lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:	Thu, 27 Mar 2014 00:40:38 +0100
From:	Daniel Borkmann <dborkman@...hat.com>
To:	Sasha Levin <sasha.levin@...cle.com>
CC:	davem@...emloft.net, hannes@...essinduktion.org, tytso@....edu,
	linux-kernel@...r.kernel.org, eric.dumazet@...il.com
Subject: Re: [PATCH] random32: avoid attempt to late reseed if in the middle
 of seeding

On 03/27/2014 12:35 AM, Sasha Levin wrote:
> On 03/26/2014 07:18 PM, Daniel Borkmann wrote:
>> On 03/26/2014 06:12 PM, Sasha Levin wrote:
>>> Commit 4af712e8df ("random32: add prandom_reseed_late() and call when
>>> nonblocking pool becomes initialized") has added a late reseed stage
>>> that happens as soon as the nonblocking pool is marked as initialized.
>>>
>>> This fails in the case that the nonblocking pool gets initialized
>>> during __prandom_reseed()'s call to get_random_bytes(). In that case
>>> we'd double back into __prandom_reseed() in an attempt to do a late
>>> reseed - deadlocking on 'lock' early on in the boot process.
>>>
>>> Instead, just avoid even waiting to do a reseed if a reseed is already
>>> occuring.
>>>
>>> Signed-off-by: Sasha Levin <sasha.levin@...cle.com>
>>
>> Thanks for catching! (If you want Dave to pick it up, please also
>> Cc netdev.)
>>
>> Why not via spin_trylock_irqsave() ? Thus, if we already hold the
>> lock, we do not bother any longer with doing the same work twice
>> and just return.
>
> Your code looks much better, I'll should really stop sending patches
> too early in the morning...
>
> It's also worth adding lib/random32.c to the MAINTAINERS file, as my
> list of recipients is solely based on what get_maintainer.pl tells
> me to do (and I'm assuming that I'm not the last person who will be
> sending patches for this).

Sounds like a good idea, afaik, historically, this got ripped out as
a lib from networking subsystem. That's why we've sent it to netdev
last time.

Cheers,

Daniel
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ