| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Wed, 9 Jul 2014 12:18:36 -0400
From: Jason Cooper <jason@...edaemon.net>
To: Amit Shah <amit.shah@...hat.com>
Cc: linux-kernel@...r.kernel.org,
Virtualization List <virtualization@...ts.linux-foundation.org>,
Rusty Russell <rusty@...tcorp.com.au>,
herbert@...dor.apana.org.au, keescook@...omium.org,
stable@...r.kernel.org
Subject: Re: [PATCH v2 2/2] virtio: rng: ensure reads happen after
successful probe
On Sat, Jul 05, 2014 at 11:04:53AM +0530, Amit Shah wrote:
> The hwrng core asks for random data in the hwrng_register() call itself
> from commit d9e7972619. This doesn't play well with virtio -- the
> DRIVER_OK bit is only set by virtio core on a successful probe, and
> we're not yet out of our probe routine when this call is made. This
> causes the host to not acknowledge any requests we put in the virtqueue,
> and the insmod or kernel boot process just waits for data to arrive from
> the host, which never happens.
>
> CC: Kees Cook <keescook@...omium.org>
> CC: Jason Cooper <jason@...edaemon.net>
> CC: Herbert Xu <herbert@...dor.apana.org.au>
> CC: <stable@...r.kernel.org> # For v3.15+
> Signed-off-by: Amit Shah <amit.shah@...hat.com>
> ---
> drivers/char/hw_random/core.c | 6 ++++++
> drivers/char/hw_random/virtio-rng.c | 10 ++++++++++
> 2 files changed, 16 insertions(+)
Yeah, I don't think there's any viable way to get random data out of
virtio-rng at probe time... :-(
Reviewed-by: Jason Cooper <jason@...edaemon.net>
> diff --git a/drivers/char/hw_random/core.c b/drivers/char/hw_random/core.c
> index df95e2f..50f5b76 100644
> --- a/drivers/char/hw_random/core.c
> +++ b/drivers/char/hw_random/core.c
> @@ -68,6 +68,12 @@ static void add_early_randomness(struct hwrng *rng)
> unsigned char bytes[16];
> int bytes_read;
>
> + /*
> + * Currently only virtio-rng cannot return data during device
> + * probe, and that's handled in virtio-rng.c itself. If there
> + * are more such devices, this call to rng_get_data can be
> + * made conditional here instead of doing it per-device.
> + */
> bytes_read = rng_get_data(rng, bytes, sizeof(bytes), 1);
> if (bytes_read > 0)
> add_device_randomness(bytes, bytes_read);
> diff --git a/drivers/char/hw_random/virtio-rng.c b/drivers/char/hw_random/virtio-rng.c
> index f3e7150..157f27c 100644
> --- a/drivers/char/hw_random/virtio-rng.c
> +++ b/drivers/char/hw_random/virtio-rng.c
> @@ -38,6 +38,8 @@ struct virtrng_info {
> int index;
> };
>
> +bool probe_done;
> +
> static void random_recv_done(struct virtqueue *vq)
> {
> struct virtrng_info *vi = vq->vdev->priv;
> @@ -67,6 +69,13 @@ static int virtio_read(struct hwrng *rng, void *buf, size_t size, bool wait)
> int ret;
> struct virtrng_info *vi = (struct virtrng_info *)rng->priv;
>
> + /*
> + * Don't ask host for data till we're setup. This call can
> + * happen during hwrng_register(), after commit d9e7972619.
nit: There's no need to reference the commit in the comment, you already
mention it in the commit log.
thx,
Jason.
> + */
> + if (unlikely(!probe_done))
> + return 0;
> +
> if (!vi->busy) {
> vi->busy = true;
> init_completion(&vi->have_data);
> @@ -137,6 +146,7 @@ static int probe_common(struct virtio_device *vdev)
> return err;
> }
>
> + probe_done = true;
> return 0;
> }
>
> --
> 1.9.3
>
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists