On Sun, Mar 02, 2008 at 11:09:10AM +0000, Sebastian Siewior wrote: > The XTS blockmode uses a copy of the IV which is saved on the stack > and may or may not be properly aligned. If it is not, it will break > hardware cipher like the geode or padlock. > This patch moves the copy of IV to the private structre which has the > same aligment as the underlying cipher. > > Tested-by: Stefan Hellermann <stefan@xxxxxxxxxxxxxx> > Signed-off-by: Sebastian Siewior <sebastian@xxxxxxxxxxxxx> Sorry but this patch isn't right. > +struct sinfo { > + be128 t; > + struct crypto_tfm *tfm; > + void (*fn)(struct crypto_tfm *, u8 *, const u8 *); > +}; > + > struct priv { > + /* s.t being the first member in this struct enforces proper alignment > + * required by the underlying cipher without explicit knowing the it. > + */ > + struct sinfo s; tfm objects should be reentrant so you can't store any per-op info in the context structure. > - tw(crypto_cipher_tfm(ctx->tweak), (void *)&s.t, w->iv); > + tw(crypto_cipher_tfm(ctx->tweak), (void *)&s->t, w->iv); However, the real question is why do we need this at all? The tw argument should be using the proper entry points that do copying for you if necessary. OK, I see that the issue is that we're using cia_encrypt instead of cit_encrypt_one. So if we just change that then it should work correctly. Cheers, -- Visit Openswan at http://www.openswan.org/ Email: Herbert Xu ~{PmV>HI~} <herbert@xxxxxxxxxxxxxxxxxxx> Home Page: http://gondor.apana.org.au/~herbert/ PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt -- To unsubscribe from this list: send the line "unsubscribe linux-crypto" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html