On Sun, Sep 30, 2018 at 9:51 PM Ard Biesheuvel
<ard.biesheuvel@xxxxxxxxxx> wrote:
> Due to an unfortunate interaction between commit fbe1a850b3b1
> ("crypto: lrw - Fix out-of bounds access on counter overflow") and
> commit c778f96bf347 ("crypto: lrw - Optimize tweak computation"),
> we ended up with a version of next_index() that always returns 127.
Ouch, thanks for taking your time to investigate it and fix it! You
are spot on that it was a rebase error... I need to get better at
*always* testing what I post :/
>
> Fixes: c778f96bf347 ("crypto: lrw - Optimize tweak computation")
> Signed-off-by: Ard Biesheuvel <ard.biesheuvel@xxxxxxxxxx>
Reviewed-by: Ondrej Mosnacek <omosnace@xxxxxxxxxx>
> ---
> crypto/lrw.c | 7 +++----
> 1 file changed, 3 insertions(+), 4 deletions(-)
>
> diff --git a/crypto/lrw.c b/crypto/lrw.c
> index 6fcf0d431185..0430ccd08728 100644
> --- a/crypto/lrw.c
> +++ b/crypto/lrw.c
> @@ -122,10 +122,9 @@ static int next_index(u32 *counter)
> int i, res = 0;
>
> for (i = 0; i < 4; i++) {
> - if (counter[i] + 1 != 0) {
> - res += ffz(counter[i]++);
> - break;
> - }
> + if (counter[i] + 1 != 0)
> + return res + ffz(counter[i]++);
> +
> counter[i] = 0;
> res += 32;
> }
> --
> 2.17.1
>
--
Ondrej Mosnacek <omosnace at redhat dot com>
Associate Software Engineer, Security Technologies
Red Hat, Inc.
