Received: by 2002:a25:e74b:0:0:0:0:0 with SMTP id e72csp715029ybh; Tue, 21 Jul 2020 06:19:36 -0700 (PDT) X-Google-Smtp-Source: ABdhPJz9QJiyBYIDz1WzoE4fWBNLdFphHHLSH1u47sq7rdCEeeluNgV/mIsjzH3DANESR14Lr7pi X-Received: by 2002:a17:906:da19:: with SMTP id fi25mr24931972ejb.369.1595337576519; Tue, 21 Jul 2020 06:19:36 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1595337576; cv=none; d=google.com; s=arc-20160816; b=tmfRbG0DREDz6CSftAjuYzZIpOFmyuVn2PRZIxZH908On0SApiC1xnlDSBypxdZjk1 61J4KPZTaQeOQSSBHlC0BqyT0YzxlWPoKnXhpt1TspmT5TqL9nsu973+0SDo2TZXobzS hvuIsSRHHFltyOBLtRgo5p37bg+jHSWca82nK5Hn0ArR+M+5Pic6LoSXdI3wRlMGuySg GxmTmKaTdeY7o9T6P1db87heJpISFzuiWgAY33FL++/mX9KoMnz/Wbve3rmOnS7Qrxul NTx5cEtSdcWcJDPq6CPeA041os5/QTZtk0geZ8cDmD3DLAaxDLlnWHU/v1cOfZFmZ2uF WgKQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=3wa9df+B6y4GBthgur8zFZ654n8i/8x7FFkbtntW+do=; b=NtKXAQLp+mflJEn8lOKasWuICUvBOOt+6oNmM32u8270gbCeFMJQSnn8JqGaDuLdNQ OlEUd+iWXhAlZfPWdoFBpP4Am0rRFdebykm9j+pRy7K86/GkUyNw1hPl6xxONEnuZVIq XRmb6TK233hJNLPiXhMV8As0281m9IQLM9craLrbVT9kjY1yAE2Ylr3bfBtublf1xb3n os1ZR90JYo+dVmrK3X1zlYiM2ayL/XWQ2l3bGT4vHO6wtAQiL/uorKfgJaI2bpNOTRuV nCa6+jq+RIcOx8xPUCSU2xeRY+Q5TzFwMF31qN/acqAjz/EsidMuXCOc+2ZCVfrn0ZUl pT2A== ARC-Authentication-Results: i=1; mx.google.com; dkim=fail header.i=@chronox.de header.s=strato-dkim-0002 header.b=ddXqwGBm; spf=pass (google.com: domain of linux-crypto-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id va1si12759667ejb.558.2020.07.21.06.19.05; Tue, 21 Jul 2020 06:19:36 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-crypto-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; dkim=fail header.i=@chronox.de header.s=strato-dkim-0002 header.b=ddXqwGBm; spf=pass (google.com: domain of linux-crypto-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726971AbgGUNTD (ORCPT + 99 others); Tue, 21 Jul 2020 09:19:03 -0400 Received: from mo4-p00-ob.smtp.rzone.de ([81.169.146.163]:23276 "EHLO mo4-p00-ob.smtp.rzone.de" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726719AbgGUNTD (ORCPT ); Tue, 21 Jul 2020 09:19:03 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; t=1595337538; s=strato-dkim-0002; d=chronox.de; h=References:In-Reply-To:Message-ID:Date:Subject:Cc:To:From: X-RZG-CLASS-ID:X-RZG-AUTH:From:Subject:Sender; bh=3wa9df+B6y4GBthgur8zFZ654n8i/8x7FFkbtntW+do=; b=ddXqwGBmhMseoT6IX/IlaH6srUdQuLOyvoroM+zg3hkH2ezPKGb9vbjgl6WdFOwRqd 8jR/hhZ101/2c6Yg2SirbQGsKgy2yDrmysngIgmuHvX5eTdIDJfZiDHBPdnqyFDWJtci j9AGZecyyTPJhCmT5lhbiISeplnmecSgRucp8Cv1SVxD6/LJ/Mr1sORl6SlqNEKU1Fgq nS5qnhYYhu7lDfWbnSqgWfthO1sjraA/R4LMijaGlAgqc0OxSnJtJTcpbePsmkwq/5sR LXBOIHo4+Pcthd0RixQwpvao6v7XHfOu96zSgLHH9zgDMebUsQSdIvU0K7mrvQx10Vmv dvhQ== X-RZG-AUTH: ":P2ERcEykfu11Y98lp/T7+hdri+uKZK8TKWEqNyiHySGSa9k9xmwdNnzGHXPZJPScHiDh" X-RZG-CLASS-ID: mo00 Received: from tauon.chronox.de by smtp.strato.de (RZmta 46.10.5 DYNA|AUTH) with ESMTPSA id y0546bw6LDIsZUe (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256 bits)) (Client did not present a certificate); Tue, 21 Jul 2020 15:18:54 +0200 (CEST) From: Stephan Mueller To: Elena Petrova Cc: "open list:HARDWARE RANDOM NUMBER GENERATOR CORE" , Eric Biggers , Ard Biesheuvel , Jeffrey Vander Stoep Subject: Re: [PATCH v2] crypto: af_alg - add extra parameters for DRBG interface Date: Tue, 21 Jul 2020 15:18:54 +0200 Message-ID: <9149882.4vTCxPXJkl@tauon.chronox.de> In-Reply-To: References: <13569541.ZYm5mLc6kN@tauon.chronox.de> MIME-Version: 1.0 Content-Transfer-Encoding: 7Bit Content-Type: text/plain; charset="us-ascii" Sender: linux-crypto-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org Am Dienstag, 21. Juli 2020, 14:55:14 CEST schrieb Elena Petrova: Hi Elena, > > > +#ifdef CONFIG_CRYPTO_CAVS_DRBG > > > +static int rng_setentropy(void *private, const u8 *entropy, unsigned > > > int > > > len) +{ > > > + struct rng_parent_ctx *pctx = private; > > > + u8 *kentropy = NULL; > > > + > > > + if (!capable(CAP_SYS_ADMIN)) > > > + return -EPERM; > > > + > > > + if (pctx->entropy) > > > + return -EINVAL; > > > + > > > + if (len > MAXSIZE) > > > + len = MAXSIZE; > > > + > > > + if (len) { > > > + kentropy = memdup_user(entropy, len); > > > + if (IS_ERR(kentropy)) > > > + return PTR_ERR(kentropy); > > > + } > > > + > > > + crypto_rng_alg(pctx->drng)->set_ent(pctx->drng, kentropy, len); > > > + pctx->entropy = kentropy; > > > > Why do you need to keep kentropy around? For the check above whether > > entropy was set, wouldn't a boolean suffice? > > I need to keep the pointer to free it after use. Unlike the setting of > the key, DRBG saves the entropy pointer in one of its internal > structures, but doesn't do any memory > management. I had only two ideas on how to prevent memory leaks: > either change drbg code to deal with the memory, or save the pointer > somewhere inside the socket. I opted for the latter. But if you know a > better approach I'm happy to rework my code accordingly. I was thinking of calling crypto_rng_alg(pctx->drng)->seed() directly after set_ent. This call performs a DRBG instantatiate where the entropy buffer is used. See crypto_drbg_reset_test for the approach. But maybe you are right, the test "entropy" buffer inside the DRBG currently cannot be reset. So, for sanity purposes, you need to keep it around. Ciao Stephan