On Thu, Aug 10, 2017 at 08:06:18AM +0200, Stephan Müller wrote: > Hi Herbert, > > I found that issue while playing around with edge conditions in my > algif_akcipher implementation. This issue only manifests in a > segmentation violation on 32 bit machines and with an SGL where each > SG points to one byte. SGLs with larger buffers seem to be not > affected by this issue. > > Yet this access-after-unmap should be a candidate for stable, IMHO. > > ---8<--- > > Using sg_miter_start and sg_miter_next, the buffer of an SG is kmap'ed > to *buff. The current code calls sg_miter_stop (and thus kunmap) on the > SG entry before the last access of *buff. > > The patch moves the sg_miter_stop call after the last access to *buff to > ensure that the memory pointed to by *buff is still mapped. > > Signed-off-by: Stephan Mueller <smueller@xxxxxxxxxx> Patch applied. Thanks. -- Email: Herbert Xu <herbert@xxxxxxxxxxxxxxxxxxx> Home Page: http://gondor.apana.org.au/~herbert/ PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt