commit c708c57e247775928b9a6bce7b4d8d14883bf39b · tjh.dev/kernel

tjh.dev / kernel

Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git

kernel os linux

[S390] prng: prevent access beyond end of stack

While initializing the state of the prng only the first 8 bytes of
random data where used, the second 8 bytes were read from the memory
after the stack. If only 64 bytes of the kernel stack are used and
CONFIG_DEBUG_PAGEALLOC is enabled a kernel panic may occur because of
the invalid page access. Use the correct multiplicator to stay within
the random data buffer.

Signed-off-by: Jan Glauber <jang@linux.vnet.ibm.com>
Signed-off-by: Martin Schwidefsky <schwidefsky@de.ibm.com>

authored by Jan Glauber and committed by Martin Schwidefsky 15 years ago c708c57e 65f8da47

+1 -1

1 changed file

expand all

unified split

arch

s390

crypto

prng.c

+1 -1

arch/s390/crypto/prng.c

··· 76 77 /* Add the entropy */ 78 while (nbytes >= 8) { 79 - *((__u64 *)parm_block) ^= *((__u64 *)buf+i*8); 80 prng_add_entropy(); 81 i += 8; 82 nbytes -= 8;

··· 76 77 /* Add the entropy */ 78 while (nbytes >= 8) { 79 + *((__u64 *)parm_block) ^= *((__u64 *)buf+i); 80 prng_add_entropy(); 81 i += 8; 82 nbytes -= 8;