summaryrefslogtreecommitdiffstats
path: root/crypto/af_alg.c
diff options
context:
space:
mode:
authorStephan Mueller <smueller@chronox.de>2017-11-10 11:04:52 +0100
committerHerbert Xu <herbert@gondor.apana.org.au>2017-11-24 06:23:36 +0100
commit8e1fa89aa8bc2870009b4486644e4a58f2e2a4f5 (patch)
tree30fc1296d5e3ac84f5f2e6642ad5b172535140b6 /crypto/af_alg.c
parentlib/mpi: call cond_resched() from mpi_powm() loop (diff)
downloadlinux-8e1fa89aa8bc2870009b4486644e4a58f2e2a4f5.tar.xz
linux-8e1fa89aa8bc2870009b4486644e4a58f2e2a4f5.zip
crypto: algif_aead - skip SGL entries with NULL page
The TX SGL may contain SGL entries that are assigned a NULL page. This may happen if a multi-stage AIO operation is performed where the data for each stage is pointed to by one SGL entry. Upon completion of that stage, af_alg_pull_tsgl will assign NULL to the SGL entry. The NULL cipher used to copy the AAD from TX SGL to the destination buffer, however, cannot handle the case where the SGL starts with an SGL entry having a NULL page. Thus, the code needs to advance the start pointer into the SGL to the first non-NULL entry. This fixes a crash visible on Intel x86 32 bit using the libkcapi test suite. Cc: <stable@vger.kernel.org> Fixes: 72548b093ee38 ("crypto: algif_aead - copy AAD from src to dst") Signed-off-by: Stephan Mueller <smueller@chronox.de> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Diffstat (limited to 'crypto/af_alg.c')
0 files changed, 0 insertions, 0 deletions