On Fri, May 22, 2015 at 09:43:28AM +0200, Johannes Berg wrote: > > Oops, sorry, of course - I was running in a VM :) Thanks! Does this patch on top help? diff --git a/net/mac80211/aes_gmac.c b/net/mac80211/aes_gmac.c index 7eee32b..133be53 100644 --- a/net/mac80211/aes_gmac.c +++ b/net/mac80211/aes_gmac.c @@ -24,22 +24,24 @@ int ieee80211_aes_gmac(struct crypto_aead *tfm, const u8 *aad, u8 *nonce, const u8 *data, size_t data_len, u8 *mic) { - struct scatterlist sg[3]; + struct scatterlist sg[4]; char aead_req_data[sizeof(struct aead_request) + crypto_aead_reqsize(tfm)] __aligned(__alignof__(struct aead_request)); struct aead_request *aead_req = (void *)aead_req_data; - u8 iv[AES_BLOCK_SIZE]; + u8 zero[GMAC_MIC_LEN], iv[AES_BLOCK_SIZE]; if (data_len < GMAC_MIC_LEN) return -EINVAL; memset(aead_req, 0, sizeof(aead_req_data)); - sg_init_table(sg, 3); + memset(zero, 0, GMAC_MIC_LEN); + sg_init_table(sg, 4); sg_set_buf(&sg[0], aad, AAD_LEN); sg_set_buf(&sg[1], data, data_len - GMAC_MIC_LEN); - sg_set_buf(&sg[2], mic, GMAC_MIC_LEN); + sg_set_buf(&sg[2], zero, GMAC_MIC_LEN); + sg_set_buf(&sg[3], mic, GMAC_MIC_LEN); memcpy(iv, nonce, GMAC_NONCE_LEN); memset(iv + GMAC_NONCE_LEN, 0, sizeof(iv) - GMAC_NONCE_LEN); -- Email: Herbert Xu <herbert@xxxxxxxxxxxxxxxxxxx> Home Page: http://gondor.apana.org.au/~herbert/ PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt -- To unsubscribe from this list: send the line "unsubscribe linux-crypto" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html