Skip to content

Commit

Permalink
mac80211: Allocate a sync skcipher explicitly for FILS AEAD
Browse files Browse the repository at this point in the history 
The skcipher could have been of the async variant which may return from
skcipher_encrypt() with -EINPROGRESS after having queued the request.
The FILS AEAD implementation here does not have code for dealing with
that possibility, so allocate a sync cipher explicitly to avoid
potential issues with hardware accelerators.

This is based on the patch sent out by Ard.

Fixes: 39404fe ("mac80211: FILS AEAD protection for station mode association frames")
Reported-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
  • Loading branch information
Jouni Malinen authored and Johannes Berg committed Feb 6, 2017
1 parent e479ab6 commit 01fba20
Showing 1 changed file with 2 additions and 2 deletions.
4 changes: 2 additions & 2 deletions net/mac80211/fils_aead.c
View file
Original file line number Diff line number Diff line change
@@ -124,7 +124,7 @@ static int aes_siv_encrypt(const u8 *key, size_t key_len,

/* CTR */

tfm2 = crypto_alloc_skcipher("ctr(aes)", 0, 0);
tfm2 = crypto_alloc_skcipher("ctr(aes)", 0, CRYPTO_ALG_ASYNC);
if (IS_ERR(tfm2)) {
kfree(tmp);
return PTR_ERR(tfm2);
@@ -183,7 +183,7 @@ static int aes_siv_decrypt(const u8 *key, size_t key_len,

/* CTR */

tfm2 = crypto_alloc_skcipher("ctr(aes)", 0, 0);
tfm2 = crypto_alloc_skcipher("ctr(aes)", 0, CRYPTO_ALG_ASYNC);
if (IS_ERR(tfm2))
return PTR_ERR(tfm2);
/* K2 for CTR */

0 comments on commit 01fba20

Please sign in to comment.