lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Fri, 8 Jun 2018 11:07:11 +0200
From:   Thierry Escande <thierry.escande@...aro.org>
To:     Petr Mladek <pmladek@...e.com>
Cc:     Andrew Morton <akpm@...ux-foundation.org>,
        David Miller <davem@...emloft.net>,
        Rasmus Villemoes <linux@...musvillemoes.dk>,
        "Tobin C . Harding" <me@...in.cc>, linux-kernel@...r.kernel.org,
        Andy Shevchenko <andy.shevchenko@...il.com>
Subject: Re: [PATCH RESEND] lib/test_printf.c: call wait_for_random_bytes()
 before plain %p tests



On 08/06/2018 10:04, Petr Mladek wrote:
> On Thu 2018-06-07 20:47:25, Thierry Escande wrote:
>> Hi Petr,
>>
>> On 07/06/2018 14:24, Petr Mladek wrote:
>>> On Mon 2018-06-04 13:37:08, Thierry Escande wrote:
>>>> If the test_printf module is loaded before the crng is initialized, the
>>>> plain 'p' tests will fail because the printed address will not be hashed
>>>> and the buffer will contain '(ptrval)' instead.
>>>> This patch adds a call to wait_for_random_bytes() before plain 'p' tests
>>>> to make sure the crng is initialized.
>>>
>>> Hmm, my system did not boot with this patch and
>>> CONFIG_TEST_PRINTF=y
>>>
>>> I guess that there was not enough entropy. It is basically a deadlock.
>>> The build-in module init calls are called when SMP is enabled but
>>> there is no real activity and the init calls are called sequentially.
>>> Therefore there is nothing that could produce some entropy, ...
>>>
>>> I suggest to skip the test when crng is not ready.
>>
>> Thanks for pointing this out.
>>
>> The issue is that the crng_ready() is not available outside of random.c.
>> I'll leave the call to wait_for_random_bytes() if test_printf is compiled as
>> a module and use add_random_ready_callback() to check if crng is initialized
>> otherwise. Does that sound ok to you?
> 
> Great, I was not aware of add_random_ready_callback().
> 
> I suggest to make the decision in test_printf_init()
> and run all tests either as the callback or immediately.
> 

The run_kselftest.sh script relies on the error code returned by 
modprobe to check if the test is passed or not. So the init function has 
to return the test results and we cannot defer the test execution in the 
random ready callback if the crng is not yet initialized at __init.

My idea was to use add_random_ready_callback() as a non blocking test 
when compiled built-in as it returns -EALREADY if crng is already 
initialized.

But as I type I realize it's not necessary. I will simply enclose the 
call to wait_for_random_bytes() by #if IS_MODULE() #endif so it gets 
called only if built as a module, which is how run_kselftest.sh wants 
it... If test_printf is compiled built-in and the crng is not yet 
initialized the test will fail anyway so there is no need to add an 
extra check.

Regards,
Thierry

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ