projects / wrapfs-3.14.y.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: a44ed69)
crypto: ccree - dec auth tag size from cryptlen map
authorGilad Ben-Yossef <gilad@benyossef.com>
Sun, 2 Feb 2020 16:19:14 +0000 (18:19 +0200)
committerGreg Kroah-Hartman <gregkh@linuxfoundation.org>
Fri, 17 Apr 2020 08:48:54 +0000 (10:48 +0200)
[ Upstream commit 8962c6d2c2b8ca51b0f188109015b15fc5f4da44 ]

Remove the auth tag size from cryptlen before mapping the destination
in out-of-place AEAD decryption thus resolving a crash with
extended testmgr tests.

Signed-off-by: Gilad Ben-Yossef <gilad@benyossef.com>
Reported-by: Geert Uytterhoeven <geert+renesas@glider.be>
Cc: stable@vger.kernel.org # v4.19+
Tested-by: Geert Uytterhoeven <geert+renesas@glider.be>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Signed-off-by: Sasha Levin <sashal@kernel.org>
drivers/crypto/ccree/cc_buffer_mgr.c patch | blob | history

diff --git a/drivers/crypto/ccree/cc_buffer_mgr.c b/drivers/crypto/ccree/cc_buffer_mgr.c
index 6681d113c0d676d5628ce2cc92c8abc18a253b90..77e31191e408ae4203889bf97766145195e8197c 100644 (file)
--- a/drivers/crypto/ccree/cc_buffer_mgr.c
+++ b/drivers/crypto/ccree/cc_buffer_mgr.c
@@ -1021,8 +1021,12 @@ static int cc_aead_chain_data(struct cc_drvdata *drvdata,
 
        if (req->src != req->dst) {
                size_for_map = areq_ctx->assoclen + req->cryptlen;
-               size_for_map += (direct == DRV_CRYPTO_DIRECTION_ENCRYPT) ?
-                               authsize : 0;
+
+               if (direct == DRV_CRYPTO_DIRECTION_ENCRYPT)
+                       size_for_map += authsize;
+               else
+                       size_for_map -= authsize;
+
                if (is_gcm4543)
                        size_for_map += crypto_aead_ivsize(tfm);
 
wrapfs-3.14.y