| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-Id: <20140731.222804.1403723639172562683.davem@davemloft.net>
Date: Thu, 31 Jul 2014 22:28:04 -0700 (PDT)
From: David Miller <davem@...emloft.net>
To: dborkman@...hat.com
Cc: netdev@...r.kernel.org, hannes@...essinduktion.org
Subject: Re: [PATCH net-next 1/2] random32: improvements to prandom_bytes
From: Daniel Borkmann <dborkman@...hat.com>
Date: Thu, 31 Jul 2014 22:11:16 +0200
> - for (j = 0; j < sizeof(u32); j++) {
> - p[i + j] = random;
> - random >>= BITS_PER_BYTE;
> - }
> + while (bytes > sizeof(u32)) {
> + put_unaligned(prandom_u32_state(state), (u32 *) ptr);
> + ptr += sizeof(u32);
> + bytes -= sizeof(u32);
> }
> - if (i < bytes) {
> - u32 random = prandom_u32_state(state);
>
> - for (; i < bytes; i++) {
> - p[i] = random;
> - random >>= BITS_PER_BYTE;
> - }
> + if (bytes > 0) {
> + u32 rem = prandom_u32_state(state);
> + do {
> + *ptr++ = (u8) rem;
> + bytes--;
> + rem >>= BITS_PER_BYTE;
> + } while (bytes > 0);
> }
This conversion to put_unaligned() is not an equivalent depending
upon the endianness of the cpu.
And this means the random value gets distributed differently into
full words than it will into trailing bytes.
Let's just not mess around with this, ok?
Thanks.
--
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists