lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Date:   Wed, 22 Jan 2020 10:03:44 +0000
From:   Vincenzo Frascino <vincenzo.frascino@....com>
To:     masahiroy@...nel.org
Cc:     linux-kbuild@...r.kernel.org, linux-kernel@...r.kernel.org,
        vincenzo.frascino@....com
Subject: [PATCH] kconfig: Sanitize make randconfig generated .config

"make randconfig" calculates the probability of a tristate option (yes,
mod, no) based on srand()/rand() and can be fed with a seed.
At the last step of randconfig some option are chosen randomly and their
tristate set based on similar mechanism.
After this passage the resulting .config is not sanitized, hence it
might result in an inconsistent set of options being selected.

This was noticed on arm64 using KCONFIG_SEED=0x40C5E904. During
randomize_choice_values() CONFIG_BIG_ENDIAN is enabled. Since CONFIG_EFI
was enabled at a previous step, and depends on !CONFIG_BIG_ENDIAN the
resulting .config is inconsistent.

Fix the issue making sure that randconfig sanitizes the generated
.config as a last step.

Cc: Masahiro Yamada <masahiroy@...nel.org>
Signed-off-by: Vincenzo Frascino <vincenzo.frascino@....com>
---
 scripts/kconfig/conf.c | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/scripts/kconfig/conf.c b/scripts/kconfig/conf.c
index 1f89bf1558ce..c0fcaa4e9762 100644
--- a/scripts/kconfig/conf.c
+++ b/scripts/kconfig/conf.c
@@ -654,6 +654,11 @@ int main(int ac, char **av)
 	case randconfig:
 		/* Really nothing to do in this loop */
 		while (conf_set_all_new_symbols(def_random)) ;
+		/*
+		 * .config at this point might contain
+		 * incompatible options. Sanitize it.
+		 */
+		sym_clear_all_valid();
 		break;
 	case defconfig:
 		conf_set_all_new_symbols(def_default);
-- 
2.25.0

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ