From: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
To: linux-kernel@vger.kernel.org
Cc: Greg Kroah-Hartman <gregkh@linuxfoundation.org>,
stable@vger.kernel.org, Eric Biggers <ebiggers@google.com>,
"Paul E. McKenney" <paulmck@kernel.org>,
"Jason A. Donenfeld" <Jason@zx2c4.com>
Subject: [PATCH 5.10 20/25] random: fix data race on crng init time
Date: Fri, 14 Jan 2022 09:16:28 +0100 [thread overview]
Message-ID: <20220114081543.383548627@linuxfoundation.org> (raw)
In-Reply-To: <20220114081542.698002137@linuxfoundation.org>
From: Eric Biggers <ebiggers@google.com>
commit 009ba8568be497c640cab7571f7bfd18345d7b24 upstream.
_extract_crng() does plain loads of crng->init_time and
crng_global_init_time, which causes undefined behavior if
crng_reseed() and RNDRESEEDCRNG modify these corrently.
Use READ_ONCE() and WRITE_ONCE() to make the behavior defined.
Don't fix the race on crng->init_time by protecting it with crng->lock,
since it's not a problem for duplicate reseedings to occur. I.e., the
lockless access with READ_ONCE() is fine.
Fixes: d848e5f8e1eb ("random: add new ioctl RNDRESEEDCRNG")
Fixes: e192be9d9a30 ("random: replace non-blocking pool with a Chacha20-based CRNG")
Cc: stable@vger.kernel.org
Signed-off-by: Eric Biggers <ebiggers@google.com>
Acked-by: Paul E. McKenney <paulmck@kernel.org>
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
---
drivers/char/random.c | 17 ++++++++++-------
1 file changed, 10 insertions(+), 7 deletions(-)
--- a/drivers/char/random.c
+++ b/drivers/char/random.c
@@ -990,7 +990,7 @@ static void crng_reseed(struct crng_stat
crng->state[i+4] ^= buf.key[i] ^ rv;
}
memzero_explicit(&buf, sizeof(buf));
- crng->init_time = jiffies;
+ WRITE_ONCE(crng->init_time, jiffies);
spin_unlock_irqrestore(&crng->lock, flags);
if (crng == &primary_crng && crng_init < 2) {
invalidate_batched_entropy();
@@ -1016,12 +1016,15 @@ static void crng_reseed(struct crng_stat
static void _extract_crng(struct crng_state *crng,
__u8 out[CHACHA_BLOCK_SIZE])
{
- unsigned long v, flags;
+ unsigned long v, flags, init_time;
- if (crng_ready() &&
- (time_after(crng_global_init_time, crng->init_time) ||
- time_after(jiffies, crng->init_time + CRNG_RESEED_INTERVAL)))
- crng_reseed(crng, crng == &primary_crng ? &input_pool : NULL);
+ if (crng_ready()) {
+ init_time = READ_ONCE(crng->init_time);
+ if (time_after(READ_ONCE(crng_global_init_time), init_time) ||
+ time_after(jiffies, init_time + CRNG_RESEED_INTERVAL))
+ crng_reseed(crng, crng == &primary_crng ?
+ &input_pool : NULL);
+ }
spin_lock_irqsave(&crng->lock, flags);
if (arch_get_random_long(&v))
crng->state[14] ^= v;
@@ -1975,7 +1978,7 @@ static long random_ioctl(struct file *f,
if (crng_init < 2)
return -ENODATA;
crng_reseed(&primary_crng, &input_pool);
- crng_global_init_time = jiffies - 1;
+ WRITE_ONCE(crng_global_init_time, jiffies - 1);
return 0;
default:
return -EINVAL;
next prev parent reply other threads:[~2022-01-14 8:19 UTC|newest]
Thread overview: 41+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-01-14 8:16 [PATCH 5.10 00/25] 5.10.92-rc1 review Greg Kroah-Hartman
2022-01-14 8:16 ` [PATCH 5.10 01/25] md: revert io stats accounting Greg Kroah-Hartman
2022-01-26 10:09 ` Jack Wang
2022-01-26 11:42 ` Greg Kroah-Hartman
2022-01-26 12:37 ` Jack Wang
2022-01-26 12:57 ` Greg Kroah-Hartman
2022-01-26 15:19 ` Guillaume Morin
2022-01-26 15:12 ` Guillaume Morin
2022-01-26 21:22 ` Jack Wang
2022-01-14 8:16 ` [PATCH 5.10 02/25] workqueue: Fix unbind_workers() VS wq_worker_running() race Greg Kroah-Hartman
2022-01-14 8:16 ` [PATCH 5.10 03/25] bpf: Fix out of bounds access from invalid *_or_null type verification Greg Kroah-Hartman
2022-01-14 8:16 ` [PATCH 5.10 04/25] Bluetooth: btusb: fix memory leak in btusb_mtk_submit_wmt_recv_urb() Greg Kroah-Hartman
2022-01-14 8:16 ` [PATCH 5.10 05/25] Bluetooth: btusb: Add two more Bluetooth parts for WCN6855 Greg Kroah-Hartman
2022-01-14 8:16 ` [PATCH 5.10 06/25] Bluetooth: btusb: Add support for Foxconn MT7922A Greg Kroah-Hartman
2022-01-14 8:16 ` [PATCH 5.10 07/25] Bluetooth: btusb: Add support for Foxconn QCA 0xe0d0 Greg Kroah-Hartman
2022-01-14 8:16 ` [PATCH 5.10 08/25] Bluetooth: bfusb: fix division by zero in send path Greg Kroah-Hartman
2022-01-14 8:16 ` [PATCH 5.10 09/25] ARM: dts: exynos: Fix BCM4330 Bluetooth reset polarity in I9100 Greg Kroah-Hartman
2022-01-14 8:16 ` [PATCH 5.10 10/25] USB: core: Fix bug in resuming hubs handling of wakeup requests Greg Kroah-Hartman
2022-01-14 8:16 ` [PATCH 5.10 11/25] USB: Fix "slab-out-of-bounds Write" bug in usb_hcd_poll_rh_status Greg Kroah-Hartman
2022-01-14 8:16 ` [PATCH 5.10 12/25] ath11k: Fix buffer overflow when scanning with extraie Greg Kroah-Hartman
2022-01-14 8:16 ` [PATCH 5.10 13/25] mmc: sdhci-pci: Add PCI ID for Intel ADL Greg Kroah-Hartman
2022-01-14 8:16 ` [PATCH 5.10 14/25] veth: Do not record rx queue hint in veth_xmit Greg Kroah-Hartman
2022-01-14 8:16 ` [PATCH 5.10 15/25] mfd: intel-lpss: Fix too early PM enablement in the ACPI ->probe() Greg Kroah-Hartman
2022-01-14 8:16 ` [PATCH 5.10 16/25] can: gs_usb: fix use of uninitialized variable, detach device on reception of invalid USB data Greg Kroah-Hartman
2022-01-14 8:16 ` [PATCH 5.10 17/25] can: isotp: convert struct tpcon::{idx,len} to unsigned int Greg Kroah-Hartman
2022-01-14 8:16 ` [PATCH 5.10 18/25] can: gs_usb: gs_can_start_xmit(): zero-initialize hf->{flags,reserved} Greg Kroah-Hartman
2022-01-14 8:16 ` [PATCH 5.10 19/25] random: fix data race on crng_node_pool Greg Kroah-Hartman
2022-01-14 8:16 ` Greg Kroah-Hartman [this message]
2022-01-14 8:16 ` [PATCH 5.10 21/25] random: fix crash on multiple early calls to add_bootloader_randomness() Greg Kroah-Hartman
2022-01-14 8:16 ` [PATCH 5.10 22/25] media: Revert "media: uvcvideo: Set unique vdev name based in type" Greg Kroah-Hartman
2022-01-14 8:16 ` [PATCH 5.10 23/25] staging: wlan-ng: Avoid bitwise vs logical OR warning in hfa384x_usb_throttlefn() Greg Kroah-Hartman
2022-01-14 8:16 ` [PATCH 5.10 24/25] drm/i915: Avoid bitwise vs logical OR warning in snb_wm_latency_quirk() Greg Kroah-Hartman
2022-01-14 8:16 ` [PATCH 5.10 25/25] staging: greybus: fix stack size warning with UBSAN Greg Kroah-Hartman
2022-01-14 13:22 ` [PATCH 5.10 00/25] 5.10.92-rc1 review Pavel Machek
2022-01-14 18:09 ` Jon Hunter
2022-01-14 21:25 ` Fox Chen
2022-01-14 22:29 ` Florian Fainelli
2022-01-15 0:25 ` Shuah Khan
2022-01-15 5:35 ` Naresh Kamboju
2022-01-15 11:07 ` Sudip Mukherjee
2022-01-15 16:39 ` Guenter Roeck
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20220114081543.383548627@linuxfoundation.org \
--to=gregkh@linuxfoundation.org \
--cc=Jason@zx2c4.com \
--cc=ebiggers@google.com \
--cc=linux-kernel@vger.kernel.org \
--cc=paulmck@kernel.org \
--cc=stable@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.