Commit f5939fcd authored by Matt Mackall's avatar Matt Mackall Committed by Chris Wright

[PATCH] random: fix seeding with zero entropy (CVE-2007-2453 2 of 2)

Add data from zero-entropy random_writes directly to output pools to
avoid accounting difficulties on machines without entropy sources.

Tested on lguest with all entropy sources disabled.
Signed-off-by: default avatarMatt Mackall <mpm@selenic.com>
Acked-by: default avatar"Theodore Ts'o" <tytso@mit.edu>
Signed-off-by: default avatarLinus Torvalds <torvalds@linux-foundation.org>
Signed-off-by: default avatarChris Wright <chrisw@sous-sol.org>
parent 54bb290b
...@@ -1024,37 +1024,44 @@ random_poll(struct file *file, poll_table * wait) ...@@ -1024,37 +1024,44 @@ random_poll(struct file *file, poll_table * wait)
return mask; return mask;
} }
static ssize_t static int
random_write(struct file * file, const char __user * buffer, write_pool(struct entropy_store *r, const char __user *buffer, size_t count)
size_t count, loff_t *ppos)
{ {
int ret = 0;
size_t bytes; size_t bytes;
__u32 buf[16]; __u32 buf[16];
const char __user *p = buffer; const char __user *p = buffer;
size_t c = count;
while (c > 0) { while (count > 0) {
bytes = min(c, sizeof(buf)); bytes = min(count, sizeof(buf));
if (copy_from_user(&buf, p, bytes))
return -EFAULT;
bytes -= copy_from_user(&buf, p, bytes); count -= bytes;
if (!bytes) {
ret = -EFAULT;
break;
}
c -= bytes;
p += bytes; p += bytes;
add_entropy_words(&input_pool, buf, (bytes + 3) / 4); add_entropy_words(r, buf, (bytes + 3) / 4);
} }
if (p == buffer) {
return (ssize_t)ret; return 0;
} else { }
static ssize_t
random_write(struct file * file, const char __user * buffer,
size_t count, loff_t *ppos)
{
size_t ret;
struct inode *inode = file->f_path.dentry->d_inode; struct inode *inode = file->f_path.dentry->d_inode;
ret = write_pool(&blocking_pool, buffer, count);
if (ret)
return ret;
ret = write_pool(&nonblocking_pool, buffer, count);
if (ret)
return ret;
inode->i_mtime = current_fs_time(inode->i_sb); inode->i_mtime = current_fs_time(inode->i_sb);
mark_inode_dirty(inode); mark_inode_dirty(inode);
return (ssize_t)(p - buffer); return (ssize_t)count;
}
} }
static int static int
...@@ -1093,8 +1100,8 @@ random_ioctl(struct inode * inode, struct file * file, ...@@ -1093,8 +1100,8 @@ random_ioctl(struct inode * inode, struct file * file,
return -EINVAL; return -EINVAL;
if (get_user(size, p++)) if (get_user(size, p++))
return -EFAULT; return -EFAULT;
retval = random_write(file, (const char __user *) p, retval = write_pool(&input_pool, (const char __user *)p,
size, &file->f_pos); size);
if (retval < 0) if (retval < 0)
return retval; return retval;
credit_entropy_store(&input_pool, ent_count); credit_entropy_store(&input_pool, ent_count);
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment