Patch Detail

HTTP 200 OK
Allow: GET, PUT, PATCH, HEAD, OPTIONS
Content-Type: application/json
Vary: Accept

{
    "id": 2231257,
    "url": "http://patchwork.ozlabs.org/api/patches/2231257/?format=api",
    "web_url": "http://patchwork.ozlabs.org/project/ubuntu-kernel/patch/46ebb67fc01871fad3c4838a3edbbcdebdf5b565.1777550836.git.massimiliano.pellizzer@canonical.com/",
    "project": {
        "id": 15,
        "url": "http://patchwork.ozlabs.org/api/projects/15/?format=api",
        "name": "Ubuntu Kernel",
        "link_name": "ubuntu-kernel",
        "list_id": "kernel-team.lists.ubuntu.com",
        "list_email": "kernel-team@lists.ubuntu.com",
        "web_url": null,
        "scm_url": null,
        "webscm_url": null,
        "list_archive_url": "",
        "list_archive_url_format": "",
        "commit_url_format": ""
    },
    "msgid": "<46ebb67fc01871fad3c4838a3edbbcdebdf5b565.1777550836.git.massimiliano.pellizzer@canonical.com>",
    "list_archive_url": null,
    "date": "2026-04-30T12:30:22",
    "name": "[SRU,N,3/8] crypto: algif_aead - Revert to operating out-of-place",
    "commit_ref": null,
    "pull_url": null,
    "state": "new",
    "archived": false,
    "hash": "48ae849e61eb5f6fdccd36c6ff03f1f4a40d1ff5",
    "submitter": {
        "id": 89057,
        "url": "http://patchwork.ozlabs.org/api/people/89057/?format=api",
        "name": "Massimiliano Pellizzer",
        "email": "massimiliano.pellizzer@canonical.com"
    },
    "delegate": null,
    "mbox": "http://patchwork.ozlabs.org/project/ubuntu-kernel/patch/46ebb67fc01871fad3c4838a3edbbcdebdf5b565.1777550836.git.massimiliano.pellizzer@canonical.com/mbox/",
    "series": [
        {
            "id": 502299,
            "url": "http://patchwork.ozlabs.org/api/series/502299/?format=api",
            "web_url": "http://patchwork.ozlabs.org/project/ubuntu-kernel/list/?series=502299",
            "date": "2026-04-30T12:30:20",
            "name": "CVE-2026-31431",
            "version": 1,
            "mbox": "http://patchwork.ozlabs.org/series/502299/mbox/"
        }
    ],
    "comments": "http://patchwork.ozlabs.org/api/patches/2231257/comments/",
    "check": "pending",
    "checks": "http://patchwork.ozlabs.org/api/patches/2231257/checks/",
    "tags": {},
    "related": [],
    "headers": {
        "Return-Path": "<kernel-team-bounces@lists.ubuntu.com>",
        "X-Original-To": "incoming@patchwork.ozlabs.org",
        "Delivered-To": "patchwork-incoming@legolas.ozlabs.org",
        "Authentication-Results": [
            "legolas.ozlabs.org;\n\tdkim=fail reason=\"signature verification failed\" (4096-bit key;\n unprotected) header.d=canonical.com header.i=@canonical.com\n header.a=rsa-sha256 header.s=20251003 header.b=C+d4tUIO;\n\tdkim-atps=neutral",
            "legolas.ozlabs.org;\n spf=pass (sender SPF authorized) smtp.mailfrom=lists.ubuntu.com\n (client-ip=185.125.189.65; helo=lists.ubuntu.com;\n envelope-from=kernel-team-bounces@lists.ubuntu.com;\n receiver=patchwork.ozlabs.org)"
        ],
        "Received": [
            "from lists.ubuntu.com (lists.ubuntu.com [185.125.189.65])\n\t(using TLSv1.2 with cipher ECDHE-ECDSA-AES256-GCM-SHA384 (256/256 bits))\n\t(No client certificate requested)\n\tby legolas.ozlabs.org (Postfix) with ESMTPS id 4g5tp16s33z23h3\n\tfor <incoming@patchwork.ozlabs.org>; Thu, 30 Apr 2026 22:31:37 +1000 (AEST)",
            "from localhost ([127.0.0.1] helo=lists.ubuntu.com)\n\tby lists.ubuntu.com with esmtp (Exim 4.86_2)\n\t(envelope-from <kernel-team-bounces@lists.ubuntu.com>)\n\tid 1wIQYC-0004dV-Lz; Thu, 30 Apr 2026 12:31:28 +0000",
            "from smtp-relay-internal-1.internal ([10.131.114.114]\n helo=smtp-relay-internal-1.canonical.com)\n by lists.ubuntu.com with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128)\n (Exim 4.86_2) (envelope-from <massimiliano.pellizzer@canonical.com>)\n id 1wIQYA-0004XR-85\n for kernel-team@lists.ubuntu.com; Thu, 30 Apr 2026 12:31:26 +0000",
            "from mail-wm1-f72.google.com (mail-wm1-f72.google.com\n [209.85.128.72])\n (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)\n key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest\n SHA256)\n (No client certificate requested)\n by smtp-relay-internal-1.canonical.com (Postfix) with ESMTPS id 1C85E3F9CB\n for <kernel-team@lists.ubuntu.com>; Thu, 30 Apr 2026 12:31:26 +0000 (UTC)",
            "by mail-wm1-f72.google.com with SMTP id\n 5b1f17b1804b1-48a55ecc32cso7645975e9.1\n for <kernel-team@lists.ubuntu.com>; Thu, 30 Apr 2026 05:31:26 -0700 (PDT)",
            "from tuxedo-infinitybook.ts.net\n (net-93-71-66-38.cust.vodafonedsl.it. [93.71.66.38])\n by smtp.gmail.com with ESMTPSA id\n 5b1f17b1804b1-48a81ed6bafsm103695005e9.2.2026.04.30.05.31.23\n for <kernel-team@lists.ubuntu.com>\n (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);\n Thu, 30 Apr 2026 05:31:23 -0700 (PDT)"
        ],
        "DKIM-Signature": "v=1; a=rsa-sha256; c=relaxed/relaxed; d=canonical.com;\n s=20251003; t=1777552286;\n bh=ATGiKVgg5hBg1V668lM/Kw2xGBusG3VkOLSUqAS4l8s=;\n h=From:To:Subject:Date:Message-ID:In-Reply-To:References:\n MIME-Version;\n b=C+d4tUIOpP5Nk2t7I73QTfRcENHMA/ETx+dRYp9RcOk/ih1/HDOClGz118tRgsD8n\n 7u/8oHDveust/G3EgtGpdul42YU3Tm4EEaV9uHSfV+WWOZhtA+vTAnteRCZEdaA/9V\n YaGgIPhxkPbFWN40bS4hm0+HVo2UjUML9d3ZIhzZDHEgwpng+8onQ1O5ND1bF+Cohu\n lEz6Vivco1ymYc892EhzZeIy85F7G/ypGruufAxIwiPHeF+oIP8HzSo9QDomNrzWIn\n kQLkqWPeYkOxqFEXci2waRJVxnY+XwDvGjdaUZI+m/gCkPclLQKC/J/+CAZi4zsbMC\n oNXKV4rzbgVNRFqFUc2UYEorp2M/pxrL9O6c8XDxzb0uTIRVEMvd/d6tyFeTs1KcQR\n uJBYasc7e0mxiPxeITy2oaf5oxtLaqPuPLRAKeAHiY3lIn7JynCq/ygPHn6rvDf0l3\n 3T+uVXtNqstOJ3RJHfqXL4551nt3/dCC2zE29sc/Rnu7NNtUKstTHSqmdJ3KCKcBdC\n HV0qw2CbH9uFtQq1nipNcWfMsKSn+sU7DVpRGpViWaxp5Itql7Azgfaq19m5wbWTSC\n xd3XfQzHNdm4wSU41ToC/8X8yLi1WndMKVQDjgsdjwoWzH6aK1C+5KCTjpkCE7WIqP\n 4TLZ31RdldSGc3FbIjeW4VEw=",
        "X-Google-DKIM-Signature": "v=1; a=rsa-sha256; c=relaxed/relaxed;\n d=1e100.net; s=20251104; t=1777552285; x=1778157085;\n h=content-transfer-encoding:mime-version:references:in-reply-to\n :message-id:date:subject:to:from:x-gm-gg:x-gm-message-state:from:to\n :cc:subject:date:message-id:reply-to;\n bh=ATGiKVgg5hBg1V668lM/Kw2xGBusG3VkOLSUqAS4l8s=;\n b=iAsqm8EhFitg07kv1mfwvcgUH3sqIVaLiI9kJUQ6BbUjYUujnKu9rpqESMhdZEa1eR\n GrXREi7DzZ/xreHFPXsglaRsb2xb/peXVw/sVqOy85S5vAAUC9+mEZSsIX+DybuZ1u23\n MFEojagKGdruCYVM3m7oYUYQmD7lE7FKD1son2Hol66ks7+L4/Ax57HvPoSSULF2+ET3\n Nn4asaJ8ua0pGwd4alH+prbQw/uD5a55L+0ZV6Zf2AUzIbuHZRSSt9Uhugp9l01M+WDT\n 3l8fx3BCpc5nuDmDhsb7dd/XNRXYgVFP1j4uaTxv56Jgu7J2YijLOAXctN2Z0eohe3KD\n 6FnQ==",
        "X-Gm-Message-State": "AOJu0Yy5HiMlvR7IQLB34RdNkdwT6IBWzUoeCyIktPSsZMhn0eBhbiDf\n B43QzopROYTlVAj9MYI5DNQvA2kF0wTgzqFhuWSpp5RyZBidySNjLoZE8xnG1KRASERd3W71E4o\n ruCpGejNC0QP8GPBEIQjDHwgKVlGK/ZIia3aUrhlvs2c0yPWO17dM60RVCLEac6XISfABjALFUM\n n7C9y0+ulfMLrfuA==",
        "X-Gm-Gg": "AeBDievfXm9Bf96ab9gmJzfAka652LeW0qnxJ7pxSpIayErmeoHmJsQXlQRjhAVSSOV\n jtc49CjrfbinwXntQminFm5x1+mtcGumNzCkcI1QNP3GZSbFaMe4duwIH430lR72hhyTAj28d+J\n MXQ8Ht4HebmLXcYQaBYB2VxBixTfbTASLO8tQCqj6gUQyZnEBmuB2g93VG3dLa4qIG2/fXDgM/Y\n 61yZoG3HFmUe7xZ6b6MYXAHYip3jegBFf9UVsznk96d8aICbq9Jpne2NZcOb0rlS6jdu7u+Zgnu\n 25s8OaDu40kY8mJnac3ce81l2mfK+Uhj8bMzEy1v+wK/l0YJRCNcFVnPVrvnBQePKAQfWO3A4Uv\n 06AMdJDM/r2c+Z0mWHAbfkTUkzA3KK2CtqPNDPPrCYeZ89UocrYST2QSNXTvHPr9YyXtEdPVXi3\n wFCIE4bjjScZkS4KChxv5dtxfjjmHIID4QmOvRLpv/591JyI6glyShsE7t8TfjYdh99ugl+m2sO\n b8yRVDuT2WxvLx2sw9WYig=",
        "X-Received": [
            "by 2002:a05:600c:8b22:b0:485:3a03:ceca with SMTP id\n 5b1f17b1804b1-48a844582c3mr48500425e9.23.1777552285149;\n Thu, 30 Apr 2026 05:31:25 -0700 (PDT)",
            "by 2002:a05:600c:8b22:b0:485:3a03:ceca with SMTP id\n 5b1f17b1804b1-48a844582c3mr48499955e9.23.1777552284537;\n Thu, 30 Apr 2026 05:31:24 -0700 (PDT)"
        ],
        "From": "Massimiliano Pellizzer <massimiliano.pellizzer@canonical.com>",
        "To": "kernel-team@lists.ubuntu.com",
        "Subject": "[SRU][N][PATCH 3/8] crypto: algif_aead - Revert to operating\n out-of-place",
        "Date": "Thu, 30 Apr 2026 14:30:22 +0200",
        "Message-ID": "\n <46ebb67fc01871fad3c4838a3edbbcdebdf5b565.1777550836.git.massimiliano.pellizzer@canonical.com>",
        "X-Mailer": "git-send-email 2.53.0",
        "In-Reply-To": "<cover.1777550836.git.massimiliano.pellizzer@canonical.com>",
        "References": "\n <177754965576.503496.12142658280614619991@tuxedo-infinitybook.public>\n <cover.1777550836.git.massimiliano.pellizzer@canonical.com>",
        "MIME-Version": "1.0",
        "X-BeenThere": "kernel-team@lists.ubuntu.com",
        "X-Mailman-Version": "2.1.20",
        "Precedence": "list",
        "List-Id": "Kernel team discussions <kernel-team.lists.ubuntu.com>",
        "List-Unsubscribe": "<https://lists.ubuntu.com/mailman/options/kernel-team>,\n <mailto:kernel-team-request@lists.ubuntu.com?subject=unsubscribe>",
        "List-Archive": "<https://lists.ubuntu.com/archives/kernel-team>",
        "List-Post": "<mailto:kernel-team@lists.ubuntu.com>",
        "List-Help": "<mailto:kernel-team-request@lists.ubuntu.com?subject=help>",
        "List-Subscribe": "<https://lists.ubuntu.com/mailman/listinfo/kernel-team>,\n <mailto:kernel-team-request@lists.ubuntu.com?subject=subscribe>",
        "Content-Type": "text/plain; charset=\"utf-8\"",
        "Content-Transfer-Encoding": "base64",
        "Errors-To": "kernel-team-bounces@lists.ubuntu.com",
        "Sender": "\"kernel-team\" <kernel-team-bounces@lists.ubuntu.com>"
    },
    "content": "From: Herbert Xu <herbert@gondor.apana.org.au>\n\ncommit a664bf3d603dc3bdcf9ae47cc21e0daec706d7a5 upstream.\n\nThis mostly reverts commit 72548b093ee3 except for the copying of\nthe associated data.\n\nThere is no benefit in operating in-place in algif_aead since the\nsource and destination come from different mappings.  Get rid of\nall the complexity added for in-place operation and just copy the\nAD directly.\n\nFixes: 72548b093ee3 (\"crypto: algif_aead - copy AAD from src to dst\")\nReported-by: Taeyang Lee <0wn@theori.io>\nSigned-off-by: Herbert Xu <herbert@gondor.apana.org.au>\nSigned-off-by: Eric Biggers <ebiggers@kernel.org>\nSigned-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>\n(cherry picked from commit 8b88d99341f139e23bdeb1027a2a3ae10d341d82 linux-6.12.y)\nCVE-2026-31431\nSigned-off-by: Massimiliano Pellizzer <massimiliano.pellizzer@canonical.com>\n---\n crypto/af_alg.c         |  49 ++++----------------\n crypto/algif_aead.c     | 100 ++++++++--------------------------------\n crypto/algif_skcipher.c |   6 +--\n include/crypto/if_alg.h |   5 +-\n 4 files changed, 34 insertions(+), 126 deletions(-)",
    "diff": "diff --git a/crypto/af_alg.c b/crypto/af_alg.c\nindex 3d0b7542f771..cab04b009d03 100644\n--- a/crypto/af_alg.c\n+++ b/crypto/af_alg.c\n@@ -634,15 +634,13 @@ static int af_alg_alloc_tsgl(struct sock *sk)\n /**\n  * af_alg_count_tsgl - Count number of TX SG entries\n  *\n- * The counting starts from the beginning of the SGL to @bytes. If\n- * an @offset is provided, the counting of the SG entries starts at the @offset.\n+ * The counting starts from the beginning of the SGL to @bytes.\n  *\n  * @sk: socket of connection to user space\n  * @bytes: Count the number of SG entries holding given number of bytes.\n- * @offset: Start the counting of SG entries from the given offset.\n  * Return: Number of TX SG entries found given the constraints\n  */\n-unsigned int af_alg_count_tsgl(struct sock *sk, size_t bytes, size_t offset)\n+unsigned int af_alg_count_tsgl(struct sock *sk, size_t bytes)\n {\n \tconst struct alg_sock *ask = alg_sk(sk);\n \tconst struct af_alg_ctx *ctx = ask->private;\n@@ -657,25 +655,11 @@ unsigned int af_alg_count_tsgl(struct sock *sk, size_t bytes, size_t offset)\n \t\tconst struct scatterlist *sg = sgl->sg;\n \n \t\tfor (i = 0; i < sgl->cur; i++) {\n-\t\t\tsize_t bytes_count;\n-\n-\t\t\t/* Skip offset */\n-\t\t\tif (offset >= sg[i].length) {\n-\t\t\t\toffset -= sg[i].length;\n-\t\t\t\tbytes -= sg[i].length;\n-\t\t\t\tcontinue;\n-\t\t\t}\n-\n-\t\t\tbytes_count = sg[i].length - offset;\n-\n-\t\t\toffset = 0;\n \t\t\tsgl_count++;\n-\n-\t\t\t/* If we have seen requested number of bytes, stop */\n-\t\t\tif (bytes_count >= bytes)\n+\t\t\tif (sg[i].length >= bytes)\n \t\t\t\treturn sgl_count;\n \n-\t\t\tbytes -= bytes_count;\n+\t\t\tbytes -= sg[i].length;\n \t\t}\n \t}\n \n@@ -687,19 +671,14 @@ EXPORT_SYMBOL_GPL(af_alg_count_tsgl);\n  * af_alg_pull_tsgl - Release the specified buffers from TX SGL\n  *\n  * If @dst is non-null, reassign the pages to @dst. The caller must release\n- * the pages. If @dst_offset is given only reassign the pages to @dst starting\n- * at the @dst_offset (byte). The caller must ensure that @dst is large\n- * enough (e.g. by using af_alg_count_tsgl with the same offset).\n+ * the pages.\n  *\n  * @sk: socket of connection to user space\n  * @used: Number of bytes to pull from TX SGL\n  * @dst: If non-NULL, buffer is reassigned to dst SGL instead of releasing. The\n  *\t caller must release the buffers in dst.\n- * @dst_offset: Reassign the TX SGL from given offset. All buffers before\n- *\t        reaching the offset is released.\n  */\n-void af_alg_pull_tsgl(struct sock *sk, size_t used, struct scatterlist *dst,\n-\t\t      size_t dst_offset)\n+void af_alg_pull_tsgl(struct sock *sk, size_t used, struct scatterlist *dst)\n {\n \tstruct alg_sock *ask = alg_sk(sk);\n \tstruct af_alg_ctx *ctx = ask->private;\n@@ -724,18 +703,10 @@ void af_alg_pull_tsgl(struct sock *sk, size_t used, struct scatterlist *dst,\n \t\t\t * SG entries in dst.\n \t\t\t */\n \t\t\tif (dst) {\n-\t\t\t\tif (dst_offset >= plen) {\n-\t\t\t\t\t/* discard page before offset */\n-\t\t\t\t\tdst_offset -= plen;\n-\t\t\t\t} else {\n-\t\t\t\t\t/* reassign page to dst after offset */\n-\t\t\t\t\tget_page(page);\n-\t\t\t\t\tsg_set_page(dst + j, page,\n-\t\t\t\t\t\t    plen - dst_offset,\n-\t\t\t\t\t\t    sg[i].offset + dst_offset);\n-\t\t\t\t\tdst_offset = 0;\n-\t\t\t\t\tj++;\n-\t\t\t\t}\n+\t\t\t\t/* reassign page to dst after offset */\n+\t\t\t\tget_page(page);\n+\t\t\t\tsg_set_page(dst + j, page, plen, sg[i].offset);\n+\t\t\t\tj++;\n \t\t\t}\n \n \t\t\tsg[i].length -= plen;\ndiff --git a/crypto/algif_aead.c b/crypto/algif_aead.c\nindex 79b016a899a1..dda15bb05e89 100644\n--- a/crypto/algif_aead.c\n+++ b/crypto/algif_aead.c\n@@ -26,7 +26,6 @@\n #include <crypto/internal/aead.h>\n #include <crypto/scatterwalk.h>\n #include <crypto/if_alg.h>\n-#include <crypto/skcipher.h>\n #include <linux/init.h>\n #include <linux/list.h>\n #include <linux/kernel.h>\n@@ -72,9 +71,8 @@ static int _aead_recvmsg(struct socket *sock, struct msghdr *msg,\n \tstruct alg_sock *pask = alg_sk(psk);\n \tstruct af_alg_ctx *ctx = ask->private;\n \tstruct crypto_aead *tfm = pask->private;\n-\tunsigned int i, as = crypto_aead_authsize(tfm);\n+\tunsigned int as = crypto_aead_authsize(tfm);\n \tstruct af_alg_async_req *areq;\n-\tstruct af_alg_tsgl *tsgl, *tmp;\n \tstruct scatterlist *rsgl_src, *tsgl_src = NULL;\n \tint err = 0;\n \tsize_t used = 0;\t\t/* [in]  TX bufs to be en/decrypted */\n@@ -154,23 +152,24 @@ static int _aead_recvmsg(struct socket *sock, struct msghdr *msg,\n \t\toutlen -= less;\n \t}\n \n+\t/*\n+\t * Create a per request TX SGL for this request which tracks the\n+\t * SG entries from the global TX SGL.\n+\t */\n \tprocessed = used + ctx->aead_assoclen;\n-\tlist_for_each_entry_safe(tsgl, tmp, &ctx->tsgl_list, list) {\n-\t\tfor (i = 0; i < tsgl->cur; i++) {\n-\t\t\tstruct scatterlist *process_sg = tsgl->sg + i;\n-\n-\t\t\tif (!(process_sg->length) || !sg_page(process_sg))\n-\t\t\t\tcontinue;\n-\t\t\ttsgl_src = process_sg;\n-\t\t\tbreak;\n-\t\t}\n-\t\tif (tsgl_src)\n-\t\t\tbreak;\n-\t}\n-\tif (processed && !tsgl_src) {\n-\t\terr = -EFAULT;\n+\tareq->tsgl_entries = af_alg_count_tsgl(sk, processed);\n+\tif (!areq->tsgl_entries)\n+\t\tareq->tsgl_entries = 1;\n+\tareq->tsgl = sock_kmalloc(sk, array_size(sizeof(*areq->tsgl),\n+\t\t\t\t\t         areq->tsgl_entries),\n+\t\t\t\t  GFP_KERNEL);\n+\tif (!areq->tsgl) {\n+\t\terr = -ENOMEM;\n \t\tgoto free;\n \t}\n+\tsg_init_table(areq->tsgl, areq->tsgl_entries);\n+\taf_alg_pull_tsgl(sk, processed, areq->tsgl);\n+\ttsgl_src = areq->tsgl;\n \n \t/*\n \t * Copy of AAD from source to destination\n@@ -179,76 +178,15 @@ static int _aead_recvmsg(struct socket *sock, struct msghdr *msg,\n \t * when user space uses an in-place cipher operation, the kernel\n \t * will copy the data as it does not see whether such in-place operation\n \t * is initiated.\n-\t *\n-\t * To ensure efficiency, the following implementation ensure that the\n-\t * ciphers are invoked to perform a crypto operation in-place. This\n-\t * is achieved by memory management specified as follows.\n \t */\n \n \t/* Use the RX SGL as source (and destination) for crypto op. */\n \trsgl_src = areq->first_rsgl.sgl.sgt.sgl;\n \n-\tif (ctx->enc) {\n-\t\t/*\n-\t\t * Encryption operation - The in-place cipher operation is\n-\t\t * achieved by the following operation:\n-\t\t *\n-\t\t * TX SGL: AAD || PT\n-\t\t *\t    |\t   |\n-\t\t *\t    | copy |\n-\t\t *\t    v\t   v\n-\t\t * RX SGL: AAD || PT || Tag\n-\t\t */\n-\t\tmemcpy_sglist(areq->first_rsgl.sgl.sgt.sgl, tsgl_src,\n-\t\t\t      processed);\n-\t\taf_alg_pull_tsgl(sk, processed, NULL, 0);\n-\t} else {\n-\t\t/*\n-\t\t * Decryption operation - To achieve an in-place cipher\n-\t\t * operation, the following  SGL structure is used:\n-\t\t *\n-\t\t * TX SGL: AAD || CT || Tag\n-\t\t *\t    |\t   |\t ^\n-\t\t *\t    | copy |\t | Create SGL link.\n-\t\t *\t    v\t   v\t |\n-\t\t * RX SGL: AAD || CT ----+\n-\t\t */\n-\n-\t\t/* Copy AAD || CT to RX SGL buffer for in-place operation. */\n-\t\tmemcpy_sglist(areq->first_rsgl.sgl.sgt.sgl, tsgl_src, outlen);\n-\n-\t\t/* Create TX SGL for tag and chain it to RX SGL. */\n-\t\tareq->tsgl_entries = af_alg_count_tsgl(sk, processed,\n-\t\t\t\t\t\t       processed - as);\n-\t\tif (!areq->tsgl_entries)\n-\t\t\tareq->tsgl_entries = 1;\n-\t\tareq->tsgl = sock_kmalloc(sk, array_size(sizeof(*areq->tsgl),\n-\t\t\t\t\t\t\t areq->tsgl_entries),\n-\t\t\t\t\t  GFP_KERNEL);\n-\t\tif (!areq->tsgl) {\n-\t\t\terr = -ENOMEM;\n-\t\t\tgoto free;\n-\t\t}\n-\t\tsg_init_table(areq->tsgl, areq->tsgl_entries);\n-\n-\t\t/* Release TX SGL, except for tag data and reassign tag data. */\n-\t\taf_alg_pull_tsgl(sk, processed, areq->tsgl, processed - as);\n-\n-\t\t/* chain the areq TX SGL holding the tag with RX SGL */\n-\t\tif (usedpages) {\n-\t\t\t/* RX SGL present */\n-\t\t\tstruct af_alg_sgl *sgl_prev = &areq->last_rsgl->sgl;\n-\t\t\tstruct scatterlist *sg = sgl_prev->sgt.sgl;\n-\n-\t\t\tsg_unmark_end(sg + sgl_prev->sgt.nents - 1);\n-\t\t\tsg_chain(sg, sgl_prev->sgt.nents + 1, areq->tsgl);\n-\t\t} else\n-\t\t\t/* no RX SGL present (e.g. authentication only) */\n-\t\t\trsgl_src = areq->tsgl;\n-\t}\n+\tmemcpy_sglist(rsgl_src, tsgl_src, ctx->aead_assoclen);\n \n \t/* Initialize the crypto operation */\n-\taead_request_set_crypt(&areq->cra_u.aead_req, rsgl_src,\n+\taead_request_set_crypt(&areq->cra_u.aead_req, tsgl_src,\n \t\t\t       areq->first_rsgl.sgl.sgt.sgl, used, ctx->iv);\n \taead_request_set_ad(&areq->cra_u.aead_req, ctx->aead_assoclen);\n \taead_request_set_tfm(&areq->cra_u.aead_req, tfm);\n@@ -450,7 +388,7 @@ static void aead_sock_destruct(struct sock *sk)\n \tstruct crypto_aead *tfm = pask->private;\n \tunsigned int ivlen = crypto_aead_ivsize(tfm);\n \n-\taf_alg_pull_tsgl(sk, ctx->used, NULL, 0);\n+\taf_alg_pull_tsgl(sk, ctx->used, NULL);\n \tsock_kzfree_s(sk, ctx->iv, ivlen);\n \tsock_kfree_s(sk, ctx, ctx->len);\n \taf_alg_release_parent(sk);\ndiff --git a/crypto/algif_skcipher.c b/crypto/algif_skcipher.c\nindex 02cea2149504..3c45d982afca 100644\n--- a/crypto/algif_skcipher.c\n+++ b/crypto/algif_skcipher.c\n@@ -138,7 +138,7 @@ static int _skcipher_recvmsg(struct socket *sock, struct msghdr *msg,\n \t * Create a per request TX SGL for this request which tracks the\n \t * SG entries from the global TX SGL.\n \t */\n-\tareq->tsgl_entries = af_alg_count_tsgl(sk, len, 0);\n+\tareq->tsgl_entries = af_alg_count_tsgl(sk, len);\n \tif (!areq->tsgl_entries)\n \t\tareq->tsgl_entries = 1;\n \tareq->tsgl = sock_kmalloc(sk, array_size(sizeof(*areq->tsgl),\n@@ -149,7 +149,7 @@ static int _skcipher_recvmsg(struct socket *sock, struct msghdr *msg,\n \t\tgoto free;\n \t}\n \tsg_init_table(areq->tsgl, areq->tsgl_entries);\n-\taf_alg_pull_tsgl(sk, len, areq->tsgl, 0);\n+\taf_alg_pull_tsgl(sk, len, areq->tsgl);\n \n \t/* Initialize the crypto operation */\n \tskcipher_request_set_tfm(&areq->cra_u.skcipher_req, tfm);\n@@ -363,7 +363,7 @@ static void skcipher_sock_destruct(struct sock *sk)\n \tstruct alg_sock *pask = alg_sk(psk);\n \tstruct crypto_skcipher *tfm = pask->private;\n \n-\taf_alg_pull_tsgl(sk, ctx->used, NULL, 0);\n+\taf_alg_pull_tsgl(sk, ctx->used, NULL);\n \tsock_kzfree_s(sk, ctx->iv, crypto_skcipher_ivsize(tfm));\n \tif (ctx->state)\n \t\tsock_kzfree_s(sk, ctx->state, crypto_skcipher_statesize(tfm));\ndiff --git a/include/crypto/if_alg.h b/include/crypto/if_alg.h\nindex 7d191c52050d..844930bb6783 100644\n--- a/include/crypto/if_alg.h\n+++ b/include/crypto/if_alg.h\n@@ -229,9 +229,8 @@ static inline bool af_alg_readable(struct sock *sk)\n \treturn PAGE_SIZE <= af_alg_rcvbuf(sk);\n }\n \n-unsigned int af_alg_count_tsgl(struct sock *sk, size_t bytes, size_t offset);\n-void af_alg_pull_tsgl(struct sock *sk, size_t used, struct scatterlist *dst,\n-\t\t      size_t dst_offset);\n+unsigned int af_alg_count_tsgl(struct sock *sk, size_t bytes);\n+void af_alg_pull_tsgl(struct sock *sk, size_t used, struct scatterlist *dst);\n void af_alg_wmem_wakeup(struct sock *sk);\n int af_alg_wait_for_data(struct sock *sk, unsigned flags, unsigned min);\n int af_alg_sendmsg(struct socket *sock, struct msghdr *msg, size_t size,\n",
    "prefixes": [
        "SRU",
        "N",
        "3/8"
    ]
}