projects
/
GitHub
/
exynos8895
/
android_kernel_samsung_universal8895.git
/ commitdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
| commitdiff |
tree
raw
|
patch
| inline |
side by side
(parent:
e4c576b
)
[CRYPTO] authenc: Fix async crypto crash in crypto_authenc_genicv()
author
Patrick McHardy
<kaber@trash.net>
Tue, 29 Apr 2008 13:44:28 +0000
(21:44 +0800)
committer
Herbert Xu
<herbert@gondor.apana.org.au>
Thu, 1 May 2008 10:22:28 +0000
(18:22 +0800)
crypto_authenc_givencrypt_done uses req->data as struct aead_givcrypt_request,
while it really points to a struct aead_request, causing this crash:
BUG: unable to handle kernel paging request at
6b6b6b6b
IP: [<
dc87517b
>] :authenc:crypto_authenc_genicv+0x23/0x109
*pde =
00000000
Oops: 0000 [#1] PREEMPT DEBUG_PAGEALLOC
Modules linked in: hifn_795x authenc esp4 aead xfrm4_mode_tunnel sha1_generic hmac crypto_hash]
Pid: 3074, comm: ping Not tainted (2.6.25 #4)
EIP: 0060:[<
dc87517b
>] EFLAGS:
00010296
CPU: 0
EIP is at crypto_authenc_genicv+0x23/0x109 [authenc]
EAX:
daa04690
EBX:
daa046e0
ECX:
dab0a100
EDX:
daa046b0
ESI:
6b6b6b6b
EDI:
dc872054
EBP:
c033ff60
ESP:
c033ff0c
DS: 007b ES: 007b FS: 0000 GS: 0033 SS: 0068
Process ping (pid: 3074, ti=
c033f000
task=
db883a80
task.ti=
dab6c000
)
Stack:
00000000
daa046b0
c0215a3e
daa04690
dab0a100
00000000
ffffffff
db9fd7f0
dba208c0
dbbb1720
00000001
daa04720
00000001
c033ff54
c0119ca9
dc852a75
c033ff60
c033ff60
daa046e0
00000000
00000001
c033ff6c
dc87527b
00000001
Call Trace:
[<
c0215a3e
>] ? dev_alloc_skb+0x14/0x29
[<
c0119ca9
>] ? printk+0x15/0x17
[<
dc87527b
>] ? crypto_authenc_givencrypt_done+0x1a/0x27 [authenc]
[<
dc850cca
>] ? hifn_process_ready+0x34a/0x352 [hifn_795x]
[<
dc8353c7
>] ? rhine_napipoll+0x3f2/0x3fd [via_rhine]
[<
dc851a56
>] ? hifn_check_for_completion+0x4d/0xa6 [hifn_795x]
[<
dc851ab9
>] ? hifn_tasklet_callback+0xa/0xc [hifn_795x]
[<
c011d046
>] ? tasklet_action+0x3f/0x66
[<
c011d230
>] ? __do_softirq+0x38/0x7a
[<
c0105a5f
>] ? do_softirq+0x3e/0x71
[<
c011d17c
>] ? irq_exit+0x2c/0x65
[<
c010e0c0
>] ? smp_apic_timer_interrupt+0x5f/0x6a
[<
c01042e4
>] ? apic_timer_interrupt+0x28/0x30
[<
dc851640
>] ? hifn_handle_req+0x44a/0x50d [hifn_795x]
...
Signed-off-by: Patrick McHardy <kaber@trash.net>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
crypto/authenc.c
patch
|
blob
|
blame
|
history
diff --git
a/crypto/authenc.c
b/crypto/authenc.c
index ed8ac5a6fa5ff0bc22fa67fc193a1b0629d4a063..4b226768752abed604033f708d093f0b04aee41b 100644
(file)
--- a/
crypto/authenc.c
+++ b/
crypto/authenc.c
@@
-217,9
+217,10
@@
static void crypto_authenc_givencrypt_done(struct crypto_async_request *req,
int err)
{
if (!err) {
- struct aead_givcrypt_request *greq = req->data;
+ struct aead_request *areq = req->data;
+ struct skcipher_givcrypt_request *greq = aead_request_ctx(areq);
- err = crypto_authenc_genicv(
&greq->
areq, greq->giv, 0);
+ err = crypto_authenc_genicv(areq, greq->giv, 0);
}
aead_request_complete(req->data, err);