random: fix crng_ready() test - kernel/linux.git - Linux kernel stable tree (mirror)

diff options

author	Theodore Ts'o <tytso@mit.edu>	2018-04-11 20:27:52 +0300
committer	Theodore Ts'o <tytso@mit.edu>	2018-04-14 18:58:26 +0300
commit	43838a23a05fbd13e47d750d3dfd77001536dd33 (patch)
tree	cfdb6b48fe4054cbf9fe50b3847f871233db125d /drivers/fpga/fpga-bridge.c
parent	5e747dd9be54be190dd6ebeebf4a4a01ba765625 (diff)
download	linux-43838a23a05fbd13e47d750d3dfd77001536dd33.tar.xz

random: fix crng_ready() test

The crng_init variable has three states: 0: The CRNG is not initialized at all 1: The CRNG has a small amount of entropy, hopefully good enough for early-boot, non-cryptographical use cases 2: The CRNG is fully initialized and we are sure it is safe for cryptographic use cases. The crng_ready() function should only return true once we are in the last state. This addresses CVE-2018-1108. Reported-by: Jann Horn <jannh@google.com> Fixes: e192be9d9a30 ("random: replace non-blocking pool...") Cc: stable@kernel.org # 4.8+ Signed-off-by: Theodore Ts'o <tytso@mit.edu> Reviewed-by: Jann Horn <jannh@google.com>

Diffstat (limited to 'drivers/fpga/fpga-bridge.c')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: