Commit 50fdb78b authored by Herbert Xu's avatar Herbert Xu
Browse files

crypto: seqiv - Do not use req->iv after crypto_aead_encrypt 



As soon as crypto_aead_encrypt is called, the underlying request
may be freed by an asynchronous completion.  Thus dereferencing
req->iv after it returns is invalid.

Instead of checking req->iv against info, create a new variable
unaligned_info and use it for that purpose instead.

Fixes: 0a270321 ("[CRYPTO] seqiv: Add Sequence Number IV Generator")
Reported-by: default avatarXiumei Mu <xmu@redhat.com>
Reported-by: default avatarXin Long <lucien.xin@gmail.com>
Signed-off-by: default avatarHerbert Xu <herbert@gondor.apana.org.au>
parent 8f0b4cce

crypto/seqiv.c

+5 −3
Original line number Diff line number Diff line
@@ -50,6 +50,7 @@ static int seqiv_aead_encrypt(struct aead_request *req) 
	struct aead_geniv_ctx *ctx = crypto_aead_ctx(geniv);

	struct aead_request *subreq = aead_request_ctx(req);

	crypto_completion_t compl;

	bool unaligned_info;

	void *data;

	u8 *info;

	unsigned int ivsize = 8;
@@ -68,8 +69,9 @@ static int seqiv_aead_encrypt(struct aead_request *req) 
		memcpy_sglist(req->dst, req->src,

			      req->assoclen + req->cryptlen);



	if (unlikely(!IS_ALIGNED((unsigned long)info,

				 crypto_aead_alignmask(geniv) + 1))) {

	unaligned_info = !IS_ALIGNED((unsigned long)info,

				     crypto_aead_alignmask(geniv) + 1);

	if (unlikely(unaligned_info)) {

		info = kmemdup(req->iv, ivsize, req->base.flags &

			       CRYPTO_TFM_REQ_MAY_SLEEP ? GFP_KERNEL :

			       GFP_ATOMIC);
@@ -89,7 +91,7 @@ static int seqiv_aead_encrypt(struct aead_request *req) 
	scatterwalk_map_and_copy(info, req->dst, req->assoclen, ivsize, 1);



	err = crypto_aead_encrypt(subreq);

	if (unlikely(info != req->iv))

	if (unlikely(unaligned_info))

		seqiv_aead_encrypt_complete2(req, err);

	return err;

}