From: Bernd Edlinger <bernd.edlinger@hotmail.de>
To: Theodore Ts'o <tytso@mit.edu>, Arnd Bergmann <arnd@arndb.de>,
"Greg Kroah-Hartman" <gregkh@linuxfoundation.org>,
"linux-kernel@vger.kernel.org" <linux-kernel@vger.kernel.org>
Subject: [PATCH] random: Make /dev/random wait for crng_ready
Date: Fri, 15 Feb 2019 01:47:16 +0000 [thread overview]
Message-ID: <VI1PR0702MB38408B595C818F1C3278873EE4600@VI1PR0702MB3840.eurprd07.prod.outlook.com> (raw)
Reading from /dev/random may return data while the getrandom
syscall is still blocking.
Those bytes are not yet cryptographically secure.
Make read and select for reading on /dev/random wait until
the crng is fully initialized.
Signed-off-by: Bernd Edlinger <bernd.edlinger@hotmail.de>
---
drivers/char/random.c | 10 +++++++---
1 file changed, 7 insertions(+), 3 deletions(-)
diff --git a/drivers/char/random.c b/drivers/char/random.c
index 38c6d1a..ddbc0e2 100644
--- a/drivers/char/random.c
+++ b/drivers/char/random.c
@@ -720,7 +720,7 @@ static void credit_entropy_bits(struct entropy_store *r, int nbits)
}
/* should we wake readers? */
- if (entropy_bits >= random_read_wakeup_bits &&
+ if (crng_ready() && entropy_bits >= random_read_wakeup_bits &&
wq_has_sleeper(&random_read_wait)) {
wake_up_interruptible(&random_read_wait);
kill_fasync(&fasync, SIGIO, POLL_IN);
@@ -1851,7 +1851,9 @@ void rand_initialize_disk(struct gendisk *disk)
nbytes = min_t(size_t, nbytes, SEC_XFER_SIZE);
while (1) {
- n = extract_entropy_user(&blocking_pool, buf, nbytes);
+ n = crng_ready()
+ ? extract_entropy_user(&blocking_pool, buf, nbytes)
+ : 0;
if (n < 0)
return n;
trace_random_read(n*8, (nbytes-n)*8,
@@ -1865,6 +1867,7 @@ void rand_initialize_disk(struct gendisk *disk)
return -EAGAIN;
wait_event_interruptible(random_read_wait,
+ crng_ready() &&
ENTROPY_BITS(&input_pool) >=
random_read_wakeup_bits);
if (signal_pending(current))
@@ -1909,7 +1912,8 @@ void rand_initialize_disk(struct gendisk *disk)
poll_wait(file, &random_read_wait, wait);
poll_wait(file, &random_write_wait, wait);
mask = 0;
- if (ENTROPY_BITS(&input_pool) >= random_read_wakeup_bits)
+ if (crng_ready() &&
+ ENTROPY_BITS(&input_pool) >= random_read_wakeup_bits)
mask |= EPOLLIN | EPOLLRDNORM;
if (ENTROPY_BITS(&input_pool) < random_write_wakeup_bits)
mask |= EPOLLOUT | EPOLLWRNORM;
--
1.9.1
next reply other threads:[~2019-02-15 1:47 UTC|newest]
Thread overview: 14+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-02-15 1:47 Bernd Edlinger [this message]
2019-02-15 5:40 ` [PATCH] random: Make /dev/random wait for crng_ready Bernd Edlinger
2019-02-15 13:58 ` [PATCHv2] " Bernd Edlinger
2019-02-16 18:23 ` Theodore Y. Ts'o
2019-02-16 20:12 ` Bernd Edlinger
2019-02-17 8:44 ` [PATCHv3] " Bernd Edlinger
2019-02-17 13:48 ` Bernd Edlinger
2019-02-17 20:55 ` [PATCHv4] random: Make /dev/random wait for input_pool initialized Bernd Edlinger
2019-02-19 7:16 ` Bernd Edlinger
2019-02-19 17:09 ` [PATCHv5] " Bernd Edlinger
2019-02-21 0:32 ` [PATCHv5] random: Make /dev/random wait for input_pool initializedy Theodore Y. Ts'o
2019-02-21 19:24 ` Bernd Edlinger
2019-02-21 23:18 ` Theodore Y. Ts'o
2019-02-22 13:45 ` Bernd Edlinger
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=VI1PR0702MB38408B595C818F1C3278873EE4600@VI1PR0702MB3840.eurprd07.prod.outlook.com \
--to=bernd.edlinger@hotmail.de \
--cc=arnd@arndb.de \
--cc=gregkh@linuxfoundation.org \
--cc=linux-kernel@vger.kernel.org \
--cc=tytso@mit.edu \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).