git.proxmox.com Git - mirror_ubuntu-focal-kernel.git/commit

author	Milan Broz <gmazyland@gmail.com>
	Mon, 6 Jan 2020 09:11:47 +0000 (10:11 +0100)
committer	Paolo Pisati <paolo.pisati@canonical.com>
	Mon, 17 Feb 2020 09:57:51 +0000 (10:57 +0100)
commit	edbbecfe5e9f3b3da6ccf9810cfae297dc66c7a6
tree	24eaf8f1a9928492c4ea3bfa2c266b5ab9811b3c	tree
parent	72302f66bb03813672567610832478a90946aa36	commit \| diff

dm crypt: fix benbi IV constructor crash if used in authenticated mode

BugLink: https://bugs.launchpad.net/bugs/1863588
commit 4ea9471fbd1addb25a4d269991dc724e200ca5b5 upstream.

If benbi IV is used in AEAD construction, for example:
  cryptsetup luksFormat <device> --cipher twofish-xts-benbi --key-size 512 --integrity=hmac-sha256
the constructor uses wrong skcipher function and crashes:

BUG: kernel NULL pointer dereference, address: 00000014
...
EIP: crypt_iv_benbi_ctr+0x15/0x70 [dm_crypt]
Call Trace:
  ? crypt_subkey_size+0x20/0x20 [dm_crypt]
  crypt_ctr+0x567/0xfc0 [dm_crypt]
  dm_table_add_target+0x15f/0x340 [dm_mod]

Fix this by properly using crypt_aead_blocksize() in this case.

Fixes: ef43aa38063a6 ("dm crypt: add cryptographic data integrity protection (authenticated encryption)")
Cc: stable@vger.kernel.org # v4.12+
Link: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=941051
Reported-by: Jerad Simpson <jbsimpson@gmail.com>
Signed-off-by: Milan Broz <gmazyland@gmail.com>
Signed-off-by: Mike Snitzer <snitzer@redhat.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Signed-off-by: Paolo Pisati <paolo.pisati@canonical.com>