[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Message-Id: <20220208150625.374191-1-Jason@zx2c4.com>
Date: Tue, 8 Feb 2022 16:06:25 +0100
From: "Jason A. Donenfeld" <Jason@...c4.com>
To: Linus Torvalds <torvalds@...ux-foundation.org>
Cc: linux-kernel@...r.kernel.org
Subject: [GIT PULL] random number generator fixes for 5.17-rc4
Hi Linus,
Please pull the following fixes for 5.17-rc4. This week's pull contains fixes
for the crypto ~vuln I mentioned last week. There are extensive details about
it and some simple PoC code in the commit message of the first patch if you're
curious.
Code-wise, the change is both insubstantial and substantial. It is
insubstantial in that we're talking about removing over 400 lines of old code,
many of which are outdated comments, and replacing them with less than 90
lines, so it's not "big" on the additive side. On the other hand, it is a
substantial change, as it's doing away with the heart of our entropy collector
that we've had in one form or another forever. It would seem fitting with the
times that we're able to replace gobs of old stuff from the 90s with a boring
cryptographic hash function.
Given that these fixes are for a security issue (albeit a probably relatively
low grade one), sending this mid-cycle feels like the "responsible" thing to
do, and 5.17 will resultantly have a more secure RNG. However, I also would
understand that, diffstat not withstanding, you think this is a bit much and
want to reject this pull until 5.18. Either way works for me, though I
naturally lean heavily toward the former, hence making this pull request in
the first place.
Thanks,
Jason
The following changes since commit dfd42facf1e4ada021b939b4e19c935dcdd55566:
Linux 5.17-rc3 (2022-02-06 12:20:50 -0800)
are available in the Git repository at:
https://git.kernel.org/pub/scm/linux/kernel/git/crng/random.git tags/random-5.17-rc4-for-linus
for you to fetch changes up to 966038a49e2b31ff9aa86862295be3915c51dbdd:
random: make credit_entropy_bits() always safe (2022-02-08 11:53:05 +0100)
----------------------------------------------------------------
Jason A. Donenfeld (5):
random: use computational hash for entropy extraction
random: simplify entropy debiting
random: use linear min-entropy accumulation crediting
random: always wake up entropy writers after extraction
random: make credit_entropy_bits() always safe
drivers/char/random.c | 499 +++++++-----------------------------------
include/trace/events/random.h | 30 +--
2 files changed, 86 insertions(+), 443 deletions(-)
Powered by blists - more mailing lists