On Tue, Sep 11, 2018 at 08:05:10PM -0700, Eric Biggers wrote:
> From: Eric Biggers <ebigg...@google.com>
> 
> In commit 9f480faec58c ("crypto: chacha20 - Fix keystream alignment for
> chacha20_block()"), I had missed that chacha20_block() can be called
> directly on the buffer passed to get_random_bytes(), which can have any
> alignment.  So, while my commit didn't break anything, it didn't fully
> solve the alignment problems.
> 
> Revert my solution and just update chacha20_block() to use
> put_unaligned_le32(), so the output buffer need not be aligned.
> This is simpler, and on many CPUs it's the same speed.
> 
> But, I kept the 'tmp' buffers in extract_crng_user() and
> _get_random_bytes() 4-byte aligned, since that alignment is actually
> needed for _crng_backtrack_protect() too.
> 
> Reported-by: Stephan Müller <smuel...@chronox.de>
> Cc: Theodore Ts'o <ty...@mit.edu>
> Signed-off-by: Eric Biggers <ebigg...@google.com>
> ---
>  crypto/chacha20_generic.c |  7 ++++---
>  drivers/char/random.c     | 24 ++++++++++++------------
>  include/crypto/chacha20.h |  3 +--
>  lib/chacha20.c            |  6 +++---
>  4 files changed, 20 insertions(+), 20 deletions(-)

Patch applied.  Thanks.
-- 
Email: Herbert Xu <herb...@gondor.apana.org.au>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt

Reply via email to