| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-Id: <20180717135307.3713325-1-arnd@arndb.de>
Date: Tue, 17 Jul 2018 15:53:00 +0200
From: Arnd Bergmann <arnd@...db.de>
To: "Theodore Ts'o" <tytso@....edu>, Arnd Bergmann <arnd@...db.de>,
Greg Kroah-Hartman <gregkh@...uxfoundation.org>
Cc: Jann Horn <jannh@...gle.com>, "Tobin C. Harding" <me@...in.cc>,
Rasmus Villemoes <linux@...musvillemoes.dk>,
Eric Biggers <ebiggers@...gle.com>,
linux-kernel@...r.kernel.org
Subject: [PATCH] random: fix rdrand mix-in
The newly added arch_get_random_int() call was done incorrectly,
using the output only if rdrand hardware was /not/ available. The
compiler points out that the data is uninitialized in this case:
drivers/char/random.c: In function 'write_pool.constprop':
drivers/char/random.c:1912:11: error: 't' may be used uninitialized in this function [-Werror=maybe-uninitialized]
This fixes the condition so we only use that data when it was
valid.
Fixes: 349ddb707fb7 ("random: mix rdrand with entropy sent in from userspace")
Signed-off-by: Arnd Bergmann <arnd@...db.de>
---
drivers/char/random.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/drivers/char/random.c b/drivers/char/random.c
index 283fe390e878..71660aef8c8c 100644
--- a/drivers/char/random.c
+++ b/drivers/char/random.c
@@ -1907,7 +1907,7 @@ write_pool(struct entropy_store *r, const char __user *buffer, size_t count)
return -EFAULT;
for (b = bytes ; b > 0 ; b -= sizeof(__u32), i++) {
- if (arch_get_random_int(&t))
+ if (!arch_get_random_int(&t))
continue;
buf[i] ^= t;
}
--
2.9.0
Powered by blists - more mailing lists