UPSTREAM: crypto: arm/aes-cipher - move S-box to .rodata section

Move the AES inverse S-box to the .rodata section
where it is safe from abuse by speculation.

Signed-off-by: Jinbum Park <jinb.park7@gmail.com>
Acked-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
(cherry picked from commit 4ff8b1dd814ba4c2dc4a8ce3cf77274e01bd1c93)
Bug: 112008522
Test: As series, see Ic61c13b53facfd2173065be715a7ee5f3af8760b
Change-Id: I87fb974fd13a7c8290b034412a88c36cf5dd94b7
Signed-off-by: Eric Biggers <ebiggers@google.com>

diff --git a/arch/arm/crypto/aes-cipher-core.S b/arch/arm/crypto/aes-cipher-core.S
index 54b384084637b7e574a1d15a52d16ffc572b815e..184d6c2d15d5e7b4a01803f6ba2b99ee7b8fbfc2 100644 (file)
--- a/arch/arm/crypto/aes-cipher-core.S
+++ b/arch/arm/crypto/aes-cipher-core.S
@@ -174,6 +174,16 @@
        .ltorg
        .endm
 
+ENTRY(__aes_arm_encrypt)
+       do_crypt        fround, crypto_ft_tab, crypto_ft_tab + 1, 2
+ENDPROC(__aes_arm_encrypt)
+
+       .align          5
+ENTRY(__aes_arm_decrypt)
+       do_crypt        iround, crypto_it_tab, __aes_arm_inverse_sbox, 0
+ENDPROC(__aes_arm_decrypt)
+
+       .section        ".rodata", "a"
        .align          L1_CACHE_SHIFT
        .type           __aes_arm_inverse_sbox, %object
 __aes_arm_inverse_sbox:
@@ -210,12 +220,3 @@ __aes_arm_inverse_sbox:
        .byte           0x17, 0x2b, 0x04, 0x7e, 0xba, 0x77, 0xd6, 0x26
        .byte           0xe1, 0x69, 0x14, 0x63, 0x55, 0x21, 0x0c, 0x7d
        .size           __aes_arm_inverse_sbox, . - __aes_arm_inverse_sbox
-
-ENTRY(__aes_arm_encrypt)
-       do_crypt        fround, crypto_ft_tab, crypto_ft_tab + 1, 2
-ENDPROC(__aes_arm_encrypt)
-
-       .align          5
-ENTRY(__aes_arm_decrypt)
-       do_crypt        iround, crypto_it_tab, __aes_arm_inverse_sbox, 0
-ENDPROC(__aes_arm_decrypt)