| From 006c4a8a6763932808821fc3ba38fbecc59e0267 Mon Sep 17 00:00:00 2001 |
| From: Corentin Labbe <clabbe.montjoie@gmail.com> |
| Date: Thu, 18 Apr 2019 10:17:34 +0200 |
| Subject: crypto: sun4i-ss - Fix invalid calculation of hash end |
| |
| [ Upstream commit f87391558acf816b48f325a493d81d45dec40da0 ] |
| |
| When nbytes < 4, end is wronlgy set to a negative value which, due to |
| uint, is then interpreted to a large value leading to a deadlock in the |
| following code. |
| |
| This patch fix this problem. |
| |
| Fixes: 6298e948215f ("crypto: sunxi-ss - Add Allwinner Security System crypto accelerator") |
| Signed-off-by: Corentin Labbe <clabbe.montjoie@gmail.com> |
| Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> |
| Signed-off-by: Sasha Levin <sashal@kernel.org> |
| --- |
| drivers/crypto/sunxi-ss/sun4i-ss-hash.c | 5 ++++- |
| 1 file changed, 4 insertions(+), 1 deletion(-) |
| |
| diff --git a/drivers/crypto/sunxi-ss/sun4i-ss-hash.c b/drivers/crypto/sunxi-ss/sun4i-ss-hash.c |
| index a4b5ff2b72f87..f6936bb3b7be4 100644 |
| --- a/drivers/crypto/sunxi-ss/sun4i-ss-hash.c |
| +++ b/drivers/crypto/sunxi-ss/sun4i-ss-hash.c |
| @@ -240,7 +240,10 @@ static int sun4i_hash(struct ahash_request *areq) |
| } |
| } else { |
| /* Since we have the flag final, we can go up to modulo 4 */ |
| - end = ((areq->nbytes + op->len) / 4) * 4 - op->len; |
| + if (areq->nbytes < 4) |
| + end = 0; |
| + else |
| + end = ((areq->nbytes + op->len) / 4) * 4 - op->len; |
| } |
| |
| /* TODO if SGlen % 4 and !op->len then DMA */ |
| -- |
| 2.20.1 |
| |
