aesni(4): Fix {de,en}crypt operations that allocated a buffer

aesni(4) allocates a contiguous buffer for the data it processes if the provided input was not already virtually contiguous, and copies the input there. It performs encryption or decryption in-place. r324037 removed the logic that then copied the processed data back to the user-provided input buffer, breaking {de,enc}crypt for mbuf chains or iovecs with more than a single descriptor. PR: 228094 (probably, not confirmed) Submitted by: Sean Fagan <kithrup AT me.com> Reported by: Emeric POUPON <emeric.poupon AT stormshield.eu> X-MFC-With: 324037 Security: could result in plaintext being output by "encrypt" operation
svn path=/head/; revision=335584
2018-06-23 18:20:17 +00:00 · 2018-06-23 18:20:17 +00:00 · e50f10b5a4 · 2020-12-20 02:59:44 +00:00
commit e50f10b5a4
parent 7d0ffa388e
1 changed files with 4 additions and 0 deletions
--- a/sys/crypto/aesni/aesni.c
+++ b/sys/crypto/aesni/aesni.c
@ -890,6 +890,10 @@ aesni_cipher_crypt(struct aesni_session *ses, struct cryptodesc *enccrd,
 		break;
 	}

+	if (allocated)
+		crypto_copyback(crp->crp_flags, crp->crp_buf, enccrd->crd_skip,
+		    enccrd->crd_len, buf);
+
 out:
 	if (allocated) {
 		explicit_bzero(buf, enccrd->crd_len);