lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <20160818115300.GA6621@Red>
Date:	Thu, 18 Aug 2016 13:53:00 +0200
From:	LABBE Corentin <clabbe.montjoie@...il.com>
To:	PrasannaKumar Muralidharan <prasannatsmkumar@...il.com>
Cc:	mpm@...enic.com, Herbert Xu <herbert@...dor.apana.org.au>,
	robh+dt@...nel.org, mark.rutland@....com,
	Ralf Baechle <ralf@...ux-mips.org>, davem@...emloft.net,
	geert@...ux-m68k.org, Andrew Morton <akpm@...ux-foundation.org>,
	Greg KH <gregkh@...uxfoundation.org>, mchehab@...nel.org,
	Guenter Roeck <linux@...ck-us.net>,
	boris.brezillon@...e-electrons.com, harvey.hunt@...tec.com,
	alex.smith@...tec.com,
	Daniel Thompson <daniel.thompson@...aro.org>,
	Lee Jones <lee.jones@...aro.org>,
	Florian Fainelli <f.fainelli@...il.com>,
	kieran@...uared.org.uk, Krzysztof Kozlowski <krzk@...nel.org>,
	joshua.henderson@...rochip.com, yendapally.reddy@...adcom.com,
	narmstrong@...libre.com, wangkefeng.wang@...wei.com,
	Christian Lamparter <chunkeey@...glemail.com>,
	Álvaro Fernández Rojas <noltari@...il.com>,
	Linus Walleij <linus.walleij@...aro.org>, pankaj.dev@...com,
	Mathieu Poirier <mathieu.poirier@...aro.org>,
	linux-crypto@...r.kernel.org, devicetree@...r.kernel.org,
	linux-kernel@...r.kernel.org, linux-mips@...ux-mips.org
Subject: Re: [PATCH] Add Ingenic JZ4780 hardware RNG driver

On Thu, Aug 18, 2016 at 10:44:18AM +0530, PrasannaKumar Muralidharan wrote:
> >> +static int jz4780_rng_read(struct hwrng *rng, void *buf, size_t max, bool wait)
> >> +{
> >> +     struct jz4780_rng *jz4780_rng = container_of(rng, struct jz4780_rng,
> >> +                                                     rng);
> >> +     u32 *data = buf;
> >> +     *data = jz4780_rng_readl(jz4780_rng, REG_RNG_DATA);
> >> +     return 4;
> >> +}
> >
> > If max is less than 4, its bad
> 
> Data will be 4 bytes.
> 

No, according to comment in include/linux/hw_random.h "drivers can fill up to max bytes of data"
So you cannot write more than max bytes without risking buffer overflow.

And if max > 4, hwrng client need to recall your read function.
The better example I found is tpm_get_random() in drivers/char/tpm/tpm-interface.c for handling both problem.

Regards

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ