lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-Id: <20180918004732.9875-17-dmitry.torokhov@gmail.com>
Date:   Mon, 17 Sep 2018 17:47:29 -0700
From:   Dmitry Torokhov <dmitry.torokhov@...il.com>
To:     linux-input@...r.kernel.org, Tim Schumacher <timschumi@....de>
Cc:     linux-kernel@...r.kernel.org
Subject: [PATCH 17/20] Input: only credit entropy when events are generated by a device

Currently we credit entropy (via add_input_randomness()) regardless of
where an event comes form, a device itself, or an input handler, such as
evdev (and thus from userspace). While access to event devices is supposed
to be tightly controlled (one does not want random processes to be able to
observe or inject keystrokes), developers may use evdev to inject events
for testing purposes. Let's make sure that such events to not contribute
to the entropy to keep the pool 'pure' and do not expose developer's
boxes to not so random data.

Signed-off-by: Dmitry Torokhov <dmitry.torokhov@...il.com>
---
 drivers/input/input.c | 11 +++++++----
 1 file changed, 7 insertions(+), 4 deletions(-)

diff --git a/drivers/input/input.c b/drivers/input/input.c
index 260f00ebe34d..0126b8bb6afa 100644
--- a/drivers/input/input.c
+++ b/drivers/input/input.c
@@ -368,12 +368,15 @@ static int input_get_disposition(struct input_dev *dev,
 }
 
 static void input_handle_event(struct input_dev *dev,
-			       unsigned int type, unsigned int code, int value)
+			       unsigned int type, unsigned int code, int value,
+			       bool can_credit_entropy)
 {
 	int disposition = input_get_disposition(dev, type, code, &value);
 
-	if (disposition != INPUT_IGNORE_EVENT && type != EV_SYN)
+	if (can_credit_entropy &&
+	    disposition != INPUT_IGNORE_EVENT && type != EV_SYN) {
 		add_input_randomness(type, code, value);
+	}
 
 	if ((disposition & INPUT_PASS_TO_DEVICE) && dev->event)
 		dev->event(dev, type, code, value);
@@ -434,7 +437,7 @@ void input_event(struct input_dev *dev,
 	if (is_event_supported(type, dev->evbit, EV_MAX)) {
 
 		spin_lock_irqsave(&dev->event_lock, flags);
-		input_handle_event(dev, type, code, value);
+		input_handle_event(dev, type, code, value, true);
 		spin_unlock_irqrestore(&dev->event_lock, flags);
 	}
 }
@@ -464,7 +467,7 @@ void input_inject_event(struct input_handle *handle,
 		rcu_read_lock();
 		grab = rcu_dereference(dev->grab);
 		if (!grab || grab == handle)
-			input_handle_event(dev, type, code, value);
+			input_handle_event(dev, type, code, value, false);
 		rcu_read_unlock();
 
 		spin_unlock_irqrestore(&dev->event_lock, flags);
-- 
2.19.0.397.gdd90340f6a-goog

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ