[PATCH 01/14] random: fix signedness bug

From: Greg Price
Date: Sat Dec 14 2013 - 21:01:00 EST


Negative numbers and size_t don't mix. When the total entropy
available was less than 'reserved', we would fail to enforce any limit
at all. Fix that. We never care how negative have_bytes - reserved
is, so just flatten it to zero if negative.

This behavior entered in 987cd8c30 "random: simplify accounting code"
a few commits ago. Before that, for a long time we would compare
have_bytes - reserved (or equivalent) to ibytes or store it into ibytes,
but only inside a condition that guaranteed it wasn't negative.

Signed-off-by: Greg Price <price@xxxxxxx>
---
drivers/char/random.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/drivers/char/random.c b/drivers/char/random.c
index 8cc7d6515..1dd5f2634 100644
--- a/drivers/char/random.c
+++ b/drivers/char/random.c
@@ -977,7 +977,8 @@ retry:
ibytes = nbytes;
/* If limited, never pull more than available */
if (r->limit)
- ibytes = min_t(size_t, ibytes, have_bytes - reserved);
+ ibytes = min_t(size_t, ibytes,
+ max(0, have_bytes - reserved));
if (ibytes < min)
ibytes = 0;
entropy_count = max_t(int, 0,
--
1.8.3.2

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/