lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <20080701231927.GW7647@pirzuine>
Date:	Wed, 2 Jul 2008 01:19:27 +0200
From:	Benoit Boissinot <bboissin@...il.com>
To:	linux-kernel@...r.kernel.org
Cc:	Jack Lloyd <lloyd@...dombit.net>,
	Andrew Morton <akpm@...ux-foundation.org>
Subject: Re: Bug in random32.c: all-zero outputs with probability 1/2^32,
	other seeding bugs

[who maintains random32.c ?]

On Thu, Jun 19, 2008 at 5:30 PM, Jack Lloyd <lloyd@...dombit.net> wrote:
> Hi,
>
> There appears to be an error in how random seeding is done in the
> random32.c RNG. I am looking at 2.6.25.7.
>
[snip]
>
> An easy and straightforward fix for this that doesn't require changing
> any interfaces is to add
>  s &= 0xFFFFFFFF;
> before the check in __set_random32, which ensures this condition will
> be caught by the check. Alternately, you could replace the check for
> s == 0 with some logic like:
>  if((s & 0xFFFFFFFF) == 0)
>     s += 1;
> since just chopping the seed to 32 bits does throw away some of your
> seed input (with sizeof(long) == 8, at least; doesn't make any
> difference for sizeof(long) == 4)
>

I think it is cleaner to change the interface to account for long != u32

The rest of your patch (ensuring values are big enough) looks valid to me.

Signed-off-by: Benoit Boissinot <benoit.boissinot@...-lyon.org>

diff -r ced66ca0044f lib/random32.c
--- a/lib/random32.c	Mon Jun 30 08:58:09 2008 -0700
+++ b/lib/random32.c	Wed Jul 02 01:13:12 2008 +0200
@@ -56,7 +56,7 @@
 	return (state->s1 ^ state->s2 ^ state->s3);
 }

-static void __set_random32(struct rnd_state *state, unsigned long s)
+static void __set_random32(struct rnd_state *state, u32 s)
 {
 	if (s == 0)
 		s = 1;      /* default seed is 1 */
@@ -84,7 +84,7 @@
  */
 u32 random32(void)
 {
-	unsigned long r;
+	u32 r;
 	struct rnd_state *state = &get_cpu_var(net_rand_state);
 	r = __random32(state);
 	put_cpu_var(state);
@@ -122,7 +122,7 @@

 	for_each_possible_cpu(i) {
 		struct rnd_state *state = &per_cpu(net_rand_state,i);
-		__set_random32(state, i + jiffies);
+		__set_random32(state, (u32) i + jiffies);
 	}
 	return 0;
 }
@@ -135,7 +135,7 @@
 static int __init random32_reseed(void)
 {
 	int i;
-	unsigned long seed;
+	u32 seed;

 	for_each_possible_cpu(i) {
 		struct rnd_state *state = &per_cpu(net_rand_state,i);
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ