[S390] prng: prevent access beyond end of stack

While initializing the state of the prng only the first 8 bytes of random data where used, the second 8 bytes were read from the memory after the stack. If only 64 bytes of the kernel stack are used and CONFIG_DEBUG_PAGEALLOC is enabled a kernel panic may occur because of the invalid page access. Use the correct multiplicator to stay within the random data buffer. Signed-off-by: N Jan Glauber <jang@linux.vnet.ibm.com> Signed-off-by: N Martin Schwidefsky <schwidefsky@de.ibm.com>

[S390] prng: prevent access beyond end of stack
While initializing the state of the prng only the first 8 bytes of random data where used, the second 8 bytes were read from the memory after the stack. If only 64 bytes of the kernel stack are used and CONFIG_DEBUG_PAGEALLOC is enabled a kernel panic may occur because of the invalid page access. Use the correct multiplicator to stay within the random data buffer. Signed-off-by: N Jan Glauber <jang@linux.vnet.ibm.com> Signed-off-by: N Martin Schwidefsky <schwidefsky@de.ibm.com>
c708c57e · Jan Glauber · Martin Schwidefsky · 65f8da47 · c708c57e
隐藏空白更改
内联并排

Showing with 1 addition and 1 deletion

arch/s390/crypto/prng.c arch/s390/crypto/prng.c +1 -1

未找到文件。
--- a/arch/s390/crypto/prng.c
+++ b/arch/s390/crypto/prng.c
@@ -76,7 +76,7 @@ static void prng_seed(int nbytes)

 	/* Add the entropy */
 	while (nbytes >= 8) {
-		*((__u64 *)parm_block) ^= *((__u64 *)buf+i*8);
+		*((__u64 *)parm_block) ^= *((__u64 *)buf+i);
 		prng_add_entropy();
 		i += 8;
 		nbytes -= 8;