From d04c12765cfa2bf0f33f7489d48843648073ce06 Mon Sep 17 00:00:00 2001
From: Mark Johnston <markj@FreeBSD.org>
Date: Fri, 24 Sep 2021 15:04:45 -0400
Subject: [PATCH] opencrypto: Disallow requests which pass VERIFY_DIGEST
 without a MAC

Otherwise we can end up comparing the computed digest with an
uninitialized kernel buffer.

In cryptoaead_op() we already unconditionally fail the request if a
pointer to a digest buffer is not specified.

Based on a patch by Simran Kathpalia.

Reported by:	syzkaller
Reviewed by:	jhb
Pull Request:	https://github.com/freebsd/freebsd-src/pull/529

(cherry picked from commit 7c2f227a17ded0934c5941c7911797edb7d770a2)
---
 sys/opencrypto/cryptodev.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/sys/opencrypto/cryptodev.c b/sys/opencrypto/cryptodev.c
index 45146284642..61f8f332e1c 100644
--- a/sys/opencrypto/cryptodev.c
+++ b/sys/opencrypto/cryptodev.c
@@ -943,7 +943,7 @@ cryptodev_op(struct csession *cse, const struct crypt_op *cop)
 		dst += cse->ivsize;
 	}
 
-	if (cop->mac != NULL && crp->crp_op & CRYPTO_OP_VERIFY_DIGEST) {
+	if (crp->crp_op & CRYPTO_OP_VERIFY_DIGEST) {
 		error = copyin(cop->mac, cod->buf + crp->crp_digest_start,
 		    cse->hashsize);
 		if (error) {