crypto: algif_aead - Fix bogus request dereference in completion function
authorHerbert Xu <herbert@gondor.apana.org.au>
Mon, 10 Apr 2017 09:59:07 +0000 (17:59 +0800)
committerHerbert Xu <herbert@gondor.apana.org.au>
Mon, 10 Apr 2017 11:09:19 +0000 (19:09 +0800)
commite6534aebb26e32fbab14df9c713c65e8507d17e4
tree952b4316749252a82a6a148a5d857bbddb8ad45d
parentef0579b64e93188710d48667cb5e014926af9f1b
crypto: algif_aead - Fix bogus request dereference in completion function

The algif_aead completion function tries to deduce the aead_request
from the crypto_async_request argument.  This is broken because
the API does not guarantee that the same request will be pased to
the completion function.  Only the value of req->data can be used
in the completion function.

This patch fixes it by storing a pointer to sk in areq and using
that instead of passing in sk through req->data.

Fixes: 83094e5e9e49 ("crypto: af_alg - add async support to...")
Cc: <stable@vger.kernel.org>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
crypto/algif_aead.c