]> git.ipfire.org Git - thirdparty/kernel/stable.git/commitdiff
projects / thirdparty / kernel / stable.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 8a9a854)
crypto: seqiv - Handle EBUSY correctly
authorHerbert Xu <herbert@gondor.apana.org.au>
Fri, 13 Jan 2023 10:27:51 +0000 (18:27 +0800)
committerGreg Kroah-Hartman <gregkh@linuxfoundation.org>
Sat, 11 Mar 2023 15:26:37 +0000 (16:26 +0100)
[ Upstream commit 32e62025e5e52fbe4812ef044759de7010b15dbc ]

As it is seqiv only handles the special return value of EINPROGERSS,
which means that in all other cases it will free data related to the
request.

However, as the caller of seqiv may specify MAY_BACKLOG, we also need
to expect EBUSY and treat it in the same way.  Otherwise backlogged
requests will trigger a use-after-free.

Fixes: 0a270321dbf9 ("[CRYPTO] seqiv: Add Sequence Number IV Generator")
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Signed-off-by: Sasha Levin <sashal@kernel.org>
crypto/seqiv.c patch | blob | blame | history

diff --git a/crypto/seqiv.c b/crypto/seqiv.c
index 570b7d1aa0cac1a61662827c5647ac4358129c00..ce9214097bc983a205739a6f86fe7a3c6c7d6402 100644 (file)
--- a/crypto/seqiv.c
+++ b/crypto/seqiv.c
@@ -30,7 +30,7 @@ static void seqiv_aead_encrypt_complete2(struct aead_request *req, int err)
        struct aead_request *subreq = aead_request_ctx(req);
        struct crypto_aead *geniv;
 
-       if (err == -EINPROGRESS)
+       if (err == -EINPROGRESS || err == -EBUSY)
                return;
 
        if (err)
Mirror https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git