summaryrefslogtreecommitdiff
path: root/drivers/pinctrl/freescale
diff options
context:
space:
mode:
authorTom Lendacky <thomas.lendacky@amd.com>2015-06-01 11:15:53 -0500
committerHerbert Xu <herbert@gondor.apana.org.au>2015-06-03 10:51:28 +0800
commitfb43f69401fef8ed2f72d7ea4a25910a0f2138bc (patch)
treed7402f0cffb4e46314c6861df7408b077a6a56cc /drivers/pinctrl/freescale
parentcfaed10d1f27d036b72bbdc6b1e59ea28c38ec7f (diff)
crypto: ccp - Protect against poorly marked end of sg list
Scatter gather lists can be created with more available entries than are actually used (e.g. using sg_init_table() to reserve a specific number of sg entries, but in actuality using something less than that based on the data length). The caller sometimes fails to mark the last entry with sg_mark_end(). In these cases, sg_nents() will return the original size of the sg list as opposed to the actual number of sg entries that contain valid data. On arm64, if the sg_nents() value is used in a call to dma_map_sg() in this situation, then it causes a BUG_ON in lib/swiotlb.c because an "empty" sg list entry results in dma_capable() returning false and swiotlb trying to create a bounce buffer of size 0. This occurred in the userspace crypto interface before being fixed by 0f477b655a52 ("crypto: algif - Mark sgl end at the end of data") Protect against this by using the new sg_nents_for_len() function which returns only the number of sg entries required to meet the desired length and supplying that value to dma_map_sg(). Signed-off-by: Tom Lendacky <thomas.lendacky@amd.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Diffstat (limited to 'drivers/pinctrl/freescale')
0 files changed, 0 insertions, 0 deletions