| Message ID | 49118797.WdfLSz7urc@positron.chronox.de (mailing list archive) |
|---|---|
| State | Superseded |
| Delegated to: | Herbert Xu |
| Headers | show |
diff --git a/crypto/algif_skcipher.c b/crypto/algif_skcipher.c index d7acb73..bc36a9a 100644 --- a/crypto/algif_skcipher.c +++ b/crypto/algif_skcipher.c @@ -179,7 +179,7 @@ static void skcipher_pull_sgl(struct sock *sk, size_t used, int put) if (sg[i].length) return; - if (put) + if (put && page_ref_count(sg_page(sg + i))) put_page(sg_page(sg + i)); sg_assign_page(sg + i, NULL); }
Hi Herbert, This patch fixes the reported BUG reliably that I was able to create with my (faulty) libkcapi test code. However, I am yet unable to pinpoint the code that allocates an SG without an associated page that would trigger the BUG. In any case, if you approve, I would recommend that this patch should go to 4.8 and to stable as well. ---8<--- Ensure that put_page is only invoked on pages that were used by algif_skcipher. Signed-off-by: Stephan Mueller <smueller@chronox.de> --- crypto/algif_skcipher.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-)