On Tue, Apr 14, 2009 at 03:23:51PM +0200, Steffen Klassert wrote: > If crypto_ablkcipher_encrypt() returns synchronous, > eseqiv_complete2() is called even if req->giv is already the > pointer to the generated IV. The generated IV is overwritten > with some random data in this case. This patch fixes this by > calling eseqiv_complete2() just in the case where an asynchronous > algorithm would call eseqiv_complete() as the complete function. > > Signed-off-by: Steffen Klassert <steffen.klassert@xxxxxxxxxxx> Well caught! Clearly no one has ever tried this before :) > diff --git a/crypto/eseqiv.c b/crypto/eseqiv.c > index 2a342c8..2fa53b0 100644 > --- a/crypto/eseqiv.c > +++ b/crypto/eseqiv.c > @@ -153,7 +153,8 @@ static int eseqiv_givencrypt(struct skcipher_givcrypt_request *req) > if (err) > goto out; > > - eseqiv_complete2(req); > + if (complete == eseqiv_complete) > + eseqiv_complete2(req); Being paranoid it may just be possible for our caller (or one if its ancestors) to be eseqiv, in which case this test will give a false positive. So how about doing what seqiv does and check if (giv != req->giv) Thanks, -- Visit Openswan at http://www.openswan.org/ Email: Herbert Xu ~{PmV>HI~} <herbert@xxxxxxxxxxxxxxxxxxx> Home Page: http://gondor.apana.org.au/~herbert/ PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt -- To unsubscribe from this list: send the line "unsubscribe linux-crypto" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
