Re: [PATCH] Revert "hwrng: core - zeroize buffers with random data"

From: Stephan Müller
Date: Thu Feb 09 2017 - 04:34:57 EST

Next message: Gustavo A. R. Silva: "drivers: usb: dwc3: A question..."
Previous message: Takafumi Kubota: "[PATCH v2] Btrfs: add another missing end_page_writeback on submit_extent_page failure"
In reply to: Linus Torvalds: "Re: [PATCH] Revert "hwrng: core - zeroize buffers with random data""
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Am Mittwoch, 8. Februar 2017, 17:57:23 CET schrieb Linus Torvalds:

Hi Linus,

> Stephan, Herbert? The zeroes in /dev/hwrng output are obviously
> complete crap, so there's something badly wrong somewhere.
>
> The locking, for example, is completely buggered. There's even a
> comment about it, but that comment makes the correct observation of
> "but y'know: randomness". But the memset() also being outside the lock
> makes a complete joke of the whole thing.

That is correct, the patch is broken and should be reverted.

May I ask, however, why the add_device_randomness is invoked outside the lock
as well. Shouldn't it be moved into the lock?

Besides, I still would think that a memset(0) is needed because we have long-
living memory locations (rng_buffer and rng_fillbuf) which may be overwritten
sporadically. As these memory locations are expected to hold entropy, they
should be overwritten as soon as the data is processed. Obviously, such memset
must be done within the lock.

Ciao
Stephan

Next message: Gustavo A. R. Silva: "drivers: usb: dwc3: A question..."
Previous message: Takafumi Kubota: "[PATCH v2] Btrfs: add another missing end_page_writeback on submit_extent_page failure"
In reply to: Linus Torvalds: "Re: [PATCH] Revert "hwrng: core - zeroize buffers with random data""
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]