crypto: gcm - Filter out async ghash if necessary

commit b30bdfa86431afbafe15284a3ad5ac19b49b88e3 upstream.

As it is if you ask for a sync gcm you may actually end up with
an async one because it does not filter out async implementations
of ghash.

This patch fixes this by adding the necessary filter when looking
for ghash.

Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Signed-off-by: Willy Tarreau <w@1wt.eu>

diff --git a/crypto/gcm.c b/crypto/gcm.c
index cd97cdd8cabea643ee1676b554beba42cb2aa34b..451e420ce56cf255a5a6abe6ac184aac04d666f4 100644 (file)
--- a/crypto/gcm.c
+++ b/crypto/gcm.c
@@ -716,7 +716,9 @@ static struct crypto_instance *crypto_gcm_alloc_common(struct rtattr **tb,
 
        ghash_alg = crypto_find_alg(ghash_name, &crypto_ahash_type,
                                    CRYPTO_ALG_TYPE_HASH,
-                                   CRYPTO_ALG_TYPE_AHASH_MASK);
+                                   CRYPTO_ALG_TYPE_AHASH_MASK |
+                                   crypto_requires_sync(algt->type,
+                                                        algt->mask));
        if (IS_ERR(ghash_alg))
                return ERR_CAST(ghash_alg);