[PATCH 01/11] random: don't feed stack data into pool when interrupt regs NULL

[Andi Kleen]

From: Andi Kleen <ak@xxxxxxxxxxxxxxx>

In some cases, e.g. after this

arch/ia64/kernel/irq.c:185:                     struct pt_regs *old_regs = set_irq_regs(NULL);
arch/ia64/kernel/irq_ia64.c:560:                        struct pt_regs *old_regs = set_irq_regs(NULL);

the regs passed to add_interrupt_randomness() could be NULL.

In this case fast_mix would use two uninitialized ints from the stack
and mix it into the pool.

In this case set the input to 0.

Cc: tony.luck@xxxxxxxxx
Cc: tytso@xxxxxxx
Signed-off-by: Andi Kleen <ak@xxxxxxxxxxxxxxx>
---
 drivers/char/random.c | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/drivers/char/random.c b/drivers/char/random.c
index 7737b5b..25ed2dc 100644
--- a/drivers/char/random.c
+++ b/drivers/char/random.c
@@ -752,6 +752,8 @@ void add_interrupt_randomness(int irq, int irq_flags)
 		__u64 ip = instruction_pointer(regs);
 		input[2] = ip;
 		input[3] = ip >> 32;
+	} else {
+		input[2] = input[3] = 0;
 	}
 
 	fast_mix(fast_pool, input, sizeof(input));
-- 
1.8.3.1

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/