |
| parent | 39a31ad9e2a5ed7e9c9c6f711dca96c8c8f5f26b (diff) | |
| download | linux-next-history-ddc4dedb9ba3c8eecbc8c050fffd46d1b7e75c21.tar.gz | |
crypto: drbg - Fix misaligned writes in CTR_DRBG and HASH_DRBG
drbg_cpu_to_be32() is being used to do a plain write to a byte array,
which doesn't have any alignment guarantee. This can cause a misaligned
write. Replace it with the correct function, put_unaligned_be32().
Fixes: 72f3e00dd67e ("crypto: drbg - replace int2byte with cpu_to_be")
Cc: stable@vger.kernel.org
Signed-off-by: Eric Biggers <ebiggers@kernel.org>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Diffstat (limited to 'crypto')
| -rw-r--r-- | crypto/df_sp80090a.c | 7 | ||||
| -rw-r--r-- | crypto/drbg.c | 3 |
2 files changed, 6 insertions, 4 deletions
diff --git a/crypto/df_sp80090a.c b/crypto/df_sp80090a.c index b8134be6f7ad9..f4bb7be016e85 100644 --- a/crypto/df_sp80090a.c +++ b/crypto/df_sp80090a.c @@ -10,6 +10,7 @@ #include <linux/kernel.h> #include <linux/module.h> #include <linux/string.h> +#include <linux/unaligned.h> #include <crypto/aes.h> #include <crypto/df_sp80090a.h> #include <crypto/internal/drbg.h> @@ -141,10 +142,10 @@ int crypto_drbg_ctr_df(struct aes_enckey *aeskey, /* 10.4.2 step 2 -- calculate the entire length of all input data */ list_for_each_entry(seed, seedlist, list) inputlen += seed->len; - drbg_cpu_to_be32(inputlen, &L_N[0]); + put_unaligned_be32(inputlen, &L_N[0]); /* 10.4.2 step 3 */ - drbg_cpu_to_be32(bytes_to_return, &L_N[4]); + put_unaligned_be32(bytes_to_return, &L_N[4]); /* 10.4.2 step 5: length is L_N, input_string, one byte, padding */ padlen = (inputlen + sizeof(L_N) + 1) % (blocklen_bytes); @@ -175,7 +176,7 @@ int crypto_drbg_ctr_df(struct aes_enckey *aeskey, * holds zeros after allocation -- even the increment of i * is irrelevant as the increment remains within length of i */ - drbg_cpu_to_be32(i, iv); + put_unaligned_be32(i, iv); /* 10.4.2 step 9.2 -- BCC and concatenation with temp */ drbg_ctr_bcc(aeskey, temp + templen, K, &bcc_list, blocklen_bytes, keylen); diff --git a/crypto/drbg.c b/crypto/drbg.c index e4eb78ed222b9..de4c69032155e 100644 --- a/crypto/drbg.c +++ b/crypto/drbg.c @@ -103,6 +103,7 @@ #include <linux/kernel.h> #include <linux/jiffies.h> #include <linux/string_choices.h> +#include <linux/unaligned.h> /*************************************************************** * Backend cipher definitions available to DRBG @@ -601,7 +602,7 @@ static int drbg_hash_df(struct drbg_state *drbg, /* 10.4.1 step 3 */ input[0] = 1; - drbg_cpu_to_be32((outlen * 8), &input[1]); + put_unaligned_be32(outlen * 8, &input[1]); /* 10.4.1 step 4.1 -- concatenation of data for input into hash */ drbg_string_fill(&data, input, 5); |