HomeFreeBSD
Diffusion FreeBSD src repository 5f9a61203779

cryptodev: Allow some CIOCCRYPT operations with an empty payload.
5f9a61203779
Actions

Description

cryptodev: Allow some CIOCCRYPT operations with an empty payload.

If an operation would generate a MAC output (e.g. for digest operation
or for an AEAD or EtA operation), then an empty payload buffer is
valid. Only reject requests with an empty buffer for "plain" cipher
sessions.

Some of the AES-CCM NIST KAT vectors use an empty payload.

While here, don't advance crp_payload_start for requests that use an
empty payload with an inline IV. (*)

Reported by: syzbot+d4b94fbd9a44b032f428@syzkaller.appspotmail.com (*)
Reviewed by: markj
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D32109

(cherry picked from commit a0cbcbb7917b0b8566ec0853425a73d7958ddbed)

Details

Provenance
jhbAuthored on Oct 6 2021, 9:08 PM
Reviewer
markj
Differential Revision
D32109: cryptodev: Allow some CIOCCRYPT operations with an empty payload.
Parents
rGac648e3affe3: cryptodev: Permit CIOCCRYPT for AEAD ciphers.
Branches
Unknown
Tags
Unknown

Changes (1)

PathSize
sys/
opencrypto/

rG5f9a61203779

View Options

sys/opencrypto/cryptodev.c

Loading...