diff options
| author | Junaid Shahid <junaids@google.com> | 2017-12-20 17:08:38 -0800 |
|---|---|---|
| committer | Herbert Xu <herbert@gondor.apana.org.au> | 2017-12-28 17:56:51 +1100 |
| commit | 1ecdd37e308ca149dc378cce225068cbac54e3a6 (patch) | |
| tree | aa6a2ab409ff3add306f6144ca5e7a415b3ed56f /kernel/padata.c | |
| parent | b20209c91e23a9bbad9cac2f80bc16b3c259e10e (diff) | |
| download | lwn-1ecdd37e308ca149dc378cce225068cbac54e3a6.tar.gz lwn-1ecdd37e308ca149dc378cce225068cbac54e3a6.zip | |
crypto: aesni - Fix out-of-bounds access of the AAD buffer in generic-gcm-aesni
The aesni_gcm_enc/dec functions can access memory after the end of
the AAD buffer if the AAD length is not a multiple of 4 bytes.
It didn't matter with rfc4106-gcm-aesni as in that case the AAD was
always followed by the 8 byte IV, but that is no longer the case with
generic-gcm-aesni. This can potentially result in accessing a page that
is not mapped and thus causing the machine to crash. This patch fixes
that by reading the last <16 byte block of the AAD byte-by-byte and
optionally via an 8-byte load if the block was at least 8 bytes.
Fixes: 0487ccac ("crypto: aesni - make non-AVX AES-GCM work with any aadlen")
Cc: <stable@vger.kernel.org>
Signed-off-by: Junaid Shahid <junaids@google.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Diffstat (limited to 'kernel/padata.c')
0 files changed, 0 insertions, 0 deletions