crypto: algif_aead - fix AIO handling of zero buffer Handle the case when the caller provided a zero buffer to sendmsg/sendpage. Such scenario is legal for AEAD ciphers when no plaintext / ciphertext and no AAD is provided and the caller only requests the generation of the tag value. Signed-off-by: Stephan Mueller <smueller@chronox.de> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>

commit: 5937d81a9613a98381c1571a159ac971ae02182c [log] [tgz]
author: Stephan Mueller <smueller@chronox.de> Thu Dec 01 08:22:37 2016 +0100
committer: Herbert Xu <herbert@gondor.apana.org.au> Thu Dec 01 21:06:44 2016 +0800
tree: 037fb547505846438c65f8afb8517f29654bba50
parent: efad2b61ae258df4fb3896f5e7cd9c701f4979e6 [diff] [blame]
diff --git a/crypto/algif_aead.c b/crypto/algif_aead.c
index 80a0f1a..6e95137 100644
--- a/crypto/algif_aead.c
+++ b/crypto/algif_aead.c

@@ -448,12 +448,13 @@ static int aead_recvmsg_async(struct socket *sock, struct msghdr *msg,
 	used -= ctx->aead_assoclen + (ctx->enc ? as : 0);
 
 	/* take over all tx sgls from ctx */
-	areq->tsgl = sock_kmalloc(sk, sizeof(*areq->tsgl) * sgl->cur,
+	areq->tsgl = sock_kmalloc(sk,
+				  sizeof(*areq->tsgl) * max_t(u32, sgl->cur, 1),
 				  GFP_KERNEL);
 	if (unlikely(!areq->tsgl))
 		goto free;
 
-	sg_init_table(areq->tsgl, sgl->cur);
+	sg_init_table(areq->tsgl, max_t(u32, sgl->cur, 1));
 	for (i = 0; i < sgl->cur; i++)
 		sg_set_page(&areq->tsgl[i], sg_page(&sgl->sg[i]),
 			    sgl->sg[i].length, sgl->sg[i].offset);
commit	5937d81a9613a98381c1571a159ac971ae02182c	[log] [tgz]
author	Stephan Mueller <smueller@chronox.de>	Thu Dec 01 08:22:37 2016 +0100
committer	Herbert Xu <herbert@gondor.apana.org.au>	Thu Dec 01 21:06:44 2016 +0800
tree	037fb547505846438c65f8afb8517f29654bba50
parent	efad2b61ae258df4fb3896f5e7cd9c701f4979e6 [diff] [blame]