Received: by 2002:a25:ab43:0:0:0:0:0 with SMTP id u61csp6557710ybi; Wed, 29 May 2019 09:29:28 -0700 (PDT) X-Google-Smtp-Source: APXvYqy40aSpZ9lEb8+usreYIdwzKJFjApCof2DZvHiBYLXtbVehSwPtpoYw/xt93iLTf5wmsORY X-Received: by 2002:a62:e70e:: with SMTP id s14mr5646997pfh.183.1559147368623; Wed, 29 May 2019 09:29:28 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1559147368; cv=none; d=google.com; s=arc-20160816; b=EKAxyU8FqATiez06qX2BNVhlX06rqqFtRjxCeTiyAyyI687v5h8Ew0H91NNfxxp7/J YiUopgpG5prpwPue0JJPNWWNUanrU42lV+5XJuJM+2q2NxiPA7EN3YD5yVEW4pLEWknS 7l1WUmsSCkIUw4xMkJbnhFp5sCio35l55af4he1njhtQ3YcMuRXVMdHqt2H45kc/oDVl skjfA2gB71bEDgUxfYU7RRTAbAFswSTWS4HueoFRi4d841B4ydhp+CtActihKHasWlCE Ci4jad3eUeHddJ4cn01BuvrZ6lbnMy2+nAZPVOgi4SF6QOJ5OiNGlvj+TlWpcM8YkVB7 UOgw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:user-agent:in-reply-to :content-disposition:mime-version:references:message-id:subject:cc :to:from:date; bh=klq33BqrxGC2f23Z2aI68qW9hP3fCMnOq4L0Mup5I4s=; b=yZ1sGD05Y+YuAqEtSm11wnGWCcp/kizwS3ZTjUcj6QqKcAybx2Y51C+pOyDKo9HBGN KxBY0WHjkE52by5sgsvGdWuoDp0z39wblvQS17a9B1CUHD3BFfAlo2SY6gjRgGfSjDVa I5uij5YMmtdYhZ1GReQvDFLMlhLDi21gYUcsvkvSj0muFpQUulgXA75KzjU6KNlOLHXR qY0MiJYX/7vaQD92/qDI/ezBifWNEFHD5eh/fIGajisb1YbpbA39Sx9836BoPAOF3UbO ad5xkD4ldFjDwYwb+cfQN7kg6uU8OEhHGe1UDVUczf5DxShZ45CGUdGM4pwu4CAt1AkM P6gQ== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id gn18si11752plb.273.2019.05.29.09.29.12; Wed, 29 May 2019 09:29:28 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726869AbfE2Q15 (ORCPT + 99 others); Wed, 29 May 2019 12:27:57 -0400 Received: from charlotte.tuxdriver.com ([70.61.120.58]:50424 "EHLO smtp.tuxdriver.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726062AbfE2Q15 (ORCPT ); Wed, 29 May 2019 12:27:57 -0400 Received: from cpe-2606-a000-111b-405a-0-0-0-162e.dyn6.twc.com ([2606:a000:111b:405a::162e] helo=localhost) by smtp.tuxdriver.com with esmtpsa (TLSv1:AES256-SHA:256) (Exim 4.63) (envelope-from ) id 1hW1QZ-0002RU-5J; Wed, 29 May 2019 12:27:54 -0400 Date: Wed, 29 May 2019 12:27:20 -0400 From: Neil Horman To: David Laight Cc: "linux-kernel@vger.kernel.org" , Steve Grubb , Theodore Ts'o , Arnd Bergmann , Greg Kroah-Hartman Subject: Re: [PATCH] Fix xoring of arch_get_random_long into crng->state array Message-ID: <20190529162720.GC31099@hmswarspite.think-freely.org> References: <20190402220025.14499-1-nhorman@tuxdriver.com> <20190529134200.GA31099@hmswarspite.think-freely.org> <20190529155156.GB31099@hmswarspite.think-freely.org> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: User-Agent: Mutt/1.11.3 (2019-02-01) X-Spam-Score: -2.9 (--) X-Spam-Status: No Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Wed, May 29, 2019 at 03:57:07PM +0000, David Laight wrote: > From: Neil Horman [mailto:nhorman@tuxdriver.com] > > Sent: 29 May 2019 16:52 > > On Wed, May 29, 2019 at 01:51:24PM +0000, David Laight wrote: > > > From: Neil Horman > > > > Sent: 29 May 2019 14:42 > > > > On Tue, Apr 02, 2019 at 06:00:25PM -0400, Neil Horman wrote: > > > > > When _crng_extract is called, any arch that has a registered > > > > > arch_get_random_long method, attempts to mix an unsigned long value into > > > > > the crng->state buffer, it only mixes in 32 of the 64 bits available, > > > > > because the state buffer is an array of u32 values, even though 2 u32 > > > > > are expected to be filled (owing to the fact that it expects indexes 14 > > > > > and 15 to be filled). > > > > > > > > > > Bring the expected behavior into alignment by casting index 14 to an > > > > > unsignled long pointer, and xoring that in instead. > > > ... > > > > > diff --git a/drivers/char/random.c b/drivers/char/random.c > > > > > index 38c6d1af6d1c..8178618458ac 100644 > > > > > --- a/drivers/char/random.c > > > > > +++ b/drivers/char/random.c > > > > > @@ -975,14 +975,16 @@ static void _extract_crng(struct crng_state *crng, > > > > > __u8 out[CHACHA_BLOCK_SIZE]) > > > > > { > > > > > unsigned long v, flags; > > > > > - > > > > > + unsigned long *archrnd; > > > > > if (crng_ready() && > > > > > (time_after(crng_global_init_time, crng->init_time) || > > > > > time_after(jiffies, crng->init_time + CRNG_RESEED_INTERVAL))) > > > > > crng_reseed(crng, crng == &primary_crng ? &input_pool : NULL); > > > > > spin_lock_irqsave(&crng->lock, flags); > > > > > - if (arch_get_random_long(&v)) > > > > > - crng->state[14] ^= v; > > > > > + if (arch_get_random_long(&v)) { > > > > > + archrnd = (unsigned long *)&crng->state[14]; > > > > > + *archrnd ^= v; > > > > > + } > > > > > > Isn't that likely to generate a misaligned memory access? > > > > > I'm not quite sure how it would, crng->state is an array of _u32's, and so every > > even element should be on a 64 bit boundary. > > Only if the first item is aligned.... > Add a u32 before it and you'll probably flip the alignment. > Sure (assuming no padding by the compiler of leading elements), but thats not the case here, state is the first element in the array. I suppose we could add an __attribute__((aligned,8)) to the element if you think it would help Neil > David > > - > Registered Address Lakeside, Bramley Road, Mount Farm, Milton Keynes, MK1 1PT, UK > Registration No: 1397386 (Wales) > >