git.kernelconcepts.de Git - karo-tx-linux.git/commit

author	Herbert Xu <herbert@gondor.apana.org.au>
	Fri, 22 Aug 2008 23:36:17 +0000 (09:36 +1000)
committer	Greg Kroah-Hartman <gregkh@suse.de>
	Mon, 8 Sep 2008 11:44:29 +0000 (04:44 -0700)
commit	78ecd7a96dbacf8a2a2b1fbf336507886d025a3d
tree	0bad7324ebab4e459b8197e8f2e29879af85a08c	tree \| snapshot
parent	c5b15cb1787f1dfb3741396779986d5653400eba	commit \| diff

crypto: authenc - Avoid using clobbered request pointer

crypto: authenc - Avoid using clobbered request pointer

[ Upstream commit: a697690bece75d4ba424c1318eb25c37d41d5829 ]

Authenc works in two stages for encryption, it first encrypts and
then computes an ICV.  The context memory of the request is used
by both operations.  The problem is that when an asynchronous
encryption completes, we will compute the ICV and then reread the
context memory of the encryption to get the original request.

It just happens that we have a buffer of 16 bytes in front of the
request pointer, so ICVs of 16 bytes (such as SHA1) do not trigger
the bug.  However, any attempt to uses a larger ICV instantly kills
the machine when the first asynchronous encryption is completed.

This patch fixes this by saving the request pointer before we start
the ICV computation.

Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>