lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <20180608112230.77zsd5y7we7hiqei@pathway.suse.cz>
Date:   Fri, 8 Jun 2018 13:22:30 +0200
From:   Petr Mladek <pmladek@...e.com>
To:     Thierry Escande <thierry.escande@...aro.org>
Cc:     Andy Shevchenko <andy.shevchenko@...il.com>,
        Andrew Morton <akpm@...ux-foundation.org>,
        David Miller <davem@...emloft.net>,
        Rasmus Villemoes <linux@...musvillemoes.dk>,
        "Tobin C . Harding" <me@...in.cc>,
        Linux Kernel Mailing List <linux-kernel@...r.kernel.org>
Subject: Re: [PATCH RESEND] lib/test_printf.c: call wait_for_random_bytes()
 before plain %p tests

On Fri 2018-06-08 12:32:33, Thierry Escande wrote:
> On 08/06/2018 11:46, Andy Shevchenko wrote:
> > On Fri, Jun 8, 2018 at 12:07 PM, Thierry Escande
> > <thierry.escande@...aro.org> wrote:
> > 
> > > But as I type I realize it's not necessary. I will simply enclose the call
> > > to wait_for_random_bytes() by #if IS_MODULE() #endif so it gets called only
> > > if built as a module, which is how run_kselftest.sh wants it... If
> > > test_printf is compiled built-in and the crng is not yet initialized the
> > > test will fail anyway so there is no need to add an extra check.
> > 
> > Unfortunately I can't support this as is.
> > We have environments where crng will be ready minutes after the boot.
> > It's unacceptable.
> > 
> > So, we need to have means to not delay test for so long.
> 
> I agree we can't delay test execution for too long. In my case the crng is
> ready only a few seconds after the boot. So we may just skip this plain 'p'
> printf test if crng is not ready then.

Alternative solution would be to accept
const char *str = sizeof(ptr) == 8 ? "(____ptrval____)" : "(ptrval)";
as a valid result. It would make sense to print some warning in that case.

In each case, it would look ugly to use add_random_ready_callback()
wihtout passing a callback. If you really needed to check crng_ready(),
it would be better to make it public.

Best Regards,
Petr

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ