Google Git
Sign in
gem5 / arm / linux-arm64-legacy / 79a8468747c5f95ed3d5ce8376a3e82e0c5857fc
commit79a8468747c5f95ed3d5ce8376a3e82e0c5857fc[log] [tgz]
authorHannes Frederic Sowa <hannes@stressinduktion.org>Fri Jul 18 17:26:41 2014 -0400
committerTheodore Ts'o <tytso@mit.edu>Sat Jul 19 01:42:13 2014 -0400
treec84aca1e2222c1966b62bd87f9b702f7782b8f9c
parent1795cd9b3a91d4b5473c97f491d63892442212ab [diff]
random: check for increase of entropy_count because of signed conversion

The expression entropy_count -= ibytes << (ENTROPY_SHIFT + 3) could
actually increase entropy_count if during assignment of the unsigned
expression on the RHS (mind the -=) we reduce the value modulo
2^width(int) and assign it to entropy_count. Trinity found this.

[ Commit modified by tytso to add an additional safety check for a
  negative entropy_count -- which should never happen, and to also add
  an additional paranoia check to prevent overly large count values to
  be passed into urandom_read().  ]

Reported-by: Dave Jones <davej@redhat.com>
Signed-off-by: Hannes Frederic Sowa <hannes@stressinduktion.org>
Signed-off-by: Theodore Ts'o <tytso@mit.edu>
Cc: stable@vger.kernel.org
1 file changed
tree: c84aca1e2222c1966b62bd87f9b702f7782b8f9c
  1. arch/
  2. block/
  3. crypto/
  4. Documentation/
  5. drivers/
  6. firmware/
  7. fs/
  8. include/
  9. init/
  10. ipc/
  11. kernel/
  12. lib/
  13. mm/
  14. net/
  15. samples/
  16. scripts/
  17. security/
  18. sound/
  19. tools/
  20. usr/
  21. virt/
  22. .gitignore
  23. .mailmap
  24. COPYING
  25. CREDITS
  26. Kbuild
  27. Kconfig
  28. MAINTAINERS
  29. Makefile
  30. README
  31. REPORTING-BUGS