| Message ID | 20180930195116.31658-1-ard.biesheuvel@linaro.org |
|---|---|
| State | Accepted |
| Commit | fd27b571c9f6cf95ddbdf9de7cf0aa8c8cfe8066 |
| Headers | show |
| Series | crypto: lrw - fix rebase error after out of bounds fix | expand |
On Sun, Sep 30, 2018 at 9:51 PM Ard Biesheuvel <ard.biesheuvel@linaro.org> wrote: > Due to an unfortunate interaction between commit fbe1a850b3b1 > ("crypto: lrw - Fix out-of bounds access on counter overflow") and > commit c778f96bf347 ("crypto: lrw - Optimize tweak computation"), > we ended up with a version of next_index() that always returns 127. Ouch, thanks for taking your time to investigate it and fix it! You are spot on that it was a rebase error... I need to get better at *always* testing what I post :/ > > Fixes: c778f96bf347 ("crypto: lrw - Optimize tweak computation") > Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org> Reviewed-by: Ondrej Mosnacek <omosnace@redhat.com> > --- > crypto/lrw.c | 7 +++---- > 1 file changed, 3 insertions(+), 4 deletions(-) > > diff --git a/crypto/lrw.c b/crypto/lrw.c > index 6fcf0d431185..0430ccd08728 100644 > --- a/crypto/lrw.c > +++ b/crypto/lrw.c > @@ -122,10 +122,9 @@ static int next_index(u32 *counter) > int i, res = 0; > > for (i = 0; i < 4; i++) { > - if (counter[i] + 1 != 0) { > - res += ffz(counter[i]++); > - break; > - } > + if (counter[i] + 1 != 0) > + return res + ffz(counter[i]++); > + > counter[i] = 0; > res += 32; > } > -- > 2.17.1 > -- Ondrej Mosnacek <omosnace at redhat dot com> Associate Software Engineer, Security Technologies Red Hat, Inc.
On Sun, Sep 30, 2018 at 09:51:16PM +0200, Ard Biesheuvel wrote: > Due to an unfortunate interaction between commit fbe1a850b3b1 > ("crypto: lrw - Fix out-of bounds access on counter overflow") and > commit c778f96bf347 ("crypto: lrw - Optimize tweak computation"), > we ended up with a version of next_index() that always returns 127. > > Fixes: c778f96bf347 ("crypto: lrw - Optimize tweak computation") > Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org> Patch applied. Thanks. -- Email: Herbert Xu <herbert@gondor.apana.org.au> Home Page: http://gondor.apana.org.au/~herbert/ PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt
diff --git a/crypto/lrw.c b/crypto/lrw.c index 6fcf0d431185..0430ccd08728 100644 --- a/crypto/lrw.c +++ b/crypto/lrw.c @@ -122,10 +122,9 @@ static int next_index(u32 *counter) int i, res = 0; for (i = 0; i < 4; i++) { - if (counter[i] + 1 != 0) { - res += ffz(counter[i]++); - break; - } + if (counter[i] + 1 != 0) + return res + ffz(counter[i]++); + counter[i] = 0; res += 32; }
Due to an unfortunate interaction between commit fbe1a850b3b1 ("crypto: lrw - Fix out-of bounds access on counter overflow") and commit c778f96bf347 ("crypto: lrw - Optimize tweak computation"), we ended up with a version of next_index() that always returns 127. Fixes: c778f96bf347 ("crypto: lrw - Optimize tweak computation") Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org> --- crypto/lrw.c | 7 +++---- 1 file changed, 3 insertions(+), 4 deletions(-) -- 2.17.1