From: Hannes Frederic Sowa <hannes@stressinduktion.org>
Date: Fri, 18 Jul 2014 21:26:41 +0000 (-0400)
Subject: random: check for increase of entropy_count because of signed conversion
X-Git-Tag: omap-for-v3.17/fixes-against-rc2~274^2
X-Git-Url: http://git.openpandora.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=79a8468747c5f95ed3d5ce8376a3e82e0c5857fc;p=pandora-kernel.git

random: check for increase of entropy_count because of signed conversion

The expression entropy_count -= ibytes << (ENTROPY_SHIFT + 3) could
actually increase entropy_count if during assignment of the unsigned
expression on the RHS (mind the -=) we reduce the value modulo
2^width(int) and assign it to entropy_count. Trinity found this.

[ Commit modified by tytso to add an additional safety check for a
  negative entropy_count -- which should never happen, and to also add
  an additional paranoia check to prevent overly large count values to
  be passed into urandom_read().  ]

Reported-by: Dave Jones <davej@redhat.com>
Signed-off-by: Hannes Frederic Sowa <hannes@stressinduktion.org>
Signed-off-by: Theodore Ts'o <tytso@mit.edu>
Cc: stable@vger.kernel.org
---

Reading git-diff-tree failed