git.proxmox.com Git - mirror_ubuntu-bionic-kernel.git/commit

author	Stephan Mueller <smueller@chronox.de>
	Thu, 18 Jan 2018 19:41:09 +0000 (20:41 +0100)
committer	Seth Forshee <seth.forshee@canonical.com>
	Sat, 3 Feb 2018 17:40:37 +0000 (18:40 +0100)
commit	c395d395704c7b76a4088e94d930dbff35ac34e0
tree	2946b0217f83d2284f8cee3e62fd2af16ab2c1a3	tree
parent	7b18e85c3a8a9006f916a47d975e1b4f49d78ef4	commit \| diff

crypto: aesni - handle zero length dst buffer

BugLink: http://bugs.launchpad.net/bugs/1747169
commit 9c674e1e2f9e24fa4392167efe343749008338e0 upstream.

GCM can be invoked with a zero destination buffer. This is possible if
the AAD and the ciphertext have zero lengths and only the tag exists in
the source buffer (i.e. a source buffer cannot be zero). In this case,
the GCM cipher only performs the authentication and no decryption
operation.

When the destination buffer has zero length, it is possible that no page
is mapped to the SG pointing to the destination. In this case,
sg_page(req->dst) is an invalid access. Therefore, page accesses should
only be allowed if the req->dst->length is non-zero which is the
indicator that a page must exist.

This fixes a crash that can be triggered by user space via AF_ALG.

Signed-off-by: Stephan Mueller <smueller@chronox.de>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Signed-off-by: Seth Forshee <seth.forshee@canonical.com>