crypto: ccm - Fix handling of zero plaintext when computing mac
commit
5638cabf3e4883f38dfb246c30980cebf694fbda upstream.
There are cases when cryptlen can be zero in crypto_ccm_auth():
-encryptiom: input scatterlist length is zero (no plaintext)
-decryption: input scatterlist contains only the mac
plus the condition of having different source and destination buffers
(or else scatterlist length = max(plaintext_len, ciphertext_len)).
These are not handled correctly, leading to crashes like:
root@p4080ds:~/crypto# insmod tcrypt.ko mode=45
------------[ cut here ]------------
kernel BUG at crypto/scatterwalk.c:37!
Oops: Exception in kernel mode, sig: 5 [#1]
SMP NR_CPUS=8 P4080 DS
Modules linked in: tcrypt(+) crc32c xts xcbc vmac pcbc ecb gcm ghash_generic gf128mul ccm ctr seqiv
CPU: 3 PID: 1082 Comm: cryptomgr_test Not tainted 3.11.0 #14
task:
ee12c5b0 ti:
eecd0000 task.ti:
eecd0000
NIP:
c0204d98 LR:
f9225848 CTR:
c0204d80
REGS:
eecd1b70 TRAP: 0700 Not tainted (3.11.0)
MSR:
00029002 <CE,EE,ME> CR:
22044022 XER:
20000000
GPR00:
f9225c94 eecd1c20 ee12c5b0 eecd1c28 ee879400 ee879400 00000000 ee607464
GPR08:
00000001 00000001 00000000 006b0000 c0204d80 00000000 00000002 c0698e20
GPR16:
ee987000 ee895000 fffffff4 ee879500 00000100 eecd1d58 00000001 00000000
GPR24:
ee879400 00000020 00000000 00000000 ee5b2800 ee607430 00000004 ee607460
NIP [
c0204d98] scatterwalk_start+0x18/0x30
LR [
f9225848] get_data_to_compute+0x28/0x2f0 [ccm]
Call Trace:
[
eecd1c20] [
f9225974] get_data_to_compute+0x154/0x2f0 [ccm] (unreliable)
[
eecd1c70] [
f9225c94] crypto_ccm_auth+0x184/0x1d0 [ccm]
[
eecd1cb0] [
f9225d40] crypto_ccm_encrypt+0x60/0x2d0 [ccm]
[
eecd1cf0] [
c020d77c] __test_aead+0x3ec/0xe20
[
eecd1e20] [
c020f35c] test_aead+0x6c/0xe0
[
eecd1e40] [
c020f420] alg_test_aead+0x50/0xd0
[
eecd1e60] [
c020e5e4] alg_test+0x114/0x2e0
[
eecd1ee0] [
c020bd1c] cryptomgr_test+0x4c/0x60
[
eecd1ef0] [
c0047058] kthread+0xa8/0xb0
[
eecd1f40] [
c000eb0c] ret_from_kernel_thread+0x5c/0x64
Instruction dump:
0f080000 81290024 552807fe 0f080000 5529003a 4bffffb4 90830000 39400000
39000001 8124000c 2f890000 7d28579e <
0f090000>
81240008 91230004 4e800020
---[ end trace
6d652dfcd1be37bd ]---
Cc: Jussi Kivilinna <jussi.kivilinna@mbnet.fi>
Signed-off-by: Horia Geanta <horia.geanta@freescale.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>