| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-Id: <20220209174456.644232-1-Jason@zx2c4.com>
Date: Wed, 9 Feb 2022 18:44:56 +0100
From: "Jason A. Donenfeld" <Jason@...c4.com>
To: linux-kernel@...r.kernel.org
Cc: "Jason A. Donenfeld" <Jason@...c4.com>,
Dominik Brodowski <linux@...inikbrodowski.net>,
Jann Horn <jannh@...gle.com>
Subject: [PATCH] random: zero buffer after reading secret entropy from userspace
This buffer may contain entropic data that shouldn't stick around longer
than needed, zero it out our temporary buffer at the end of
write_pool().
Cc: Dominik Brodowski <linux@...inikbrodowski.net>
Cc: Jann Horn <jannh@...gle.com>
Signed-off-by: Jason A. Donenfeld <Jason@...c4.com>
---
drivers/char/random.c | 11 ++++++++---
1 file changed, 8 insertions(+), 3 deletions(-)
diff --git a/drivers/char/random.c b/drivers/char/random.c
index 81cfbbf5f462..9c7a0297a7d4 100644
--- a/drivers/char/random.c
+++ b/drivers/char/random.c
@@ -1357,19 +1357,24 @@ static __poll_t random_poll(struct file *file, poll_table *wait)
static int write_pool(const char __user *ubuf, size_t count)
{
size_t len;
+ int ret = 0;
u8 block[BLAKE2S_BLOCK_SIZE];
while (count) {
len = min(count, sizeof(block));
- if (copy_from_user(block, ubuf, len))
- return -EFAULT;
+ if (copy_from_user(block, ubuf, len)) {
+ ret = -EFAULT;
+ goto out;
+ }
count -= len;
ubuf += len;
mix_pool_bytes(block, len);
cond_resched();
}
- return 0;
+out:
+ memzero_explicit(block, sizeof(block));
+ return ret;
}
static ssize_t random_write(struct file *file, const char __user *buffer,
--
2.35.0
Powered by blists - more mailing lists