2008-01-10 03:03:12

by Herbert Xu

[permalink] [raw]
Subject: Re: LRW/XTS + Via Padlock Bug in 2.6.24-rc7?

On Wed, Jan 09, 2008 at 10:55:27PM +0000, Torben Viets wrote:
> eneral protection fault: 0000 [#1]
> Modules linked in: xt_TCPMSS xt_tcpmss iptable_mangle ipt_MASQUERADE
> xt_tcpudp xt_mark xt_state iptable_nat nf_nat nf_conntrack_ipv4
> iptable_filter ip_tables x_tables pppoe pppox af_packet ppp_generic slhc
> aes_i586
> CPU: 0
> EIP: 0060:[<c035b828>] Not tainted VLI
> EFLAGS: 00010292 ( #7)
> EIP is at aes_crypt_copy+0x28/0x40
> eax: f7639ff0 ebx: f6c24050 ecx: 00000001 edx: f6c24030
> esi: f7e89dc8 edi: f7639ff0 ebp: 00010000 esp: f7e89dc8

Thanks for the report. It would appear that your CPU goes one step
further than the other report and insists on having two blocks in the
destination too.

Please let me know whether this patch fixes the problem.

Visit Openswan at http://www.openswan.org/
Email: Herbert Xu ~{PmV>HI~} <[email protected]>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt
diff --git a/drivers/crypto/padlock-aes.c b/drivers/crypto/padlock-aes.c
index a337b69..ed3ae47 100644
--- a/drivers/crypto/padlock-aes.c
+++ b/drivers/crypto/padlock-aes.c
@@ -433,7 +433,8 @@ static void aes_crypt_copy(const u8 *in, u8 *out, u32 *key, struct cword *cword)
__attribute__ ((__aligned__(PADLOCK_ALIGNMENT)));

memcpy(tmp, in, AES_BLOCK_SIZE);
- padlock_xcrypt(tmp, out, key, cword);
+ padlock_xcrypt(tmp, tmp, key, cword);
+ memcpy(out, tmp, AES_BLOCK_SIZE);

static inline void aes_crypt(const u8 *in, u8 *out, u32 *key,