lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Fri, 13 May 2022 08:23:40 +0200 From: Dominik Brodowski <linux@...inikbrodowski.net> To: "Jason A. Donenfeld" <Jason@...c4.com> Cc: linux-kernel@...r.kernel.org Subject: Re: [PATCH 1/2] random: avoid init'ing twice in credit race Am Mon, May 09, 2022 at 02:14:08PM +0200 schrieb Jason A. Donenfeld: > Since all changes of crng_init now go through credit_init_bits(), we can > fix a long standing race in which two concurrent callers of > credit_init_bits() have the new bit count >= some threshold, but are > doing so with crng_init as a lower threshold, checked outside of a lock, > resulting in crng_reseed() or similar being called twice. Sidenote: crng_reseed() did manage quite fine if called twice in short order. > In order to fix this, we can use the original cmpxchg value of the bit > count, and only change crng_init when the bit count transitions from > below a threshold to meeting the threshold. > > Cc: Dominik Brodowski <linux@...inikbrodowski.net> > Signed-off-by: Jason A. Donenfeld <Jason@...c4.com> Reviewed-by: Dominik Brodowski <linux@...inikbrodowski.net> Thanks, Dominik
Powered by blists - more mailing lists