When a caller passes in a uio or mbuf chain that is longer than crd_len, in
tandem with a transform that supports the multi-block interface,
swcr_encdec() would process the entire mbuf or uio instead of just the
portion indicated by crd_len (+ crd_skip).
De/encryption are performed in-place, so this would trash subsequent uio or
mbuf contents.
This was introduced in r331639 (mea culpa). It only affects the
{de,en}crypt_multi() family of interfaces. That interface only has one
consumer transform in-tree (for now): Chacha20.
PR: 227605
Submitted by: Valentin Vergez <valentin.vergez AT stormshield.eu>
179b21e8b1