forked from ~ljy/RK356X_SDK_RELEASE

blame | history | patch | commit | commitdiff
hc
2024-05-10 37f49e37ab4cb5d0bc4c60eb5c6d4dd57db767bb 
 kernel/drivers/crypto/vmx/aesp8-ppc.pl
....@@ -50,7 +50,7 @@
5050 # Written by Andy Polyakov <appro@openssl.org> for the OpenSSL
5151 # project. The module is, however, dual licensed under OpenSSL and
5252 # CRYPTOGAMS licenses depending on where you obtain it. For further
53
-# details see http://www.openssl.org/~appro/cryptogams/.
53
+# details see https://www.openssl.org/~appro/cryptogams/.
5454 # ====================================================================
5555 #
5656 # This module implements support for AES instructions as per PowerISA
....@@ -1286,6 +1286,24 @@
12861286 
12871287 #########################################################################
12881288 {{{	# CTR procedure[s]						#
1289
+
1290
+####################### WARNING: Here be dragons! #######################
1291
+#
1292
+# This code is written as 'ctr32', based on a 32-bit counter used
1293
+# upstream. The kernel does *not* use a 32-bit counter. The kernel uses
1294
+# a 128-bit counter.
1295
+#
1296
+# This leads to subtle changes from the upstream code: the counter
1297
+# is incremented with vaddu_q_m rather than vaddu_w_m. This occurs in
1298
+# both the bulk (8 blocks at a time) path, and in the individual block
1299
+# path. Be aware of this when doing updates.
1300
+#
1301
+# See:
1302
+# 1d4aa0b4c181 ("crypto: vmx - Fixing AES-CTR counter bug")
1303
+# 009b30ac7444 ("crypto: vmx - CTR: always increment IV as quadword")
1304
+# https://github.com/openssl/openssl/pull/8942
1305
+#
1306
+#########################################################################
12891307 my ($inp,$out,$len,$key,$ivp,$x10,$rounds,$idx)=map("r$_",(3..10));
12901308 my ($rndkey0,$rndkey1,$inout,$tmp)=		map("v$_",(0..3));
12911309 my ($ivec,$inptail,$inpperm,$outhead,$outperm,$outmask,$keyperm,$one)=
....@@ -1357,7 +1375,7 @@
13571375 	addi		$idx,$idx,16
13581376 	bdnz		Loop_ctr32_enc
13591377 
1360
-	vadduqm		$ivec,$ivec,$one
1378
+	vadduqm		$ivec,$ivec,$one	# Kernel change for 128-bit
13611379 	 vmr		$dat,$inptail
13621380 	 lvx		$inptail,0,$inp
13631381 	 addi		$inp,$inp,16
....@@ -1501,7 +1519,7 @@
15011519 	$SHL		$len,$len,4
15021520 
15031521 	vadduqm		$out1,$ivec,$one	# counter values ...
1504
-	vadduqm		$out2,$ivec,$two
1522
+	vadduqm		$out2,$ivec,$two	# (do all ctr adds as 128-bit)
15051523 	vxor		$out0,$ivec,$rndkey0	# ... xored with rndkey[0]
15061524 	 le?li		$idx,8
15071525 	vadduqm		$out3,$out1,$two