crypto: algif_aead - Fix minimum RX size check for decryption

The check for the minimum receive buffer size did not take the
tag size into account during decryption.  Fix this by adding the
required extra length.

Reported-by: [email protected]
Reported-by: Daniel Pouzzner <[email protected]>
Fixes: d887c52 ("crypto: algif_aead - overhaul memory management")
Signed-off-by: Herbert Xu <[email protected]>

Author: herbertx

crypto/algif_aead.c

@@ -144,7 +144,7 @@ static int _aead_recvmsg(struct socket *sock, struct msghdr *msg,
 	if (usedpages < outlen) {
 		size_t less = outlen - usedpages;
 
-		if (used < less) {
+		if (used < less + (ctx->enc ? 0 : as)) {
 			err = -EINVAL;
 			goto free;
 		}