Google Git
Sign in
boringssl/boringssl/dedd23e59237922d4e21673cd8044b59c48fe28e^!/.
commit
dedd23e59237922d4e21673cd8044b59c48fe28e
[log]
author
Tamas Petz <tamas.petz@arm.com>
Fri Sep 17 10:38:37 2021 +0200
committer
Boringssl LUCI CQ <boringssl-scoped@luci-project-accounts.iam.gserviceaccount.com>
Thu Sep 23 15:17:27 2021 +0000
tree
90c1d9e13bccd9829e7350820d2835e433c954dc
parent
66e61c577d39e757bf491468f651461fa79fd5e1 [diff]
aarch64: Add missing LR validation in 'vpaes_cbc_encrypt'

There is an obvious bug there: upon entry to 'vpaes_cbc_encrypt'
LR may get signed. However, on the 'cbc_abort' path the LR is
not going to be unsigned before 'ret' is executed.

Found by manual code inspection.

Co-authored-by: Russ Butler <russ.butler@arm.com>

Change-Id: I646cdfaee28db59aafbbd412d4bb6ba022eff15b
Reviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/49605
Reviewed-by: David Benjamin <davidben@google.com>
Commit-Queue: David Benjamin <davidben@google.com>

diff --git a/crypto/fipsmodule/aes/asm/vpaes-armv8.pl b/crypto/fipsmodule/aes/asm/vpaes-armv8.pl
index 8b01fed..a39c1e4 100755
--- a/crypto/fipsmodule/aes/asm/vpaes-armv8.pl
+++ b/crypto/fipsmodule/aes/asm/vpaes-armv8.pl

@@ -1153,8 +1153,8 @@
 	st1	{v0.16b}, [$ivec]	// write ivec
 
 	ldp	x29,x30,[sp],#16
-	AARCH64_VALIDATE_LINK_REGISTER
 .Lcbc_abort:
+	AARCH64_VALIDATE_LINK_REGISTER
 	ret
 .size	vpaes_cbc_encrypt,.-vpaes_cbc_encrypt