From: Herbert Xu <herbert@gondor.apana.org.au>
Date: Wed, 4 May 2016 09:52:56 +0000 (+0800)
Subject: crypto: hash - Fix page length clamping in hash walk
X-Git-Tag: firefly_0821_release~176^2~4^2~45^2~30
X-Git-Url: http://demsky.eecs.uci.edu/git/?a=commitdiff_plain;h=3cbc5f6ed2722a65b75de22fe2206471f093b6c3;p=firefly-linux-kernel-4.4.55.git

crypto: hash - Fix page length clamping in hash walk

commit 13f4bb78cf6a312bbdec367ba3da044b09bf0e29 upstream.

The crypto hash walk code is broken when supplied with an offset
greater than or equal to PAGE_SIZE.  This patch fixes it by adjusting
walk->pg and walk->offset when this happens.

Reported-by: Steffen Klassert <steffen.klassert@secunet.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
---

diff --git a/crypto/ahash.c b/crypto/ahash.c
index d19b52324cf5..dac1c24e9c3e 100644
--- a/crypto/ahash.c
+++ b/crypto/ahash.c
@@ -69,8 +69,9 @@ static int hash_walk_new_entry(struct crypto_hash_walk *walk)
 	struct scatterlist *sg;
 
 	sg = walk->sg;
-	walk->pg = sg_page(sg);
 	walk->offset = sg->offset;
+	walk->pg = sg_page(walk->sg) + (walk->offset >> PAGE_SHIFT);
+	walk->offset = offset_in_page(walk->offset);
 	walk->entrylen = sg->length;
 
 	if (walk->entrylen > walk->total)