Hello,
Please review the following patch which is supposed to fix unaligned access
on Blackfin architecture.
In function net/mac80211/wep.c ieee80211_wep_encrypt_data:
__le32 *icv;
icv = (__le32 *)(data + data_len);
after the operation above icv pointer may become unaligned.
The patch below fixes this issue:
--- linux-2.6.28-rc3/net/mac80211/wep.c 2008-11-20 00:04:58.000000000 -0500
+++ linux-2.6.86-rc3.new/net/mac80211/wep.c 2008-11-22
00:37:53.000000000 -0500
@@ -123,10 +123,10 @@
{
struct blkcipher_desc desc = { .tfm = tfm };
struct scatterlist sg;
- __le32 *icv;
+ __le32 icv;
- icv = (__le32 *)(data + data_len);
- *icv = cpu_to_le32(~crc32_le(~0, data, data_len));
+ icv = cpu_to_le32(~crc32_le(~0, data, data_len));
+ put_unaligned(icv, (__le32 *)(data + data_len));
crypto_blkcipher_setkey(tfm, rc4key, klen);
sg_init_one(&sg, data, data_len + WEP_ICV_LEN);
Comments?
Regards,
Ivan
On Sat, 2008-11-22 at 18:18 +0100, Johannes Berg wrote:
> On Sat, 2008-11-22 at 00:46 +0200, Ivan Kuten wrote:
>
> > - icv = (__le32 *)(data + data_len);
> > - *icv = cpu_to_le32(~crc32_le(~0, data, data_len));
> > + icv = cpu_to_le32(~crc32_le(~0, data, data_len));
> > + put_unaligned(icv, (__le32 *)(data + data_len));
>
> Aren't you putting a pointer now??
Never mind.
johannes
On Sat, 2008-11-22 at 00:46 +0200, Ivan Kuten wrote:
> Hello,
>
> Please review the following patch which is supposed to fix unaligned access
> on Blackfin architecture.
any other architecture too...
> In function net/mac80211/wep.c ieee80211_wep_encrypt_data:
> __le32 *icv;
> icv = (__le32 *)(data + data_len);
>
> after the operation above icv pointer may become unaligned.
> The patch below fixes this issue:
>
>
> --- linux-2.6.28-rc3/net/mac80211/wep.c 2008-11-20 00:04:58.000000000 -0500
> +++ linux-2.6.86-rc3.new/net/mac80211/wep.c 2008-11-22
> 00:37:53.000000000 -0500
> @@ -123,10 +123,10 @@
> {
> struct blkcipher_desc desc = { .tfm = tfm };
> struct scatterlist sg;
> - __le32 *icv;
> + __le32 icv;
>
> - icv = (__le32 *)(data + data_len);
> - *icv = cpu_to_le32(~crc32_le(~0, data, data_len));
> + icv = cpu_to_le32(~crc32_le(~0, data, data_len));
> + put_unaligned(icv, (__le32 *)(data + data_len));
>
looks fine, you just need to send a proper changelog and s-o-b
johannes
On Sat, 2008-11-22 at 00:46 +0200, Ivan Kuten wrote:
> - icv = (__le32 *)(data + data_len);
> - *icv = cpu_to_le32(~crc32_le(~0, data, data_len));
> + icv = cpu_to_le32(~crc32_le(~0, data, data_len));
> + put_unaligned(icv, (__le32 *)(data + data_len));
Aren't you putting a pointer now??
johannes