On Mon, Dec 18, 2023 at 06:43:27AM -0800, syzbot wrote: > > syzbot found the following issue on: > > HEAD commit: 17cb8a20bde6 Add linux-next specific files for 20231215 > git tree: linux-next > console+strace: https://syzkaller.appspot.com/x/log.txt?x=1129f3b6e80000 > kernel config: https://syzkaller.appspot.com/x/.config?x=ec104439b5dbc583 > dashboard link: https://syzkaller.appspot.com/bug?extid=8ffb0839a24e9c6bfa76 > compiler: gcc (Debian 12.2.0-14) 12.2.0, GNU ld (GNU Binutils for Debian) 2.40 > syz repro: https://syzkaller.appspot.com/x/repro.syz?x=17d23c01e80000 > C reproducer: https://syzkaller.appspot.com/x/repro.c?x=14cfe021e80000 ---8<--- When ecb is used to wrap an lskcipher, the statesize isn't set correctly. Fix this by making the simple instance creator set the statesize. Reported-by: syzbot+8ffb0839a24e9c6bfa76@xxxxxxxxxxxxxxxxxxxxxxxxx Reported-by: Edward Adam Davis <eadavis@xxxxxx> Fixes: 662ea18d089b ("crypto: skcipher - Make use of internal state") Signed-off-by: Herbert Xu <herbert@xxxxxxxxxxxxxxxxxxx> diff --git a/crypto/lskcipher.c b/crypto/lskcipher.c index a06008e112f3..0b6dd8aa21f2 100644 --- a/crypto/lskcipher.c +++ b/crypto/lskcipher.c @@ -642,6 +642,7 @@ struct lskcipher_instance *lskcipher_alloc_instance_simple( inst->alg.co.min_keysize = cipher_alg->co.min_keysize; inst->alg.co.max_keysize = cipher_alg->co.max_keysize; inst->alg.co.ivsize = cipher_alg->co.base.cra_blocksize; + inst->alg.co.statesize = cipher_alg->co.statesize; /* Use struct crypto_lskcipher * by default, can be overridden */ inst->alg.co.base.cra_ctxsize = sizeof(struct crypto_lskcipher *); -- Email: Herbert Xu <herbert@xxxxxxxxxxxxxxxxxxx> Home Page: http://gondor.apana.org.au/~herbert/ PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt