Hi, On Fri, Jul 18, 2014, at 23:25, Theodore Ts'o wrote: > On Wed, Jul 16, 2014 at 09:18:15PM +0200, Hannes Frederic Sowa wrote: > > The expression entropy_count -= ibytes << (ENTROPY_SHIFT + 3) could > > actually increase entropy_count if during assignment of the unsigned > > expression on the RHS (mind the -=) we reduce the value modulo > > 2^width(int) and assign it to entropy_count. Trinity found this. > > > > Reported-by: Dave Jones <da...@redhat.com> > > Cc: Theodore Ts'o <ty...@mit.edu> > > Cc: Greg Price <pr...@mit.edu> > > Signed-off-by: Hannes Frederic Sowa <han...@stressinduktion.org> > > --- > > As indicated by credit_entropy_bits entropy_count cannot get negative, > > so I don't see any reason to include a check for entropy_count < 0 > > here. Do you agree? > > No, the check is important; after we subtract ibytes << (ENTROPY_SHIFT > + 3) we could drive entropy_count negative, and we don't want to > trigger the WARN_ON().
If we always enter account() with r->entropy_count > 0 I think the checks in place after this patch should suffice. The problem should only arise in case entropy_count < 0 at the beginning of account (or in between if we need to do a retry). I didn't find a way how entropy_count could get smaller than 0 without hitting a WARN_ON and a reset of r->entropy_count = 0. Thanks, Hannes -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/