lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20160819031417.GA876@zzz>
Date:   Thu, 18 Aug 2016 20:14:17 -0700
From:   Eric Biggers <ebiggers3@...il.com>
To:     Greg Kroah-Hartman <gregkh@...uxfoundation.org>
Cc:     linux-kernel@...r.kernel.org, stable@...r.kernel.org,
        Theodore Tso <tytso@....edu>,
        Eric Biggers <ebiggers@...gle.com>
Subject: Re: [PATCH 3.14 14/46] random: properly align get_random_int_hash

get_random_long() was added in v4.5 and doesn't appear to have been backported
to any stable branches, so my patch doesn't actually need to be backported to
anything older than v4.5.  It won't break anything, though.

On Thu, Aug 18, 2016 at 03:54:36PM +0200, Greg Kroah-Hartman wrote:
> 3.14-stable review patch.  If anyone has any objections, please let me know.
> 
> ------------------
> 
> From: Eric Biggers <ebiggers3@...il.com>
> 
> commit b1132deac01c2332d234fa821a70022796b79182 upstream.
> 
> get_random_long() reads from the get_random_int_hash array using an
> unsigned long pointer.  For this code to be guaranteed correct on all
> architectures, the array must be aligned to an unsigned long boundary.
> 
> Signed-off-by: Eric Biggers <ebiggers3@...il.com>
> Signed-off-by: Theodore Ts'o <tytso@....edu>
> Signed-off-by: Greg Kroah-Hartman <gregkh@...uxfoundation.org>
> 
> ---
>  drivers/char/random.c |    4 +++-
>  1 file changed, 3 insertions(+), 1 deletion(-)
> 
> --- a/drivers/char/random.c
> +++ b/drivers/char/random.c
> @@ -1632,13 +1632,15 @@ int random_int_secret_init(void)
>  	return 0;
>  }
>  
> +static DEFINE_PER_CPU(__u32 [MD5_DIGEST_WORDS], get_random_int_hash)
> +		__aligned(sizeof(unsigned long));
> +
>  /*
>   * Get a random word for internal kernel use only. Similar to urandom but
>   * with the goal of minimal entropy pool depletion. As a result, the random
>   * value is not cryptographically secure but for several uses the cost of
>   * depleting entropy is too high
>   */
> -static DEFINE_PER_CPU(__u32 [MD5_DIGEST_WORDS], get_random_int_hash);
>  unsigned int get_random_int(void)
>  {
>  	__u32 *hash;
> 
> 

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ