lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-Id: <1220482297.17608.84.camel@calx>
Date:	Wed, 03 Sep 2008 17:51:37 -0500
From:	Matt Mackall <mpm@...enic.com>
To:	Andrew Morton <akpm@...ux-foundation.org>
Cc:	aaron@...finllc.com, linux-kernel@...r.kernel.org, tytso@....edu,
	stable@...nel.org
Subject: Re: drivers/char/random.c line 728 BUG


On Wed, 2008-09-03 at 15:32 -0700, Andrew Morton wrote:
> On Wed, 03 Sep 2008 17:12:00 -0500
> Matt Mackall <mpm@...enic.com> wrote:
> 
> > > Could we still apply his patch for the upcoming stable tree and fix it
> > > the "right" way at some point in the future?
> > 
> > I'm not sure what the current state of play is here in terms of the
> > original patch being pushed to stable and mainline, but my patch is both
> > simpler and more correct. If it's not too late, it's the one that should
> > go to both places.
> 
> It's a fairly minor thing.  The post-this-patch code takes care to
> ensure that ->entropy_count never has an illegal value, so it's OK but
> aesthetially unpleasing to check its value outside the lock.
> 
> And the post-this-patch code generates less .text, so it's a desirable
> thing from that POV too.
> 
> We could/should do both, I guess.

Sure, adding a local variable is fine. Though really, this shouldn't
actually improve things, that's just our compiler being sucky. And I
think it's a wash in terms of readability.

> I kinda ducked your move-the-BUG
> patch because I wasn't in a write-yet-another-changelog mood.

I included one, but it was terse:

 Avoid checking lock-protected entropy_count when lock isn't held.

Here's a more expansive version:

Avoid checking lock-protected entropy_count when lock isn't held. This
fixes a bug reported by and diagnosed by Aaron Straus.

This fixes a regression introduced into 2.6.26 by
 
     commit adc782dae6c4c0f6fb679a48a544cfbcd79ae3dc
     Author: Matt Mackall <mpm@...enic.com>
     Date:   Tue Apr 29 01:03:07 2008 -0700
 
         random: simplify and rename credit_entropy_store

Signed-off-by: Matt Mackall <mpm@...enic.com>
 
diff -r ddae8a8d3c6f drivers/char/random.c
--- a/drivers/char/random.c	Tue Jul 29 03:07:11 2008 +0000
+++ b/drivers/char/random.c	Wed Sep 03 17:43:18 2008 -0500
@@ -726,11 +726,10 @@
 {
 	unsigned long flags;
 
-	BUG_ON(r->entropy_count > r->poolinfo->POOLBITS);
-
 	/* Hold lock while accounting */
 	spin_lock_irqsave(&r->lock, flags);
 
+	BUG_ON(r->entropy_count > r->poolinfo->POOLBITS);
 	DEBUG_ENT("trying to extract %d bits from %s\n",
 		  nbytes * 8, r->name);

-- 
Mathematics is the supreme nostalgia of our time.

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ