| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <CAGhQ9VwgpPv=z3TmODKwaXSneTaCrsj4cTpLEVXJ1aATiGZLrg@mail.gmail.com>
Date: Sun, 7 Aug 2011 20:57:36 +0200
From: Joachim Eastwood <manabian@...il.com>
To: Linus Torvalds <torvalds@...ux-foundation.org>
Cc: Mandeep Singh Baines <msb@...omium.org>,
linux-kernel@...r.kernel.org,
Ramsay Jones <ramsay@...say1.demon.co.uk>,
Nicolas Pitre <nico@....org>,
Herbert Xu <herbert@...dor.hengli.com.au>,
"David S. Miller" <davem@...emloft.net>,
linux-crypto@...r.kernel.org, linux@....linux.org.uk
Subject: Re: [PATCH] lib/sha1: use the git implementation of SHA-1
On Sun, Aug 7, 2011 at 8:38 PM, Linus Torvalds
<torvalds@...ux-foundation.org> wrote:
> There aren't many users of that define, could you just turn it back to the proper 16, and then try changing it to 80 in each place that uses it?
>
> That way we'd see exactly *which* use is the buggy one..
Its drivers/char/random.c.
Boots fine when forcing workspace array in extract_buf to 80.
diff --git a/drivers/char/random.c b/drivers/char/random.c
index c35a785..0584bb0 100644
--- a/drivers/char/random.c
+++ b/drivers/char/random.c
@@ -816,7 +816,7 @@ static size_t account(struct entropy_store *r,
size_t nbytes, int min,
static void extract_buf(struct entropy_store *r, __u8 *out)
{
int i;
- __u32 hash[5], workspace[SHA_WORKSPACE_WORDS];
+ __u32 hash[5], workspace[80 /*SHA_WORKSPACE_WORDS*/];
__u8 extract[64];
/* Generate a hash across the pool, 16 words (512 bits) at a time */
regards
Joachim Eastwood
> Linus
>
> Joachim Eastwood <manabian@...il.com> wrote:
>
>>On Sun, Aug 7, 2011 at 7:44 PM, Linus Torvalds
>><torvalds@...ux-foundation.org> wrote:
>>> On Sun, Aug 7, 2011 at 10:36 AM, Joachim Eastwood
>><manabian@...il.com> wrote:
>>>>
>>>> These printk's come from drivers/char/random.c
>>>> So it doesn't seem like it hangs in any of the sha_* funtions.
>>>
>>> The only other change is to SHA_WORKSPACE_WORDS - I wonder if some
>>> code depends on the old (much bigger) workspace for some reason?
>>>
>>> The git SHA1 routines are way smarter than the old SHA1, and will
>>> re-use the workspace area, so they need only a fraction of the old
>>> area.
>>>
>>> Try changing SHA_WORKSPACE_WORDS back to 80 (in
>>> include/linux/cryptohash.h). The git sha1 only needs 16 words, but ..
>>
>>yup, setting it to 80 makes my kernel boot again :-)
>>
>>> If that fixes it for you, then it's almost certainly some buggy user
>>> that uses the SHA1 workspace array for its own odd case, and
>>> incorrectly "knows" that it's that old wasteful 320 bytes. There's a
>>> few places in networking that uses SHA_WORKSPACE_WORDS.
>>
>>Guess more architectures than ARM are affected by this then.
>>
>>regards
>>Joachim Eastwood
>>
>>> Linus
>>>
>
>
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists