tjh.dev / kernel
Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
kernel os linux
fork atom

Merge tag 'random_for_linus_stable' of git://git.kernel.org/pub/scm/linux/kernel/git/tytso/random

Pull random fixes from Ted Ts'o:
"In reaction to the fixes to address CVE-2018-1108, some Linux
distributions that have certain systemd versions in some cases
combined with patches to libcrypt for FIPS/FEDRAMP compliance, have
led to boot-time stalls for some hardware.

The reaction by some distros and Linux sysadmins has been to install
packages that try to do complicated things with the CPU and hope that
leads to randomness.

To mitigate this, if RDRAND is available, mix it into entropy provided
by userspace. It won't hurt, and it will probably help"

* tag 'random_for_linus_stable' of git://git.kernel.org/pub/scm/linux/kernel/git/tytso/random:
random: mix rdrand with entropy sent in from userspace

Linus Torvalds a26fb01c 2ffb57df

+9 -1
unified split
+9 -1
drivers/char/random.c
··· 1895 write_pool(struct entropy_store *r, const char __user *buffer, size_t count) 1896 { 1897 size_t bytes; 1898 - __u32 buf[16]; 1899 const char __user *p = buffer; 1900 1901 while (count > 0) { 1902 bytes = min(count, sizeof(buf)); 1903 if (copy_from_user(&buf, p, bytes)) 1904 return -EFAULT; 1905 1906 count -= bytes; 1907 p += bytes;
··· 1895 write_pool(struct entropy_store *r, const char __user *buffer, size_t count) 1896 { 1897 size_t bytes; 1898 + __u32 t, buf[16]; 1899 const char __user *p = buffer; 1900 1901 while (count > 0) { 1902 + int b, i = 0; 1903 + 1904 bytes = min(count, sizeof(buf)); 1905 if (copy_from_user(&buf, p, bytes)) 1906 return -EFAULT; 1907 + 1908 + for (b = bytes ; b > 0 ; b -= sizeof(__u32), i++) { 1909 + if (!arch_get_random_int(&t)) 1910 + break; 1911 + buf[i] ^= t; 1912 + } 1913 1914 count -= bytes; 1915 p += bytes;