| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-Id: <20250917-vdso-sparc64-generic-2-v3-19-3679b1bc8ee8@linutronix.de>
Date: Wed, 17 Sep 2025 16:00:21 +0200
From: Thomas Weißschuh <thomas.weissschuh@...utronix.de>
To: Andy Lutomirski <luto@...nel.org>, Thomas Gleixner <tglx@...utronix.de>,
Vincenzo Frascino <vincenzo.frascino@....com>,
Arnd Bergmann <arnd@...db.de>, "David S. Miller" <davem@...emloft.net>,
Andreas Larsson <andreas@...sler.com>, Nick Alcock <nick.alcock@...cle.com>,
John Stultz <jstultz@...gle.com>, Stephen Boyd <sboyd@...nel.org>,
John Paul Adrian Glaubitz <glaubitz@...sik.fu-berlin.de>,
Shuah Khan <shuah@...nel.org>, Catalin Marinas <catalin.marinas@....com>,
Will Deacon <will@...nel.org>, Theodore Ts'o <tytso@....edu>,
"Jason A. Donenfeld" <Jason@...c4.com>,
Russell King <linux@...linux.org.uk>,
Madhavan Srinivasan <maddy@...ux.ibm.com>,
Michael Ellerman <mpe@...erman.id.au>, Nicholas Piggin <npiggin@...il.com>,
Christophe Leroy <christophe.leroy@...roup.eu>,
Huacai Chen <chenhuacai@...nel.org>, WANG Xuerui <kernel@...0n.name>,
Thomas Bogendoerfer <tsbogend@...ha.franken.de>,
Heiko Carstens <hca@...ux.ibm.com>, Vasily Gorbik <gor@...ux.ibm.com>,
Alexander Gordeev <agordeev@...ux.ibm.com>,
Christian Borntraeger <borntraeger@...ux.ibm.com>,
Sven Schnelle <svens@...ux.ibm.com>,
Nagarathnam Muthusamy <nagarathnam.muthusamy@...cle.com>,
Shannon Nelson <sln@...main.com>
Cc: linux-kernel@...r.kernel.org, sparclinux@...r.kernel.org,
linux-kselftest@...r.kernel.org, linux-arm-kernel@...ts.infradead.org,
linuxppc-dev@...ts.ozlabs.org, loongarch@...ts.linux.dev,
linux-mips@...r.kernel.org, linux-s390@...r.kernel.org,
Thomas Weißschuh <thomas.weissschuh@...utronix.de>
Subject: [PATCH v3 19/36] random: vDSO: only access vDSO datapage after
random_init()
Upcoming changes to the generic vDSO library will mean that the vDSO
datapage will not yet be usable during early boot.
Introduce a static key which prevents early accesses.
Signed-off-by: Thomas Weißschuh <thomas.weissschuh@...utronix.de>
---
drivers/char/random.c | 18 +++++++++++++++++-
1 file changed, 17 insertions(+), 1 deletion(-)
diff --git a/drivers/char/random.c b/drivers/char/random.c
index 73c53a4fb949bfd2ed723fa3cec3fe0d066a7fa3..8970645463ceae0dadb75825a3cb0df3ef1e982e 100644
--- a/drivers/char/random.c
+++ b/drivers/char/random.c
@@ -88,6 +88,11 @@ static DEFINE_STATIC_KEY_FALSE(crng_is_ready);
static DECLARE_WAIT_QUEUE_HEAD(crng_init_wait);
static struct fasync_struct *fasync;
static ATOMIC_NOTIFIER_HEAD(random_ready_notifier);
+#ifdef CONFIG_VDSO_GETRANDOM
+static DEFINE_STATIC_KEY_FALSE(random_vdso_is_ready);
+#else
+DECLARE_STATIC_KEY_FALSE(random_vdso_is_ready);
+#endif
/* Control how we warn userspace. */
static struct ratelimit_state urandom_warning =
@@ -252,6 +257,9 @@ static void random_vdso_update_generation(unsigned long next_gen)
if (!IS_ENABLED(CONFIG_VDSO_GETRANDOM))
return;
+ if (!static_branch_likely(&random_vdso_is_ready))
+ return;
+
/* base_crng.generation's invalid value is ULONG_MAX, while
* vdso_k_rng_data->generation's invalid value is 0, so add one to the
* former to arrive at the latter. Use smp_store_release so that this
@@ -274,6 +282,9 @@ static void random_vdso_set_ready(void)
if (!IS_ENABLED(CONFIG_VDSO_GETRANDOM))
return;
+ if (!static_branch_likely(&random_vdso_is_ready))
+ return;
+
WRITE_ONCE(vdso_k_rng_data->is_ready, true);
}
@@ -925,6 +936,9 @@ void __init random_init(void)
_mix_pool_bytes(&entropy, sizeof(entropy));
add_latent_entropy();
+ if (IS_ENABLED(CONFIG_VDSO_GETRANDOM))
+ static_branch_enable(&random_vdso_is_ready);
+
/*
* If we were initialized by the cpu or bootloader before jump labels
* or workqueues are initialized, then we should enable the static
@@ -934,8 +948,10 @@ void __init random_init(void)
crng_set_ready(NULL);
/* Reseed if already seeded by earlier phases. */
- if (crng_ready())
+ if (crng_ready()) {
crng_reseed(NULL);
+ random_vdso_set_ready();
+ }
WARN_ON(register_pm_notifier(&pm_notifier));
--
2.51.0
Powered by blists - more mailing lists