crypto: gcm - Filter out async ghash if necessary

commit b30bdfa86431afbafe15284a3ad5ac19b49b88e3 upstream.

As it is if you ask for a sync gcm you may actually end up with
an async one because it does not filter out async implementations
of ghash.

This patch fixes this by adding the necessary filter when looking
for ghash.

Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>

diff --git a/crypto/gcm.c b/crypto/gcm.c
index f0bd00b15f26ac08f962ee84b13f168bdb5e832a..d2a0f7371cf0a2e18747620751b82e26274bd935 100644 (file)
--- a/crypto/gcm.c
+++ b/crypto/gcm.c
@@ -716,7 +716,9 @@ static struct crypto_instance *crypto_gcm_alloc_common(struct rtattr **tb,
 
        ghash_alg = crypto_find_alg(ghash_name, &crypto_ahash_type,
                                    CRYPTO_ALG_TYPE_HASH,
-                                   CRYPTO_ALG_TYPE_AHASH_MASK);
+                                   CRYPTO_ALG_TYPE_AHASH_MASK |
+                                   crypto_requires_sync(algt->type,
+                                                        algt->mask));
        if (IS_ERR(ghash_alg))
                return ERR_CAST(ghash_alg);