mirror of
git://git.openwrt.org/openwrt/openwrt.git
synced 2025-12-07 21:22:10 -05:00
ab270c6fbc
When handling non-aligned remaining data (not padded to 16 byte [AES_BLOCK_SIZE]), a full 16 byte block is read from the input buffer and written to the output buffer after en-/decryption. While code already assumes that an input buffer could have less than 16 byte remaining, as it can be seen by the code zeroing the remaining bytes till AES_BLOCK_SIZE, the full AES_BLOCK_SIZE is read. An output buffer size of a multiple of AES_BLOCK_SIZE is expected but never validated. To get rid of the read/write behind buffer, use a temporary buffer when dealing with not padded data and only write as much bytes to the output as we read. Do not memcpy directly to the register, to make used of the endian swap macro and to trigger the crypto start operator via the ID0R to trigger the register. Since we might need an endian swap for the output in future, use a temporary buffer for the output as well. The issue could not be observed so far, since all caller of ifx_deu_aes will ignore the padded (remaining) data. Considering that the minimum blocksize for the algorithm is set to AES_BLOCK_SIZE, the behaviour could be called expected. Signed-off-by: Mathias Kresin <dev@kresin.me> [fix commit title prefix] Signed-off-by: Daniel Kestrel <kestrel1974@t-online.de> |
||
|---|---|---|
| .. | ||
| acx-mac80211 | ||
| ath10k-ct | ||
| bcm27xx-gpu-fw | ||
| bcm63xx-cfe | ||
| bpf-headers | ||
| broadcom-wl | ||
| button-hotplug | ||
| cryptodev-linux | ||
| dtc/patches | ||
| gpio-button-hotplug | ||
| gpio-nct5104d | ||
| gpio-nxp-74hc153 | ||
| hwmon-gsc | ||
| lantiq | ||
| linux | ||
| mac80211 | ||
| mt76 | ||
| mt7621-qtn-rgmii | ||
| mwlwifi | ||
| nat46 | ||
| om-watchdog | ||
| rtc-rv5c386a | ||
| rtl8812au-ct | ||
| trelay | ||