Received: by 2002:a25:4158:0:0:0:0:0 with SMTP id o85csp1740521yba; Tue, 2 Apr 2019 15:02:09 -0700 (PDT) X-Google-Smtp-Source: APXvYqxzMYBgeUxkPX9hTf858ZFhZHOxMZIDTDidJUhRNjIpclaU1aXUqygWuO2aAoZLJOzo70jO X-Received: by 2002:a17:902:864b:: with SMTP id y11mr40795312plt.1.1554242529333; Tue, 02 Apr 2019 15:02:09 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1554242529; cv=none; d=google.com; s=arc-20160816; b=n6hT3yvplnU7XDSk9OQbHvu2RvJ/q76os5yo34wZg80qR21vbAgHfT5fT3sCjp/CPc uHXOF8F/yUXel7holra189zKjB2cPtvOgUZjzFUKAWotoreKdDeTItBYHOnWOFEJGpV5 dhBSjkinuxUzuwh9n38UU4IWdcb+sMaKTJ4+RYh9OlLBUtDobeFEuqchJ3nMIIoJ3Gp8 tgD0pVLjea4gt7gdCfEN55i3Xv2Lox529miLhcwCMb0MufvBWZdOJ9HT8bci6Pfp3Y0h udx1tjuYHe0bKMwDVmIzOxha7CdB/Nh8gHjAS7HJgscih4miCf6ZX6eF6ZvZ3r5beZu+ o9MA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:mime-version :message-id:date:subject:cc:to:from; bh=eq5KNPfuuDxncN4oWsOqZfMt5T4aBHnRv+qPrfZSex0=; b=IAkir+nD7fpJM9K8O18qkR0t7MmL2IKJqsAJ396FKNIaM5QgxtCYRij965GqiqhwoH GFlD3IhXl4TGYZBGKzRJntiUPBBj8ZZUF252VU2/LNNS03eoOe9Evs0JMZ/PVz9FdieK kCBqlPnWFKmy238oW+HANttkeR7KZAbsS+D/opcCn9ZY821boV11eXQxGqfxkwB9dH/9 JCOajZxYVhqxVZozDdq9zJHp/5wLG4eCJbCmMXCMlY+S8D2C/07NAE1ho1i9OUrgPIED Wu/ASy8TfGnZBXA9jTpAYQayFDtm4wPUxPBHqtsSetqlAmjXLaQFRYPs0QeiGugkbJrk vYdA== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id t10si11908435plr.229.2019.04.02.15.01.52; Tue, 02 Apr 2019 15:02:09 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726292AbfDBWBQ (ORCPT + 99 others); Tue, 2 Apr 2019 18:01:16 -0400 Received: from charlotte.tuxdriver.com ([70.61.120.58]:59730 "EHLO smtp.tuxdriver.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726078AbfDBWBQ (ORCPT ); Tue, 2 Apr 2019 18:01:16 -0400 Received: from cpe-2606-a000-111b-405a-9816-2c85-c514-8f7a.dyn6.twc.com ([2606:a000:111b:405a:9816:2c85:c514:8f7a] helo=localhost) by smtp.tuxdriver.com with esmtpsa (TLSv1:AES256-SHA:256) (Exim 4.63) (envelope-from ) id 1hBRSs-0000uC-PW; Tue, 02 Apr 2019 18:01:12 -0400 From: Neil Horman To: linux-kernel@vger.kernel.org Cc: Neil Horman , Steve Grubb , "Theodore Ts'o" , Arnd Bergmann , Greg Kroah-Hartman Subject: [PATCH] Fix xoring of arch_get_random_long into crng->state array Date: Tue, 2 Apr 2019 18:00:25 -0400 Message-Id: <20190402220025.14499-1-nhorman@tuxdriver.com> X-Mailer: git-send-email 2.20.1 MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Spam-Score: -2.9 (--) X-Spam-Status: No Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org When _crng_extract is called, any arch that has a registered arch_get_random_long method, attempts to mix an unsigned long value into the crng->state buffer, it only mixes in 32 of the 64 bits available, because the state buffer is an array of u32 values, even though 2 u32 are expected to be filled (owing to the fact that it expects indexes 14 and 15 to be filled). Bring the expected behavior into alignment by casting index 14 to an unsignled long pointer, and xoring that in instead. Tested successfully by myself Signed-off-by: Neil Horman Reported-by: Steve Grubb CC: "Theodore Ts'o" CC: Arnd Bergmann CC: Greg Kroah-Hartman --- drivers/char/random.c | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) diff --git a/drivers/char/random.c b/drivers/char/random.c index 38c6d1af6d1c..8178618458ac 100644 --- a/drivers/char/random.c +++ b/drivers/char/random.c @@ -975,14 +975,16 @@ static void _extract_crng(struct crng_state *crng, __u8 out[CHACHA_BLOCK_SIZE]) { unsigned long v, flags; - + unsigned long *archrnd; if (crng_ready() && (time_after(crng_global_init_time, crng->init_time) || time_after(jiffies, crng->init_time + CRNG_RESEED_INTERVAL))) crng_reseed(crng, crng == &primary_crng ? &input_pool : NULL); spin_lock_irqsave(&crng->lock, flags); - if (arch_get_random_long(&v)) - crng->state[14] ^= v; + if (arch_get_random_long(&v)) { + archrnd = (unsigned long *)&crng->state[14]; + *archrnd ^= v; + } chacha20_block(&crng->state[0], out); if (crng->state[12] == 0) crng->state[13]++; -- 2.20.1