crypto: algif_skcipher - Handle unaligned receive buffer
Herbert Xu [Tue, 30 Nov 2010 09:04:31 +0000 (17:04 +0800)]
As it is if user-space passes through a receive buffer that's not
aligned to to the cipher block size, we'll end up encrypting or
decrypting a partial block which causes a spurious EINVAL to be
returned.

This patch fixes this by moving the partial block test after the
af_alg_make_sg call.

Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>

crypto/algif_skcipher.c

index 1f33480..6a6dfc0 100644 (file)
@@ -454,17 +454,17 @@ static int skcipher_recvmsg(struct kiocb *unused, struct socket *sock,
 
                        used = min_t(unsigned long, used, seglen);
 
+                       used = af_alg_make_sg(&ctx->rsgl, from, used, 1);
+                       err = used;
+                       if (err < 0)
+                               goto unlock;
+
                        if (ctx->more || used < ctx->used)
                                used -= used % bs;
 
                        err = -EINVAL;
                        if (!used)
-                               goto unlock;
-
-                       used = af_alg_make_sg(&ctx->rsgl, from, used, 1);
-                       err = used;
-                       if (err < 0)
-                               goto unlock;
+                               goto free;
 
                        ablkcipher_request_set_crypt(&ctx->req, sg,
                                                     ctx->rsgl.sg, used,
@@ -476,6 +476,7 @@ static int skcipher_recvmsg(struct kiocb *unused, struct socket *sock,
                                        crypto_ablkcipher_decrypt(&ctx->req),
                                &ctx->completion);
 
+free:
                        af_alg_free_sg(&ctx->rsgl);
 
                        if (err)