| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <CAMj1kXFnfjGXwNZDSE1yhXhXyNdMP7DWa9es4VoHStF-g7pC7g@mail.gmail.com> Date: Fri, 28 Nov 2025 12:18:38 +0100 From: Ard Biesheuvel <ardb@...nel.org> To: david laight <david.laight@...box.com> Cc: Ard Biesheuvel <ardb+git@...gle.com>, linux-hardening@...r.kernel.org, linux-arm-kernel@...ts.infradead.org, linux-kernel@...r.kernel.org, Kees Cook <kees@...nel.org>, Ryan Roberts <ryan.roberts@....com>, Will Deacon <will@...nel.org>, Arnd Bergmann <arnd@...db.de>, Jeremy Linton <jeremy.linton@....com>, Catalin Marinas <Catalin.Marinas@....com>, Mark Rutland <mark.rutland@....com>, "Jason A. Donenfeld" <Jason@...c4.com> Subject: Re: [RFC/RFT PATCH 5/6] random: Plug race in preceding patch On Fri, 28 Nov 2025 at 12:13, david laight <david.laight@...box.com> wrote: > > On Thu, 27 Nov 2025 10:22:32 +0100 > Ard Biesheuvel <ardb+git@...gle.com> wrote: > > > From: Ard Biesheuvel <ardb@...nel.org> > > > > The lockless get_random_uXX() reads the next value from the linear > > buffer and then overwrites it with a 0x0 value. This is racy, as the > > code might be re-entered by an interrupt handler, and so the store might > > redundantly wipe the location accessed by the interrupt context rather > > than the interrupted context. > > Is overwriting the used value even useful? That is an interesting question but it is orthogonal to this series.
Powered by blists - more mailing lists