From: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
To: linux-kernel@vger.kernel.org
Cc: Greg Kroah-Hartman <gregkh@linuxfoundation.org>,
stable@vger.kernel.org,
Christophe Leroy <christophe.leroy@c-s.fr>,
Herbert Xu <herbert@gondor.apana.org.au>
Subject: [PATCH 4.9 51/88] crypto: talitos - fix Kernel Oops on hashing an empty file
Date: Thu, 15 Feb 2018 16:17:18 +0100 [thread overview]
Message-ID: <20180215151229.786726949@linuxfoundation.org> (raw)
In-Reply-To: <20180215151222.437136975@linuxfoundation.org>
4.9-stable review patch. If anyone has any objections, please let me know.
------------------
From: LEROY Christophe <christophe.leroy@c-s.fr>
commit 87a81dce53b1ea61acaeefa5191a0376a2d1d721 upstream.
Performing the hash of an empty file leads to a kernel Oops
[ 44.504600] Unable to handle kernel paging request for data at address 0x0000000c
[ 44.512819] Faulting instruction address: 0xc02d2be8
[ 44.524088] Oops: Kernel access of bad area, sig: 11 [#1]
[ 44.529171] BE PREEMPT CMPC885
[ 44.532232] CPU: 0 PID: 491 Comm: md5sum Not tainted 4.15.0-rc8-00211-g3a968610b6ea #81
[ 44.540814] NIP: c02d2be8 LR: c02d2984 CTR: 00000000
[ 44.545812] REGS: c6813c90 TRAP: 0300 Not tainted (4.15.0-rc8-00211-g3a968610b6ea)
[ 44.554223] MSR: 00009032 <EE,ME,IR,DR,RI> CR: 48222822 XER: 20000000
[ 44.560855] DAR: 0000000c DSISR: c0000000
[ 44.560855] GPR00: c02d28fc c6813d40 c6828000 c646fa40 00000001 00000001 00000001 00000000
[ 44.560855] GPR08: 0000004c 00000000 c000bfcc 00000000 28222822 100280d4 00000000 10020008
[ 44.560855] GPR16: 00000000 00000020 00000000 00000000 10024008 00000000 c646f9f0 c6179a10
[ 44.560855] GPR24: 00000000 00000001 c62f0018 c6179a10 00000000 c6367a30 c62f0000 c646f9c0
[ 44.598542] NIP [c02d2be8] ahash_process_req+0x448/0x700
[ 44.603751] LR [c02d2984] ahash_process_req+0x1e4/0x700
[ 44.608868] Call Trace:
[ 44.611329] [c6813d40] [c02d28fc] ahash_process_req+0x15c/0x700 (unreliable)
[ 44.618302] [c6813d90] [c02060c4] hash_recvmsg+0x11c/0x210
[ 44.623716] [c6813db0] [c0331354] ___sys_recvmsg+0x98/0x138
[ 44.629226] [c6813eb0] [c03332c0] __sys_recvmsg+0x40/0x84
[ 44.634562] [c6813f10] [c03336c0] SyS_socketcall+0xb8/0x1d4
[ 44.640073] [c6813f40] [c000d1ac] ret_from_syscall+0x0/0x38
[ 44.645530] Instruction dump:
[ 44.648465] 38c00001 7f63db78 4e800421 7c791b78 54690ffe 0f090000 80ff0190 2f870000
[ 44.656122] 40befe50 2f990001 409e0210 813f01bc <8129000c> b39e003a 7d29c214 913e003c
This patch fixes that Oops by checking if src is NULL.
Fixes: 6a1e8d14156d4 ("crypto: talitos - making mapping helpers more generic")
Signed-off-by: Christophe Leroy <christophe.leroy@c-s.fr>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
---
drivers/crypto/talitos.c | 4 ++++
1 file changed, 4 insertions(+)
--- a/drivers/crypto/talitos.c
+++ b/drivers/crypto/talitos.c
@@ -1127,6 +1127,10 @@ int talitos_sg_map(struct device *dev, s
to_talitos_ptr_len(ptr, len, is_sec1);
to_talitos_ptr_ext_set(ptr, 0, is_sec1);
+ if (!src) {
+ to_talitos_ptr(ptr, 0, 0, is_sec1);
+ return 1;
+ }
if (sg_count == 1) {
to_talitos_ptr(ptr, sg_dma_address(src) + offset, is_sec1);
return sg_count;
next prev parent reply other threads:[~2018-02-15 15:17 UTC|newest]
Thread overview: 100+ messages / expand[flat|nested] mbox.gz Atom feed top
2018-02-15 15:16 [PATCH 4.9 00/88] 4.9.82-stable review Greg Kroah-Hartman
2018-02-15 15:16 ` [PATCH 4.9 01/88] powerpc/pseries: include linux/types.h in asm/hvcall.h Greg Kroah-Hartman
2018-02-15 15:16 ` [PATCH 4.9 02/88] cifs: Fix missing put_xid in cifs_file_strict_mmap Greg Kroah-Hartman
2018-02-15 15:16 ` [PATCH 4.9 03/88] cifs: Fix autonegotiate security settings mismatch Greg Kroah-Hartman
2018-02-15 15:16 ` [PATCH 4.9 04/88] CIFS: zero sensitive data when freeing Greg Kroah-Hartman
2018-02-15 15:16 ` [PATCH 4.9 05/88] dmaengine: dmatest: fix container_of member in dmatest_callback Greg Kroah-Hartman
2018-02-15 15:16 ` [PATCH 4.9 06/88] kaiser: fix compile error without vsyscall Greg Kroah-Hartman
2018-02-15 15:16 ` [PATCH 4.9 07/88] posix-timer: Properly check sigevent->sigev_notify Greg Kroah-Hartman
2018-02-15 15:16 ` [PATCH 4.9 08/88] usb: gadget: uvc: Missing files for configfs interface Greg Kroah-Hartman
2018-02-15 15:16 ` [PATCH 4.9 09/88] sched/rt: Use container_of() to get root domain in rto_push_irq_work_func() Greg Kroah-Hartman
2018-02-15 15:16 ` [PATCH 4.9 10/88] sched/rt: Up the root domain ref count when passing it around via IPIs Greg Kroah-Hartman
2018-02-15 15:16 ` [PATCH 4.9 11/88] dccp: CVE-2017-8824: use-after-free in DCCP code Greg Kroah-Hartman
2018-02-15 15:16 ` [PATCH 4.9 12/88] media: dvb-usb-v2: lmedm04: Improve logic checking of warm start Greg Kroah-Hartman
2018-02-15 15:16 ` [PATCH 4.9 13/88] media: dvb-usb-v2: lmedm04: move ts2020 attach to dm04_lme2510_tuner Greg Kroah-Hartman
2018-02-15 15:16 ` [PATCH 4.9 14/88] media: hdpvr: Fix an error handling path in hdpvr_probe() Greg Kroah-Hartman
2018-02-15 15:16 ` [PATCH 4.9 15/88] mtd: cfi: convert inline functions to macros Greg Kroah-Hartman
2018-02-15 15:16 ` [PATCH 4.9 16/88] mtd: nand: brcmnand: Disable prefetch by default Greg Kroah-Hartman
2018-02-15 15:16 ` [PATCH 4.9 17/88] mtd: nand: Fix nand_do_read_oob() return value Greg Kroah-Hartman
2018-02-15 15:16 ` [PATCH 4.9 18/88] mtd: nand: sunxi: Fix ECC strength choice Greg Kroah-Hartman
2018-02-15 15:16 ` [PATCH 4.9 19/88] ubi: fastmap: Erase outdated anchor PEBs during attach Greg Kroah-Hartman
2018-02-15 15:16 ` [PATCH 4.9 20/88] ubi: block: Fix locking for idr_alloc/idr_remove Greg Kroah-Hartman
2018-02-15 15:16 ` [PATCH 4.9 21/88] ubifs: Massage assert in ubifs_xattr_set() wrt. init_xattrs Greg Kroah-Hartman
2018-02-15 15:16 ` [PATCH 4.9 22/88] nfs/pnfs: fix nfs_direct_req ref leak when i/o falls back to the mds Greg Kroah-Hartman
2018-02-15 15:16 ` [PATCH 4.9 23/88] NFS: Add a cond_resched() to nfs_commit_release_pages() Greg Kroah-Hartman
2018-02-15 15:16 ` [PATCH 4.9 24/88] NFS: commit direct writes even if they fail partially Greg Kroah-Hartman
2018-02-15 15:16 ` [PATCH 4.9 25/88] NFS: reject request for id_legacy key without auxdata Greg Kroah-Hartman
2018-02-15 15:16 ` [PATCH 4.9 26/88] NFS: Fix a race between mmap() and O_DIRECT Greg Kroah-Hartman
2018-02-15 15:16 ` [PATCH 4.9 27/88] kernfs: fix regression in kernfs_fop_write caused by wrong type Greg Kroah-Hartman
2018-02-15 15:16 ` [PATCH 4.9 28/88] ahci: Annotate PCI ids for mobile Intel chipsets as such Greg Kroah-Hartman
2018-02-15 15:16 ` [PATCH 4.9 29/88] ahci: Add PCI ids for Intel Bay Trail, Cherry Trail and Apollo Lake AHCI Greg Kroah-Hartman
2018-02-15 15:16 ` [PATCH 4.9 30/88] ahci: Add Intel Cannon Lake PCH-H PCI ID Greg Kroah-Hartman
2018-02-15 15:16 ` [PATCH 4.9 31/88] crypto: hash - introduce crypto_hash_alg_has_setkey() Greg Kroah-Hartman
2018-02-15 15:16 ` [PATCH 4.9 32/88] crypto: cryptd - pass through absence of ->setkey() Greg Kroah-Hartman
2018-02-15 15:17 ` [PATCH 4.9 33/88] crypto: mcryptd " Greg Kroah-Hartman
2018-02-15 15:17 ` [PATCH 4.9 34/88] crypto: poly1305 - remove ->setkey() method Greg Kroah-Hartman
2018-02-15 15:17 ` [PATCH 4.9 35/88] nsfs: mark dentry with DCACHE_RCUACCESS Greg Kroah-Hartman
2018-02-15 15:17 ` [PATCH 4.9 36/88] media: v4l2-ioctl.c: dont copy back the result for -ENOTTY Greg Kroah-Hartman
2018-02-15 15:17 ` [PATCH 4.9 37/88] media: v4l2-compat-ioctl32.c: add missing VIDIOC_PREPARE_BUF Greg Kroah-Hartman
2018-02-15 15:17 ` [PATCH 4.9 38/88] media: v4l2-compat-ioctl32.c: fix the indentation Greg Kroah-Hartman
2018-02-15 15:17 ` [PATCH 4.9 39/88] media: v4l2-compat-ioctl32.c: move helper functions to __get/put_v4l2_format32 Greg Kroah-Hartman
2018-02-15 15:17 ` [PATCH 4.9 40/88] media: v4l2-compat-ioctl32.c: avoid sizeof(type) Greg Kroah-Hartman
2018-02-15 15:17 ` [PATCH 4.9 41/88] media: v4l2-compat-ioctl32.c: copy m.userptr in put_v4l2_plane32 Greg Kroah-Hartman
2018-02-15 15:17 ` [PATCH 4.9 42/88] media: v4l2-compat-ioctl32.c: fix ctrl_is_pointer Greg Kroah-Hartman
2018-02-15 15:17 ` [PATCH 4.9 43/88] media: v4l2-compat-ioctl32.c: make ctrl_is_pointer work for subdevs Greg Kroah-Hartman
2018-02-15 15:17 ` [PATCH 4.9 44/88] media: v4l2-compat-ioctl32: Copy v4l2_window->global_alpha Greg Kroah-Hartman
2018-02-15 15:17 ` [PATCH 4.9 45/88] media: v4l2-compat-ioctl32.c: copy clip list in put_v4l2_window32 Greg Kroah-Hartman
2018-02-15 15:17 ` [PATCH 4.9 46/88] media: v4l2-compat-ioctl32.c: drop pr_info for unknown buffer type Greg Kroah-Hartman
2018-02-15 15:17 ` [PATCH 4.9 47/88] media: v4l2-compat-ioctl32.c: dont copy back the result for certain errors Greg Kroah-Hartman
2018-02-15 15:17 ` [PATCH 4.9 48/88] media: v4l2-compat-ioctl32.c: refactor compat ioctl32 logic Greg Kroah-Hartman
2018-02-15 15:17 ` [PATCH 4.9 49/88] crypto: caam - fix endless loop when DECO acquire fails Greg Kroah-Hartman
2018-02-15 15:17 ` [PATCH 4.9 50/88] crypto: sha512-mb - initialize pending lengths correctly Greg Kroah-Hartman
2018-02-15 15:17 ` Greg Kroah-Hartman [this message]
2018-02-15 15:17 ` [PATCH 4.9 52/88] arm: KVM: Fix SMCCC handling of unimplemented SMC/HVC calls Greg Kroah-Hartman
2018-02-15 15:17 ` [PATCH 4.9 53/88] KVM: nVMX: Fix races when sending nested PI while dest enters/leaves L2 Greg Kroah-Hartman
2018-02-15 15:17 ` [PATCH 4.9 54/88] KVM: arm/arm64: Handle CPU_PM_ENTER_FAILED Greg Kroah-Hartman
2018-02-15 15:17 ` [PATCH 4.9 55/88] ASoC: rockchip: i2s: fix playback after runtime resume Greg Kroah-Hartman
2018-02-15 15:17 ` [PATCH 4.9 56/88] ASoC: skl: Fix kernel warning due to zero NHTL entry Greg Kroah-Hartman
2018-02-15 15:17 ` [PATCH 4.9 57/88] watchdog: imx2_wdt: restore previous timeout after suspend+resume Greg Kroah-Hartman
2018-02-15 15:17 ` [PATCH 4.9 58/88] media: dvb-frontends: fix i2c access helpers for KASAN Greg Kroah-Hartman
2018-02-15 15:17 ` [PATCH 4.9 59/88] media: ts2020: avoid integer overflows on 32 bit machines Greg Kroah-Hartman
2018-02-15 15:17 ` [PATCH 4.9 60/88] media: cxusb, dib0700: ignore XC2028_I2C_FLUSH Greg Kroah-Hartman
2018-02-15 15:17 ` [PATCH 4.9 61/88] fs/proc/kcore.c: use probe_kernel_read() instead of memcpy() Greg Kroah-Hartman
2018-02-15 15:17 ` [PATCH 4.9 62/88] kernel/async.c: revert "async: simplify lowest_in_progress()" Greg Kroah-Hartman
2018-02-15 15:17 ` [PATCH 4.9 63/88] kernel/relay.c: revert "kernel/relay.c: fix potential memory leak" Greg Kroah-Hartman
2018-02-15 15:17 ` [PATCH 4.9 64/88] pipe: actually allow root to exceed the pipe buffer limits Greg Kroah-Hartman
2018-02-15 15:17 ` [PATCH 4.9 65/88] pipe: fix off-by-one error when checking " Greg Kroah-Hartman
2018-02-15 15:17 ` [PATCH 4.9 66/88] HID: quirks: Fix keyboard + touchpad on Toshiba Click Mini not working Greg Kroah-Hartman
2018-02-15 15:17 ` [PATCH 4.9 67/88] Bluetooth: btsdio: Do not bind to non-removable BCM43341 Greg Kroah-Hartman
2018-02-15 15:17 ` [PATCH 4.9 68/88] Revert "Bluetooth: btusb: fix QCA Rome suspend/resume" Greg Kroah-Hartman
2018-02-15 15:17 ` [PATCH 4.9 69/88] Bluetooth: btusb: Restore QCA Rome suspend/resume fix with a "rewritten" version Greg Kroah-Hartman
2018-02-15 15:17 ` [OpenRISC] [PATCH 4.9 70/88] signal/openrisc: Fix do_unaligned_access to send the proper signal Greg Kroah-Hartman
2018-02-15 15:17 ` Greg Kroah-Hartman
2018-02-15 15:17 ` [PATCH 4.9 71/88] signal/sh: Ensure si_signo is initialized in do_divide_error Greg Kroah-Hartman
2018-02-15 15:17 ` Greg Kroah-Hartman
2018-02-15 15:17 ` [PATCH 4.9 72/88] alpha: fix crash if pthread_create races with signal delivery Greg Kroah-Hartman
2018-02-15 15:17 ` [PATCH 4.9 73/88] alpha: fix reboot on Avanti platform Greg Kroah-Hartman
2018-02-15 15:17 ` [PATCH 4.9 74/88] alpha: fix formating of stack content Greg Kroah-Hartman
2018-02-15 15:17 ` [PATCH 4.9 75/88] xtensa: fix futex_atomic_cmpxchg_inatomic Greg Kroah-Hartman
2018-02-15 15:17 ` [PATCH 4.9 76/88] EDAC, octeon: Fix an uninitialized variable warning Greg Kroah-Hartman
2018-02-15 15:17 ` [PATCH 4.9 77/88] pinctrl: intel: Initialize GPIO properly when used through irqchip Greg Kroah-Hartman
2018-02-15 15:17 ` [PATCH 4.9 78/88] pktcdvd: Fix pkt_setup_dev() error path Greg Kroah-Hartman
2018-02-15 15:17 ` [PATCH 4.9 79/88] clocksource/drivers/stm32: Fix kernel panic with multiple timers Greg Kroah-Hartman
2018-02-15 15:17 ` [PATCH 4.9 80/88] lib/ubsan.c: s/missaligned/misaligned/ Greg Kroah-Hartman
2018-02-15 15:17 ` [PATCH 4.9 81/88] lib/ubsan: add type mismatch handler for new GCC/Clang Greg Kroah-Hartman
2018-02-15 15:17 ` [PATCH 4.9 82/88] btrfs: Handle btrfs_set_extent_delalloc failure in fixup worker Greg Kroah-Hartman
2018-02-15 15:17 ` [PATCH 4.9 83/88] drm/i915: Avoid PPS HW/SW state mismatch due to rounding Greg Kroah-Hartman
2018-02-15 15:17 ` [PATCH 4.9 84/88] ACPI: sbshc: remove raw pointer from printk() message Greg Kroah-Hartman
2018-02-15 15:17 ` [PATCH 4.9 85/88] acpi, nfit: fix register dimm error handling Greg Kroah-Hartman
2018-02-15 15:17 ` [PATCH 4.9 86/88] ovl: fix failure to fsync lower dir Greg Kroah-Hartman
2018-02-15 15:17 ` [PATCH 4.9 87/88] mn10300/misalignment: Use SIGSEGV SEGV_MAPERR to report a failed user copy Greg Kroah-Hartman
2018-02-15 15:17 ` [PATCH 4.9 88/88] ftrace: Remove incorrect setting of glob search field Greg Kroah-Hartman
2018-02-15 22:01 ` [PATCH 4.9 00/88] 4.9.82-stable review Shuah Khan
2018-02-15 22:36 ` kernelci.org bot
2018-02-16 6:00 ` Naresh Kamboju
2018-02-16 14:19 ` Guenter Roeck
2018-02-16 19:21 ` Greg Kroah-Hartman
2018-02-16 19:54 ` Greg Kroah-Hartman
2018-02-16 20:25 ` Greg Kroah-Hartman
2018-02-16 20:39 ` Guenter Roeck
2018-02-16 20:44 ` Greg Kroah-Hartman
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20180215151229.786726949@linuxfoundation.org \
--to=gregkh@linuxfoundation.org \
--cc=christophe.leroy@c-s.fr \
--cc=herbert@gondor.apana.org.au \
--cc=linux-kernel@vger.kernel.org \
--cc=stable@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.