lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <4130352.XCsR1xZqcM@tauon.chronox.de>
Date:   Tue, 30 Nov 2021 19:07:13 +0100
From:   Stephan Mueller <smueller@...onox.de>
To:     Herbert Xu <herbert@...dor.apana.org.au>,
        "David S. Miller" <davem@...emloft.net>,
        Nicolai Stange <nstange@...e.de>
Cc:     Torsten Duwe <duwe@...e.de>, linux-crypto@...r.kernel.org,
        linux-kernel@...r.kernel.org, Nicolai Stange <nstange@...e.de>
Subject: Re: [PATCH 3/3] crypto: jitter - quit sample collection loop upon RCT failure

Am Dienstag, 30. November 2021, 15:10:09 CET schrieb Nicolai Stange:

Hi Nicolai,

> The jitterentropy collection loop in jent_gen_entropy() can in principle
> run indefinitely without making any progress if it only receives stuck
> measurements as determined by jent_stuck(). After 31 consecutive stuck
> samples, the Repetition Count Test (RCT) would fail anyway and the
> jitterentropy RNG instances moved into ->health_failure == 1 state.
> jent_gen_entropy()'s caller, jent_read_entropy() would then check for
> this ->health_failure condition and return an error if found set. It
> follows that there's absolutely no point in continuing the collection loop
> in jent_gen_entropy() once the RCT has failed.
> 
> Make the jitterentropy collection loop more robust by terminating it upon
> jent_health_failure() so that it won't continue to run indefinitely without
> making any progress.
> 
> Signed-off-by: Nicolai Stange <nstange@...e.de>

Reviewed-by: Stephan Mueller <smueller@...onox.de>

Thanks
Stephan

> ---
>  crypto/jitterentropy.c | 2 +-
>  1 file changed, 1 insertion(+), 1 deletion(-)
> 
> diff --git a/crypto/jitterentropy.c b/crypto/jitterentropy.c
> index 24e087c3f526..8f5283f28ed3 100644
> --- a/crypto/jitterentropy.c
> +++ b/crypto/jitterentropy.c
> @@ -547,7 +547,7 @@ static void jent_gen_entropy(struct rand_data *ec)
>  	/* priming of the ->prev_time value */
>  	jent_measure_jitter(ec);
> 
> -	while (1) {
> +	while (!jent_health_failure(ec)) {
>  		/* If a stuck measurement is received, repeat measurement */
>  		if (jent_measure_jitter(ec))
>  			continue;


Ciao
Stephan

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ