Commit a26fb01c authored by Linus Torvalds's avatar Linus Torvalds

Merge tag 'random_for_linus_stable' of git://git.kernel.org/pub/scm/linux/kernel/git/tytso/random

Pull random fixes from Ted Ts'o:
 "In reaction to the fixes to address CVE-2018-1108, some Linux
  distributions that have certain systemd versions in some cases
  combined with patches to libcrypt for FIPS/FEDRAMP compliance, have
  led to boot-time stalls for some hardware.

  The reaction by some distros and Linux sysadmins has been to install
  packages that try to do complicated things with the CPU and hope that
  leads to randomness.

  To mitigate this, if RDRAND is available, mix it into entropy provided
  by userspace. It won't hurt, and it will probably help"

* tag 'random_for_linus_stable' of git://git.kernel.org/pub/scm/linux/kernel/git/tytso/random:
  random: mix rdrand with entropy sent in from userspace
parents 2ffb57df 81e69df3
...@@ -1895,14 +1895,22 @@ static int ...@@ -1895,14 +1895,22 @@ static int
write_pool(struct entropy_store *r, const char __user *buffer, size_t count) write_pool(struct entropy_store *r, const char __user *buffer, size_t count)
{ {
size_t bytes; size_t bytes;
__u32 buf[16]; __u32 t, buf[16];
const char __user *p = buffer; const char __user *p = buffer;
while (count > 0) { while (count > 0) {
int b, i = 0;
bytes = min(count, sizeof(buf)); bytes = min(count, sizeof(buf));
if (copy_from_user(&buf, p, bytes)) if (copy_from_user(&buf, p, bytes))
return -EFAULT; return -EFAULT;
for (b = bytes ; b > 0 ; b -= sizeof(__u32), i++) {
if (!arch_get_random_int(&t))
break;
buf[i] ^= t;
}
count -= bytes; count -= bytes;
p += bytes; p += bytes;
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment