forked from luck/tmp_suning_uos_patched
crypto: aesni-intel - fix wrong kfree pointer
kfree(new_key_mem) in rfc4106_set_key() should be called on malloced pointer, not on aligned one, otherwise it can cause invalid pointer on free. (Seen at least once when running tcrypt tests with debug kernel.) Signed-off-by: Milan Broz <mbroz@redhat.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
This commit is contained in:
parent
82c2f9607b
commit
bf084d8f6e
|
@ -529,7 +529,7 @@ static int rfc4106_set_key(struct crypto_aead *parent, const u8 *key,
|
|||
struct crypto_aead *cryptd_child = cryptd_aead_child(ctx->cryptd_tfm);
|
||||
struct aesni_rfc4106_gcm_ctx *child_ctx =
|
||||
aesni_rfc4106_gcm_ctx_get(cryptd_child);
|
||||
u8 *new_key_mem = NULL;
|
||||
u8 *new_key_align, *new_key_mem = NULL;
|
||||
|
||||
if (key_len < 4) {
|
||||
crypto_tfm_set_flags(tfm, CRYPTO_TFM_RES_BAD_KEY_LEN);
|
||||
|
@ -553,9 +553,9 @@ static int rfc4106_set_key(struct crypto_aead *parent, const u8 *key,
|
|||
if (!new_key_mem)
|
||||
return -ENOMEM;
|
||||
|
||||
new_key_mem = PTR_ALIGN(new_key_mem, AESNI_ALIGN);
|
||||
memcpy(new_key_mem, key, key_len);
|
||||
key = new_key_mem;
|
||||
new_key_align = PTR_ALIGN(new_key_mem, AESNI_ALIGN);
|
||||
memcpy(new_key_align, key, key_len);
|
||||
key = new_key_align;
|
||||
}
|
||||
|
||||
if (!irq_fpu_usable())
|
||||
|
|
Loading…
Reference in New Issue
Block a user