From: Xiao Ni <xni@xxxxxxxxxx>
commit 9be148e408df7d361ec5afd6299b7736ff3928b0 upstream.
When PAGE_SIZE is greater than 4kB, multiple stripes may share the same
page. Thus, src_offs is added to async_xor_offs() with array of offsets.
However, async_xor() passes NULL src_offs to async_xor_offs(). In such
case, src_offs should not be updated. Add a check before the update.
Fixes: ceaf2966ab08(async_xor: increase src_offs when dropping destination page)
Cc: stable@xxxxxxxxxxxxxxx # v5.10+
Reported-by: Oleksandr Shchirskyi <oleksandr.shchirskyi@xxxxxxxxxxxxxxx>
Tested-by: Oleksandr Shchirskyi <oleksandr.shchirskyi@xxxxxxxxx>
Signed-off-by: Xiao Ni <xni@xxxxxxxxxx>
Signed-off-by: Song Liu <song@xxxxxxxxxx>
Signed-off-by: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx>
---
crypto/async_tx/async_xor.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
--- a/crypto/async_tx/async_xor.c
+++ b/crypto/async_tx/async_xor.c
@@ -233,7 +233,8 @@ async_xor_offs(struct page *dest, unsign
if (submit->flags & ASYNC_TX_XOR_DROP_DST) {
src_cnt--;
src_list++;
- src_offs++;
+ if (src_offs)
+ src_offs++;
}
/* wait for any prerequisite operations */
