From: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
To: linux-kernel@vger.kernel.org
Cc: Greg Kroah-Hartman <gregkh@linuxfoundation.org>,
stable@vger.kernel.org,
Chaoxing Lin <Chaoxing.Lin@ultra-3eti.com>,
Jussi Kivilinna <jussi.kivilinna@iki.fi>,
Herbert Xu <herbert@gondor.hengli.com.au>
Subject: [ 21/29] crypto: gcm - fix assumption that assoc has one segment
Date: Wed, 10 Apr 2013 15:49:39 -0700 [thread overview]
Message-ID: <20130410224806.244331282@linuxfoundation.org> (raw)
In-Reply-To: <20130410224804.061806042@linuxfoundation.org>
3.4-stable review patch. If anyone has any objections, please let me know.
------------------
From: Jussi Kivilinna <jussi.kivilinna@iki.fi>
commit d3dde52209ab571e4e2ec26c66f85ad1355f7475 upstream.
rfc4543(gcm(*)) code for GMAC assumes that assoc scatterlist always contains
only one segment and only makes use of this first segment. However ipsec passes
assoc with three segments when using 'extended sequence number' thus in this
case rfc4543(gcm(*)) fails to function correctly. Patch fixes this issue.
Reported-by: Chaoxing Lin <Chaoxing.Lin@ultra-3eti.com>
Tested-by: Chaoxing Lin <Chaoxing.Lin@ultra-3eti.com>
Signed-off-by: Jussi Kivilinna <jussi.kivilinna@iki.fi>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
---
crypto/gcm.c | 17 ++++++++++++++---
1 file changed, 14 insertions(+), 3 deletions(-)
--- a/crypto/gcm.c
+++ b/crypto/gcm.c
@@ -44,6 +44,7 @@ struct crypto_rfc4543_ctx {
struct crypto_rfc4543_req_ctx {
u8 auth_tag[16];
+ u8 assocbuf[32];
struct scatterlist cipher[1];
struct scatterlist payload[2];
struct scatterlist assoc[2];
@@ -1142,9 +1143,19 @@ static struct aead_request *crypto_rfc45
scatterwalk_crypto_chain(payload, dst, vdst == req->iv + 8, 2);
assoclen += 8 + req->cryptlen - (enc ? 0 : authsize);
- sg_init_table(assoc, 2);
- sg_set_page(assoc, sg_page(req->assoc), req->assoc->length,
- req->assoc->offset);
+ if (req->assoc->length == req->assoclen) {
+ sg_init_table(assoc, 2);
+ sg_set_page(assoc, sg_page(req->assoc), req->assoc->length,
+ req->assoc->offset);
+ } else {
+ BUG_ON(req->assoclen > sizeof(rctx->assocbuf));
+
+ scatterwalk_map_and_copy(rctx->assocbuf, req->assoc, 0,
+ req->assoclen, 0);
+
+ sg_init_table(assoc, 2);
+ sg_set_buf(assoc, rctx->assocbuf, req->assoclen);
+ }
scatterwalk_crypto_chain(assoc, payload, 0, 2);
aead_request_set_tfm(subreq, ctx->child);
next prev parent reply other threads:[~2013-04-10 22:59 UTC|newest]
Thread overview: 31+ messages / expand[flat|nested] mbox.gz Atom feed top
2013-04-10 22:49 [ 00/29] 3.4.40-stable review Greg Kroah-Hartman
2013-04-10 22:49 ` [ 01/29] ASoC: dma-sh7760: Fix compile error Greg Kroah-Hartman
2013-04-10 22:49 ` [ 02/29] regmap: cache Fix regcache-rbtree sync Greg Kroah-Hartman
2013-04-10 22:49 ` [ 03/29] spi/s3c64xx: modified error interrupt handling and init Greg Kroah-Hartman
2013-04-10 22:49 ` [ 04/29] spi/mpc512x-psc: optionally keep PSC SS asserted across xfer segmensts Greg Kroah-Hartman
2013-04-10 22:49 ` [ 05/29] UBIFS: make space fixup work in the remount case Greg Kroah-Hartman
2013-04-10 22:49 ` [ 06/29] reiserfs: Fix warning and inode leak when deleting inode with xattrs Greg Kroah-Hartman
2013-04-10 22:49 ` [ 07/29] ALSA: hda - bug fix on return value when getting HDMI ELD info Greg Kroah-Hartman
2013-04-10 22:49 ` [ 08/29] ALSA: hda - Enabling Realtek ALC 671 codec Greg Kroah-Hartman
2013-04-10 22:49 ` [ 09/29] ALSA: hda - fix typo in proc output Greg Kroah-Hartman
2013-04-10 22:49 ` [ 10/29] EISA/PCI: Init EISA early, before PNP Greg Kroah-Hartman
2013-04-10 22:49 ` [ 11/29] EISA/PCI: Fix bus res reference Greg Kroah-Hartman
2013-04-10 22:49 ` [ 12/29] libata: Use integer return value for atapi_command_packet_set Greg Kroah-Hartman
2013-04-10 22:49 ` [ 13/29] libata: Set max sector to 65535 for Slimtype DVD A DS8A8SH drive Greg Kroah-Hartman
2013-04-10 22:49 ` [ 14/29] alpha: Add irongate_io to PCI bus resources Greg Kroah-Hartman
2013-04-10 22:49 ` [ 15/29] ata_piix: Fix DVD not dectected at some Haswell platforms Greg Kroah-Hartman
2013-04-10 22:49 ` [ 16/29] ftrace: Consistently restore trace function on sysctl enabling Greg Kroah-Hartman
2013-04-10 22:49 ` [ 17/29] powerpc: pSeries_lpar_hpte_remove fails from Adjunct partition being performed before the ANDCOND test Greg Kroah-Hartman
2013-04-10 22:49 ` [ 18/29] x86: remove the x32 syscall bitmask from syscall_get_nr() Greg Kroah-Hartman
2013-04-10 22:49 ` [ 19/29] hwspinlock: fix __hwspin_lock_request error path Greg Kroah-Hartman
2013-04-10 22:49 ` [ 20/29] spinlocks and preemption points need to be at least compiler barriers Greg Kroah-Hartman
2013-04-10 22:49 ` Greg Kroah-Hartman [this message]
2013-04-10 22:49 ` [ 22/29] block: avoid using uninitialized value in from queue_var_store Greg Kroah-Hartman
2013-04-10 22:49 ` [ 23/29] x86: Fix rebuild with EFI_STUB enabled Greg Kroah-Hartman
2013-04-10 22:49 ` [ 24/29] thermal: return an error on failure to register thermal class Greg Kroah-Hartman
2013-04-10 22:49 ` [ 25/29] panic: fix a possible deadlock in panic() Greg Kroah-Hartman
2013-04-10 22:49 ` [ 26/29] mm: prevent mmap_cache race in find_vma() Greg Kroah-Hartman
2013-04-10 22:49 ` [ 27/29] Revert "mwifiex: cancel cmd timer and free curr_cmd in shutdown process Greg Kroah-Hartman
2013-04-10 22:49 ` [ 28/29] can: gw: use kmem_cache_free() instead of kfree() Greg Kroah-Hartman
2013-04-10 22:49 ` [ 29/29] rt2x00: rt2x00pci_regbusy_read() - only print register access failure once Greg Kroah-Hartman
2013-04-11 16:29 ` [ 00/29] 3.4.40-stable review Shuah Khan
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20130410224806.244331282@linuxfoundation.org \
--to=gregkh@linuxfoundation.org \
--cc=Chaoxing.Lin@ultra-3eti.com \
--cc=herbert@gondor.hengli.com.au \
--cc=jussi.kivilinna@iki.fi \
--cc=linux-kernel@vger.kernel.org \
--cc=stable@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).