Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1030465AbcJQRap (ORCPT ); Mon, 17 Oct 2016 13:30:45 -0400 Received: from mail-vk0-f45.google.com ([209.85.213.45]:33450 "EHLO mail-vk0-f45.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S938648AbcJQRae (ORCPT ); Mon, 17 Oct 2016 13:30:34 -0400 MIME-Version: 1.0 In-Reply-To: <2711337.nAU4qxUyQs@tauon.atsec.com> References: <4169224b6858d1cf149f1a73f8a03603fa19076d.1476638125.git.luto@kernel.org> <2711337.nAU4qxUyQs@tauon.atsec.com> From: Andy Lutomirski Date: Mon, 17 Oct 2016 10:30:13 -0700 Message-ID: Subject: Re: [PATCH resend 4.9] hw_random: Don't use a stack buffer in add_early_randomness() To: Stephan Mueller Cc: Andy Lutomirski , linux-crypto@vger.kernel.org, "linux-kernel@vger.kernel.org" , Matt Mackall , Herbert Xu , Rusty Russell , Jens Axboe , Matt Mullins Content-Type: text/plain; charset=UTF-8 Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Length: 1221 Lines: 36 On Mon, Oct 17, 2016 at 10:17 AM, Stephan Mueller wrote: > Am Montag, 17. Oktober 2016, 10:06:27 CEST schrieb Andy Lutomirski: > > Hi Andy, > >> diff --git a/drivers/char/hw_random/core.c b/drivers/char/hw_random/core.c >> index 9203f2d130c0..340f96e44642 100644 >> --- a/drivers/char/hw_random/core.c >> +++ b/drivers/char/hw_random/core.c >> @@ -84,14 +84,14 @@ static size_t rng_buffer_size(void) >> >> static void add_early_randomness(struct hwrng *rng) >> { >> - unsigned char bytes[16]; >> int bytes_read; >> + size_t size = min_t(size_t, 16, rng_buffer_size()); >> >> mutex_lock(&reading_mutex); >> - bytes_read = rng_get_data(rng, bytes, sizeof(bytes), 1); >> + bytes_read = rng_get_data(rng, rng_buffer, size, 1); >> mutex_unlock(&reading_mutex); >> if (bytes_read > 0) >> - add_device_randomness(bytes, bytes_read); >> + add_device_randomness(rng_buffer, bytes_read); > > Shouldn't there be a memset(0) of the rng_buffer at this point to avoid having > such data lingering in memory? Sure, but shouldn't that be a separate patch covering the whole hw_crypto core? --Andy -- Andy Lutomirski AMA Capital Management, LLC