[5.10,09/41] mac80211: Check crypto_aead_encrypt for errors

Message ID	20210409095305.120511822@linuxfoundation.org
State	New
Headers	show Return-Path: <stable-owner@kernel.org> From: Greg Kroah-Hartman <gregkh@linuxfoundation.org> To: linux-kernel@vger.kernel.org Cc: Greg Kroah-Hartman <gregkh@linuxfoundation.org>, stable@vger.kernel.org, Daniel Phan <daniel.phan36@gmail.com>, Johannes Berg <johannes.berg@intel.com>, Sasha Levin <sashal@kernel.org> Subject: [PATCH 5.10 09/41] mac80211: Check crypto_aead_encrypt for errors Date: Fri, 9 Apr 2021 11:53:31 +0200 Message-Id: <20210409095305.120511822@linuxfoundation.org> In-Reply-To: <20210409095304.818847860@linuxfoundation.org> References: <20210409095304.818847860@linuxfoundation.org> User-Agent: quilt/0.66 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Precedence: bulk
Series	None \| expand [5.10,02/41] bus: ti-sysc: Fix warning on unbind if reset is not deasserted [5.10,03/41] platform/x86: intel-hid: Support Lenovo ThinkPad X1 Tablet Gen 2 [5.10,05/41] net/mlx5e: Enforce minimum value check for ICOSQ size [5.10,07/41] kunit: tool: Fix a python tuple typing error [5.10,09/41] mac80211: Check crypto_aead_encrypt for errors [5.10,10/41] mac80211: choose first enabled channel for monitor [5.10,11/41] drm/msm/dsi_pll_7nm: Fix variable usage for pll_lockdet_rate [5.10,12/41] drm/msm/adreno: a5xx_power: Dont apply A540 lm_setup to other GPUs [5.10,14/41] netfilter: conntrack: Fix gre tunneling over ipv6 [5.10,16/41] net: ipa: fix init header command validation [5.10,18/41] kselftest/arm64: sve: Do not use non-canonical FFR register value [5.10,20/41] x86/build: Turn off -fcf-protection for realmode targets [5.10,22/41] platform/x86: intel_pmc_core: Ignore GBE LTR on Tiger Lake platforms [5.10,24/41] scsi: target: pscsi: Clean up after failure in pscsi_map_sg() [5.10,26/41] ia64: mca: allocate early mca with GFP_ATOMIC [5.10,29/41] cifs: Silently ignore unknown oplock break handle [5.10,30/41] io_uring: fix timeout cancel return code [5.10,31/41] math: Export mul_u64_u64_div_u64 [5.10,33/41] tools/resolve_btfids: Check objects before removing [5.10,37/41] tools/resolve_btfids: Add /libbpf to .gitignore [5.10,39/41] bpf, x86: Validate computation of branch displacements for x86-32

Message ID

20210409095305.120511822@linuxfoundation.org

State

New

Headers

From: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
To: linux-kernel@vger.kernel.org
Cc: Greg Kroah-Hartman <gregkh@linuxfoundation.org>,
	stable@vger.kernel.org, Daniel Phan <daniel.phan36@gmail.com>,
	Johannes Berg <johannes.berg@intel.com>, Sasha Levin <sashal@kernel.org>
Subject: [PATCH 5.10 09/41] mac80211: Check crypto_aead_encrypt for errors
Date: Fri,  9 Apr 2021 11:53:31 +0200
Message-Id: <20210409095305.120511822@linuxfoundation.org>
In-Reply-To: <20210409095304.818847860@linuxfoundation.org>
References: <20210409095304.818847860@linuxfoundation.org>
User-Agent: quilt/0.66
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Precedence: bulk

Series

None | expand

Commit Message

Greg Kroah-Hartman April 9, 2021, 9:53 a.m. UTC

From: Daniel Phan <daniel.phan36@gmail.com>

[ Upstream commit 58d25626f6f0ea5bcec3c13387b9f835d188723d ]

crypto_aead_encrypt returns <0 on error, so if these calls are not checked,
execution may continue with failed encrypts.  It also seems that these two
crypto_aead_encrypt calls are the only instances in the codebase that are
not checked for errors.

Signed-off-by: Daniel Phan <daniel.phan36@gmail.com>
Link: https://lore.kernel.org/r/20210309204137.823268-1-daniel.phan36@gmail.com
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Signed-off-by: Sasha Levin <sashal@kernel.org>
---
 net/mac80211/aead_api.c | 5 +++--
 net/mac80211/aes_gmac.c | 5 +++--
 2 files changed, 6 insertions(+), 4 deletions(-)

diff --git a/net/mac80211/aead_api.c b/net/mac80211/aead_api.c
index d7b3d905d535..b00d6f5b33f4 100644
--- a/net/mac80211/aead_api.c
+++ b/net/mac80211/aead_api.c
@@ -23,6 +23,7 @@  int aead_encrypt(struct crypto_aead *tfm, u8 *b_0, u8 *aad, size_t aad_len,
 	struct aead_request *aead_req;
 	int reqsize = sizeof(*aead_req) + crypto_aead_reqsize(tfm);
 	u8 *__aad;
+	int ret;
 
 	aead_req = kzalloc(reqsize + aad_len, GFP_ATOMIC);
 	if (!aead_req)
@@ -40,10 +41,10 @@  int aead_encrypt(struct crypto_aead *tfm, u8 *b_0, u8 *aad, size_t aad_len,
 	aead_request_set_crypt(aead_req, sg, sg, data_len, b_0);
 	aead_request_set_ad(aead_req, sg[0].length);
 
-	crypto_aead_encrypt(aead_req);
+	ret = crypto_aead_encrypt(aead_req);
 	kfree_sensitive(aead_req);
 
-	return 0;
+	return ret;
 }
 
 int aead_decrypt(struct crypto_aead *tfm, u8 *b_0, u8 *aad, size_t aad_len,
diff --git a/net/mac80211/aes_gmac.c b/net/mac80211/aes_gmac.c
index 6f3b3a0cc10a..512cab073f2e 100644
--- a/net/mac80211/aes_gmac.c
+++ b/net/mac80211/aes_gmac.c
@@ -22,6 +22,7 @@  int ieee80211_aes_gmac(struct crypto_aead *tfm, const u8 *aad, u8 *nonce,
 	struct aead_request *aead_req;
 	int reqsize = sizeof(*aead_req) + crypto_aead_reqsize(tfm);
 	const __le16 *fc;
+	int ret;
 
 	if (data_len < GMAC_MIC_LEN)
 		return -EINVAL;
@@ -59,10 +60,10 @@  int ieee80211_aes_gmac(struct crypto_aead *tfm, const u8 *aad, u8 *nonce,
 	aead_request_set_crypt(aead_req, sg, sg, 0, iv);
 	aead_request_set_ad(aead_req, GMAC_AAD_LEN + data_len);
 
-	crypto_aead_encrypt(aead_req);
+	ret = crypto_aead_encrypt(aead_req);
 	kfree_sensitive(aead_req);
 
-	return 0;
+	return ret;
 }
 
 struct crypto_aead *ieee80211_aes_gmac_key_setup(const u8 key[],

[5.10,09/41] mac80211: Check crypto_aead_encrypt for errors

Commit Message

Patch