| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Tue, 30 Nov 2021 15:10:06 +0100
From: Nicolai Stange <nstange@...e.de>
To: Stephan Müller <smueller@...onox.de>,
Herbert Xu <herbert@...dor.apana.org.au>,
"David S. Miller" <davem@...emloft.net>
Cc: Torsten Duwe <duwe@...e.de>, linux-crypto@...r.kernel.org,
linux-kernel@...r.kernel.org, Nicolai Stange <nstange@...e.de>
Subject: [PATCH 0/3] crypto: jitterentropy - bound collection loop
Hi,
the sampling loop in jent_gen_entropy() can potentially run indefinitely
w/o making any forward progress, namely if only stuck samples are taken
for whatever reason.
There's a straight-forward way to make the entropy collection more robust,
namely to terminate the loop and report an error if this happens. This
patchset here implements that.
Applies to herbert/cryptodev-2.6.git master.
Thanks!
Nicolai
Nicolai Stange (3):
crypto: drbg - ignore jitterentropy errors if not in FIPS mode
crypto: jitter - don't limit ->health_failure check to FIPS mode
crypto: jitter - quit sample collection loop upon RCT failure
crypto/drbg.c | 7 +++++--
crypto/jitterentropy-kcapi.c | 6 ------
crypto/jitterentropy.c | 6 +-----
crypto/jitterentropy.h | 1 -
4 files changed, 6 insertions(+), 14 deletions(-)
--
2.26.2
Powered by blists - more mailing lists