UPSTREAM: crypto: poly1305 - use unaligned access macros to output digest

Currently the only part of poly1305-generic which is assuming special
alignment is the part where the final digest is written.  Switch this
over to the unaligned access macros so that we'll be able to remove the
cra_alignmask.

Signed-off-by: Eric Biggers <ebiggers@google.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
(cherry picked from commit fcfbeedf79adc7abaea35b0f88ec23cf546d3b77)
Bug: 112008522
Test: As series, see Ic61c13b53facfd2173065be715a7ee5f3af8760b
Change-Id: Id6347cebf899e2aef6fab355f3af3d2773582127
Signed-off-by: Eric Biggers <ebiggers@google.com>

diff --git a/crypto/poly1305_generic.c b/crypto/poly1305_generic.c
index ba39eb308c791dd88fb45a08337a2c9d7d13e024..38a13ae0f2a346a644d29b9cf472f41ca5c52b6d 100644 (file)
--- a/crypto/poly1305_generic.c
+++ b/crypto/poly1305_generic.c
@@ -204,7 +204,6 @@ EXPORT_SYMBOL_GPL(crypto_poly1305_update);
 int crypto_poly1305_final(struct shash_desc *desc, u8 *dst)
 {
        struct poly1305_desc_ctx *dctx = shash_desc_ctx(desc);
-       __le32 *mac = (__le32 *)dst;
        u32 h0, h1, h2, h3, h4;
        u32 g0, g1, g2, g3, g4;
        u32 mask;
@@ -261,10 +260,10 @@ int crypto_poly1305_final(struct shash_desc *desc, u8 *dst)
        h3 = (h3 >> 18) | (h4 <<  8);
 
        /* mac = (h + s) % (2^128) */
-       f = (f >> 32) + h0 + dctx->s[0]; mac[0] = cpu_to_le32(f);
-       f = (f >> 32) + h1 + dctx->s[1]; mac[1] = cpu_to_le32(f);
-       f = (f >> 32) + h2 + dctx->s[2]; mac[2] = cpu_to_le32(f);
-       f = (f >> 32) + h3 + dctx->s[3]; mac[3] = cpu_to_le32(f);
+       f = (f >> 32) + h0 + dctx->s[0]; put_unaligned_le32(f, dst +  0);
+       f = (f >> 32) + h1 + dctx->s[1]; put_unaligned_le32(f, dst +  4);
+       f = (f >> 32) + h2 + dctx->s[2]; put_unaligned_le32(f, dst +  8);
+       f = (f >> 32) + h3 + dctx->s[3]; put_unaligned_le32(f, dst + 12);
 
        return 0;
 }