The branch stable/13 has been updated by markj:
URL:
https://cgit.FreeBSD.org/src/commit/?id=045fc75ce490cca0aec8f412dd28bc1031e0919d
commit 045fc75ce490cca0aec8f412dd28bc1031e0919d
Author: Mark Johnston <ma...@freebsd.org>
AuthorDate: 2023-07-27 19:44:52 +0000
Commit: Mark Johnston <ma...@freebsd.org>
CommitDate: 2023-08-24 13:32:59 +0000
opencrypto: Respect alignment constraints in xor_and_encrypt()
Copy operands to an aligned buffer before performing operations which
require alignment. Otherwise it's possible for this code to trigger an
alignment fault on armv7.
Reviewed by: jhb
MFC after: 2 weeks
Sponsored by: Klara, Inc.
Sponsored by: Stormshield
Differential Revision: https://reviews.freebsd.org/D41211
(cherry picked from commit 96c2538121390c872f68ac48f97b35fb973c11dc)
---
sys/opencrypto/cbc_mac.c | 19 ++++++++-----------
1 file changed, 8 insertions(+), 11 deletions(-)
diff --git a/sys/opencrypto/cbc_mac.c b/sys/opencrypto/cbc_mac.c
index ed31dd946e48..ed9230beaf49 100644
--- a/sys/opencrypto/cbc_mac.c
+++ b/sys/opencrypto/cbc_mac.c
@@ -38,19 +38,16 @@ static void
xor_and_encrypt(struct aes_cbc_mac_ctx *ctx,
const uint8_t *src, uint8_t *dst)
{
- const uint64_t *b1;
- uint64_t *b2;
- uint64_t temp_block[CCM_CBC_BLOCK_LEN/sizeof(uint64_t)];
+#define NWORDS (CCM_CBC_BLOCK_LEN / sizeof(uint64_t))
+ uint64_t b1[NWORDS], b2[NWORDS], temp[NWORDS];
- b1 = (const uint64_t*)src;
- b2 = (uint64_t*)dst;
+ memcpy(b1, src, CCM_CBC_BLOCK_LEN);
+ memcpy(b2, dst, CCM_CBC_BLOCK_LEN);
- for (size_t count = 0;
- count < CCM_CBC_BLOCK_LEN/sizeof(uint64_t);
- count++) {
- temp_block[count] = b1[count] ^ b2[count];
- }
- rijndaelEncrypt(ctx->keysched, ctx->rounds, (void*)temp_block, dst);
+ for (size_t count = 0; count < NWORDS; count++)
+ temp[count] = b1[count] ^ b2[count];
+ rijndaelEncrypt(ctx->keysched, ctx->rounds, (void *)temp, dst);
+#undef NWORDS
}
void
