| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <YYTJd8zt7x8rNbjW@light.dominikbrodowski.net>
Date: Fri, 5 Nov 2021 07:04:39 +0100
From: Dominik Brodowski <linux@...inikbrodowski.net>
To: Ard Biesheuvel <ardb@...nel.org>
Cc: "Theodore Y. Ts'o" <tytso@....edu>,
"Ivan T. Ivanov" <iivanov@...e.de>,
linux-efi <linux-efi@...r.kernel.org>,
Linux Kernel Mailing List <linux-kernel@...r.kernel.org>
Subject: Re: [PATCH] random: fix crash on multiple early calls to
add_bootloader_randomness()
Am Wed, Nov 03, 2021 at 08:27:39AM +0100 schrieb Ard Biesheuvel:
> > > > - if (unlikely(crng_init == 0)) {
> > > > + /* We cannot do much with the input pool until it is set up in
> > > > + * rand_initalize(); therefore just mix into the crng state.
> > > > + * As this does not affect the input pool, we cannot credit
> > > > + * entropy for this.
> > > > + */
> > > > + if (unlikely(crng_init == 0) || unlikely(crng_global_init_time == 0)) {
> > >
> > > Can we just drop the unlikely()s here?
> >
> > As that would be a different change to the one necessary to resolve the bug,
> > I'd like to defer that decision to the maintainer of random.c.
> >
>
> In that case, can we at least using a single unlikely() for the whole condition?
Fixed for v3.
Thanks,
Dominik
Powered by blists - more mailing lists