Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 608f37d0 authored by Dan Carpenter's avatar Dan Carpenter Committed by Herbert Xu
Browse files

crypto: talitos - fix size calculation in talitos_edesc_alloc() 



The + operation has higher precedence than ?: so we need parentheses
here.  Otherwise we may end up allocating a max of only one "cryptlen"
instead of two.

Fixes: 6f65f6ac ('crypto: talitos - implement scatter/gather copy for SEC1')
Signed-off-by: default avatarDan Carpenter <dan.carpenter@oracle.com>
Acked-by: default avatarChristophe Leroy <christophe.leroy@c-s.fr>
Signed-off-by: default avatarHerbert Xu <herbert@gondor.apana.org.au>
parent 5d1d65f8

drivers/crypto/talitos.c

+2 −2
Original line number Diff line number Diff line
@@ -1335,8 +1335,8 @@ static struct talitos_edesc *talitos_edesc_alloc(struct device *dev, 
	alloc_len = sizeof(struct talitos_edesc);

	if (assoc_nents || src_nents || dst_nents) {

		if (is_sec1)

			dma_len = src_nents ? cryptlen : 0 +

				  dst_nents ? cryptlen : 0;

			dma_len = (src_nents ? cryptlen : 0) +

				  (dst_nents ? cryptlen : 0);

		else

			dma_len = (src_nents + dst_nents + 2 + assoc_nents) *

				  sizeof(struct talitos_ptr) + authsize;