mirror of
https://github.com/torvalds/linux.git
synced 2024-12-28 22:02:28 +00:00
crypto: gcm - fix assumption that assoc has one segment
rfc4543(gcm(*)) code for GMAC assumes that assoc scatterlist always contains only one segment and only makes use of this first segment. However ipsec passes assoc with three segments when using 'extended sequence number' thus in this case rfc4543(gcm(*)) fails to function correctly. Patch fixes this issue. Reported-by: Chaoxing Lin <Chaoxing.Lin@ultra-3eti.com> Tested-by: Chaoxing Lin <Chaoxing.Lin@ultra-3eti.com> Cc: stable@vger.kernel.org Signed-off-by: Jussi Kivilinna <jussi.kivilinna@iki.fi> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
This commit is contained in:
parent
246bbedb9a
commit
d3dde52209
17
crypto/gcm.c
17
crypto/gcm.c
@ -44,6 +44,7 @@ struct crypto_rfc4543_ctx {
|
||||
|
||||
struct crypto_rfc4543_req_ctx {
|
||||
u8 auth_tag[16];
|
||||
u8 assocbuf[32];
|
||||
struct scatterlist cipher[1];
|
||||
struct scatterlist payload[2];
|
||||
struct scatterlist assoc[2];
|
||||
@ -1133,9 +1134,19 @@ static struct aead_request *crypto_rfc4543_crypt(struct aead_request *req,
|
||||
scatterwalk_crypto_chain(payload, dst, vdst == req->iv + 8, 2);
|
||||
assoclen += 8 + req->cryptlen - (enc ? 0 : authsize);
|
||||
|
||||
sg_init_table(assoc, 2);
|
||||
sg_set_page(assoc, sg_page(req->assoc), req->assoc->length,
|
||||
req->assoc->offset);
|
||||
if (req->assoc->length == req->assoclen) {
|
||||
sg_init_table(assoc, 2);
|
||||
sg_set_page(assoc, sg_page(req->assoc), req->assoc->length,
|
||||
req->assoc->offset);
|
||||
} else {
|
||||
BUG_ON(req->assoclen > sizeof(rctx->assocbuf));
|
||||
|
||||
scatterwalk_map_and_copy(rctx->assocbuf, req->assoc, 0,
|
||||
req->assoclen, 0);
|
||||
|
||||
sg_init_table(assoc, 2);
|
||||
sg_set_buf(assoc, rctx->assocbuf, req->assoclen);
|
||||
}
|
||||
scatterwalk_crypto_chain(assoc, payload, 0, 2);
|
||||
|
||||
aead_request_set_tfm(subreq, ctx->child);
|
||||
|
Loading…
Reference in New Issue
Block a user