From patchwork Wed Jun  7 23:26:01 2017
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: "Jason A. Donenfeld" <Jason@zx2c4.com>
X-Patchwork-Id: 9773311
X-Patchwork-Delegate: herbert@gondor.apana.org.au
Return-Path: <linux-crypto-owner@kernel.org>
Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org
	[172.30.200.125])
	by pdx-korg-patchwork.web.codeaurora.org (Postfix) with ESMTP id
	EC35660234 for <patchwork-linux-crypto@patchwork.kernel.org>;
	Wed,  7 Jun 2017 23:29:07 +0000 (UTC)
Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1])
	by mail.wl.linuxfoundation.org (Postfix) with ESMTP id E1926283AD
	for <patchwork-linux-crypto@patchwork.kernel.org>;
	Wed,  7 Jun 2017 23:29:07 +0000 (UTC)
Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486)
	id D64A02848D; Wed,  7 Jun 2017 23:29:07 +0000 (UTC)
X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on
	pdx-wl-mail.web.codeaurora.org
X-Spam-Level: 
X-Spam-Status: No, score=-7.0 required=2.0 tests=BAYES_00,DKIM_SIGNED,
	DKIM_VALID, DKIM_VALID_AU,
	RCVD_IN_DNSWL_HI autolearn=unavailable version=3.3.1
Received: from vger.kernel.org (vger.kernel.org [209.132.180.67])
	by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 9D427283AD
	for <patchwork-linux-crypto@patchwork.kernel.org>;
	Wed,  7 Jun 2017 23:29:07 +0000 (UTC)
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
	id S1752109AbdFGX2v (ORCPT
	<rfc822;patchwork-linux-crypto@patchwork.kernel.org>);
	Wed, 7 Jun 2017 19:28:51 -0400
Received: from frisell.zx2c4.com ([192.95.5.64]:54805 "EHLO
	frisell.zx2c4.com"
	rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP
	id S1753444AbdFGX03 (ORCPT <rfc822;linux-crypto@vger.kernel.org>);
	Wed, 7 Jun 2017 19:26:29 -0400
Received: by frisell.zx2c4.com (ZX2C4 Mail Server) with ESMTP id 263da5c7;
	Wed, 7 Jun 2017 23:25:58 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha1; c=relaxed; d=zx2c4.com; h=from:to:cc
	:subject:date:message-id:in-reply-to:references; s=mail; bh=GwUy
	SR4DsEka5UeoPU3RDAyhxQ4=; b=tYdSbf78VplTYtcnjyLb/lmPARTBIQY5RRNx
	vf1KmjFr1j/xy8sBegATGtuiXZE9WAk7jWQa/UJCtD3Ob29QPrI5sPZoL1OPnBRl
	S8TuC0J/qVJMdhHqPBGQgkoA5B8POif44VjemB8JuvDO5TxOQu42vqzCTElHPAnq
	euBp6NZnxnKn+gPEpE0cJZcyWZeivtvIQuNzZ3StvvgpnbRRI5i5zDDJR0ERYvvm
	IwLzDbqER3Om1m3ILvzWZwoEltamWblkNzR3YvPf6m9+mZdO9Pme9+sMfawZ/OeP
	YInmovtXaUkiqFqminSLbqawzehdAUcvShYjoI4hpKo9PhHT6Q==
Received: by frisell.zx2c4.com (ZX2C4 Mail Server) with ESMTPSA id c6c414b1
	(TLSv1.2:ECDHE-RSA-AES256-GCM-SHA384:256:NO);
	Wed, 7 Jun 2017 23:25:57 +0000 (UTC)
From: "Jason A. Donenfeld" <Jason@zx2c4.com>
To: Theodore Ts'o <tytso@mit.edu>,
	Linux Crypto Mailing List <linux-crypto@vger.kernel.org>,
	LKML <linux-kernel@vger.kernel.org>, kernel-hardening@lists.openwall.com,
	Greg Kroah-Hartman <gregkh@linuxfoundation.org>,
	Eric Biggers <ebiggers3@gmail.com>,
	Linus Torvalds <torvalds@linux-foundation.org>,
	David Miller <davem@davemloft.net>
Cc: "Jason A. Donenfeld" <Jason@zx2c4.com>,
	Ilya Dryomov <idryomov@gmail.com>,
	"Yan, Zheng" <zyan@redhat.com>, Sage Weil <sage@redhat.com>
Subject: [PATCH v5 07/13] ceph: ensure RNG is seeded before using
Date: Thu,  8 Jun 2017 01:26:01 +0200
Message-Id: <20170607232607.26870-8-Jason@zx2c4.com>
In-Reply-To: <20170607232607.26870-1-Jason@zx2c4.com>
References: <20170607232607.26870-1-Jason@zx2c4.com>
Sender: linux-crypto-owner@vger.kernel.org
Precedence: bulk
List-ID: <linux-crypto.vger.kernel.org>
X-Mailing-List: linux-crypto@vger.kernel.org
X-Virus-Scanned: ClamAV using ClamSMTP

Ceph uses the RNG for various nonce generations, and it shouldn't accept
using bad randomness. So, we wait for the RNG to be properly seeded. We
do this by calling wait_for_random_bytes() in a function that is
certainly called in process context, early on, so that all subsequent
calls to get_random_bytes are necessarily acceptable.

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
Cc: Ilya Dryomov <idryomov@gmail.com>
Cc: "Yan, Zheng" <zyan@redhat.com>
Cc: Sage Weil <sage@redhat.com>
---
 net/ceph/ceph_common.c | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/net/ceph/ceph_common.c b/net/ceph/ceph_common.c
index 47e94b560ba0..0368a04995b3 100644
--- a/net/ceph/ceph_common.c
+++ b/net/ceph/ceph_common.c
@@ -598,7 +598,11 @@ struct ceph_client *ceph_create_client(struct ceph_options *opt, void *private)
 {
 	struct ceph_client *client;
 	struct ceph_entity_addr *myaddr = NULL;
-	int err = -ENOMEM;
+	int err;
+
+	err = wait_for_random_bytes();
+	if (err < 0)
+		return ERR_PTR(err);
 
 	client = kzalloc(sizeof(*client), GFP_KERNEL);
 	if (client == NULL)