From patchwork Tue Jun 6 00:51:02 2017 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "Jason A. Donenfeld" X-Patchwork-Id: 9767781 X-Patchwork-Delegate: herbert@gondor.apana.org.au Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork.web.codeaurora.org (Postfix) with ESMTP id 959AA6034B for ; Tue, 6 Jun 2017 00:53:46 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 8C70627968 for ; Tue, 6 Jun 2017 00:53:46 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id 80CCD28445; Tue, 6 Jun 2017 00:53:46 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-7.0 required=2.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID, DKIM_VALID_AU, RCVD_IN_DNSWL_HI autolearn=unavailable version=3.3.1 Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 414EF27968 for ; Tue, 6 Jun 2017 00:53:46 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1751418AbdFFAv7 (ORCPT ); Mon, 5 Jun 2017 20:51:59 -0400 Received: from frisell.zx2c4.com ([192.95.5.64]:57707 "EHLO frisell.zx2c4.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1751194AbdFFAv6 (ORCPT ); Mon, 5 Jun 2017 20:51:58 -0400 Received: by frisell.zx2c4.com (ZX2C4 Mail Server) with ESMTP id f0365f93; Tue, 6 Jun 2017 00:51:34 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha1; c=relaxed; d=zx2c4.com; h=from:to:cc :subject:date:message-id:in-reply-to:references; s=mail; bh=xMK8 DFrVjItGXiyAyLVVMjvBWcM=; b=2iPdr/gjFhOzMWfZOboZW40GZbhbNbvmDtJu w2fqz9xYoTyLtaN+VUKCchuwef4iBS1fU6lAcRxsCII0WDNpYDOCMNiX9cbKYOQV nyJaAs+cYWE3H2iGRWEi5YNcwox6nfSmXVggWRsTSuwhV6WSpDWVtmAu/c5XwF0j r3j5YPmBmsc0pLPQtG/f3+5J48b5drB3wQbo+X/+v0onvaScTcU/IrK4hJ5rEq6k Fx2sM3NZD6P3nbxN16REcNWSxL0g6yitYVu6XGLLFouN65L2bd+b6dtTe98pjM/Z czGszk5WU13ux8dciNoMqOwU5QWq69A58JDgklJ+K6+mIpElpQ== Received: by frisell.zx2c4.com (ZX2C4 Mail Server) with ESMTPSA id 25d9681f (TLSv1.2:ECDHE-RSA-AES256-GCM-SHA384:256:NO); Tue, 6 Jun 2017 00:51:33 +0000 (UTC) From: "Jason A. Donenfeld" To: Theodore Ts'o , Linux Crypto Mailing List , LKML , kernel-hardening@lists.openwall.com, Greg Kroah-Hartman , David Miller Cc: "Jason A. Donenfeld" , Ilya Dryomov , "Yan, Zheng" , Sage Weil Subject: [PATCH v3 07/13] ceph: ensure RNG is seeded before using Date: Tue, 6 Jun 2017 02:51:02 +0200 Message-Id: <20170606005108.5646-8-Jason@zx2c4.com> X-Mailer: git-send-email 2.13.0 In-Reply-To: <20170606005108.5646-1-Jason@zx2c4.com> References: <20170606005108.5646-1-Jason@zx2c4.com> Sender: linux-crypto-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org X-Virus-Scanned: ClamAV using ClamSMTP Ceph uses the RNG for various nonce generations, and it shouldn't accept using bad randomness. So, we wait for the RNG to be properly seeded. We do this by calling wait_for_random_bytes() in a function that is certainly called in process context, early on, so that all subsequent calls to get_random_bytes are necessarily acceptable. Signed-off-by: Jason A. Donenfeld Cc: Ilya Dryomov Cc: "Yan, Zheng" Cc: Sage Weil --- net/ceph/ceph_common.c | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/net/ceph/ceph_common.c b/net/ceph/ceph_common.c index 4fd02831beed..26ab58665f77 100644 --- a/net/ceph/ceph_common.c +++ b/net/ceph/ceph_common.c @@ -611,7 +611,11 @@ struct ceph_client *ceph_create_client(struct ceph_options *opt, void *private) { struct ceph_client *client; struct ceph_entity_addr *myaddr = NULL; - int err = -ENOMEM; + int err; + + err = wait_for_random_bytes(); + if (err < 0) + return ERR_PTR(err); client = kzalloc(sizeof(*client), GFP_KERNEL); if (client == NULL)