Skip site navigation (1)Skip section navigation (2)
Date:      Mon, 1 Oct 2018 09:42:22 -0600
From:      Alan Somers <asomers@freebsd.org>
To:        "Conrad E. Meyer" <cem@freebsd.org>
Cc:        src-committers <src-committers@freebsd.org>, svn-src-all <svn-src-all@freebsd.org>,  svn-src-head <svn-src-head@freebsd.org>
Subject:   Re: svn commit: r335584 - head/sys/crypto/aesni
Message-ID:  <CAOtMX2gdTJk8aBmY4b0U75X6eQsE6THTji7x3_r62DFYyspsuA@mail.gmail.com>
In-Reply-To: <201806231820.w5NIKHaS051052@repo.freebsd.org>
References:  <201806231820.w5NIKHaS051052@repo.freebsd.org>

next in thread | previous in thread | raw e-mail | index | archive | help
On Sat, Jun 23, 2018 at 12:20 PM Conrad Meyer <cem@freebsd.org> wrote:

> Author: cem
> Date: Sat Jun 23 18:20:17 2018
> New Revision: 335584
> URL: https://svnweb.freebsd.org/changeset/base/335584
>
> Log:
>   aesni(4): Fix {de,en}crypt operations that allocated a buffer
>
>   aesni(4) allocates a contiguous buffer for the data it processes if the
>   provided input was not already virtually contiguous, and copies the input
>   there.  It performs encryption or decryption in-place.
>
>   r324037 removed the logic that then copied the processed data back to the
>   user-provided input buffer, breaking {de,enc}crypt for mbuf chains or
>   iovecs with more than a single descriptor.
>
>   PR:           228094 (probably, not confirmed)
>   Submitted by: Sean Fagan <kithrup AT me.com>
>   Reported by:  Emeric POUPON <emeric.poupon AT stormshield.eu>
>   X-MFC-With:   324037
>   Security:     could result in plaintext being output by "encrypt"
>                 operation
>
> Modified:
>   head/sys/crypto/aesni/aesni.c
>

Can we MFC this now?



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CAOtMX2gdTJk8aBmY4b0U75X6eQsE6THTji7x3_r62DFYyspsuA>