[PATCH] crypto: algif_aead - Fix minimum RX size check for decryption

[Herbert Xu]

On Fri, Apr 03, 2026 at 09:32:26AM -0700, syzbot wrote:
> 
> Oops: general protection fault, probably for non-canonical address 0xdffffc0000000001: 0000 [#1] SMP KASAN PTI
> KASAN: null-ptr-deref in range [0x0000000000000008-0x000000000000000f]
> CPU: 0 UID: 0 PID: 5987 Comm: syz.0.17 Not tainted syzkaller #0 PREEMPT(full) 
> Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
> RIP: 0010:memcpy_sglist+0x420/0x730 crypto/scatterwalk.c:177
> Code: e8 b5 b9 52 fd f6 c3 01 0f 85 0a 01 00 00 e8 c7 b4 52 fd 4c 89 f3 eb 07 e8 bd b4 52 fd 31 db 4c 8d 7b 08 4c 89 f8 48 c1 e8 03 <0f> b6 04 28 84 c0 0f 85 1d 02 00 00 41 8b 07 89 44 24 04 49 8d 7d
> RSP: 0018:ffffc900035a7698 EFLAGS: 00010202
> RAX: 0000000000000001 RBX: 0000000000000000 RCX: ffff888026dc1e80
> RDX: 0000000000000000 RSI: 0000000000000002 RDI: 0000000000000000
> RBP: dffffc0000000000 R08: 0000000000000000 R09: 0000000000000000
> R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000001
> R13: ffff88802543b200 R14: ffff888033865080 R15: 0000000000000008
> FS:  000055556d3e1500(0000) GS:ffff888125457000(0000) knlGS:0000000000000000
> CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
> CR2: 0000200000004580 CR3: 0000000035e06000 CR4: 00000000003526f0
> Call Trace:
>  <TASK>
>  _aead_recvmsg crypto/algif_aead.c:186 [inline]

Again this is an existing bug that has been uncovered:

---8<---
The check for the minimum receive buffer size did not take the
tag size into account during decryption.  Fix this by adding the
required extra length to the variable less.

Reported-by: syzbot+aa11561819dc42ebbc7c@xxxxxxxxxxxxxxxxxxxxxxxxx
Fixes: d887c52d6ae4 ("crypto: algif_aead - overhaul memory management")
Signed-off-by: Herbert Xu <herbert@xxxxxxxxxxxxxxxxxxx>

diff --git a/crypto/algif_aead.c b/crypto/algif_aead.c
index dda15bb05e89..b0811eb7d665 100644
--- a/crypto/algif_aead.c
+++ b/crypto/algif_aead.c
@@ -144,6 +144,8 @@ static int _aead_recvmsg(struct socket *sock, struct msghdr *msg,
 	if (usedpages < outlen) {
 		size_t less = outlen - usedpages;
 
+		if (!ctx->enc)
+			less += as;
 		if (used < less) {
 			err = -EINVAL;
 			goto free;
-- 
Email: Herbert Xu <herbert@xxxxxxxxxxxxxxxxxxx>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt