From patchwork Tue Jun 6 00:51:02 2017 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "Jason A. Donenfeld" X-Patchwork-Id: 9767747 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork.web.codeaurora.org (Postfix) with ESMTP id 8544F6034B for ; Tue, 6 Jun 2017 00:52:21 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 7BD8C27968 for ; Tue, 6 Jun 2017 00:52:21 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id 703ED283C0; Tue, 6 Jun 2017 00:52:21 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-4.1 required=2.0 tests=BAYES_00,DKIM_SIGNED, RCVD_IN_DNSWL_MED,T_DKIM_INVALID autolearn=ham version=3.3.1 Received: from mother.openwall.net (mother.openwall.net [195.42.179.200]) by mail.wl.linuxfoundation.org (Postfix) with SMTP id A547527968 for ; Tue, 6 Jun 2017 00:52:20 +0000 (UTC) Received: (qmail 17430 invoked by uid 550); 6 Jun 2017 00:51:55 -0000 Mailing-List: contact kernel-hardening-help@lists.openwall.com; run by ezmlm Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-ID: Delivered-To: mailing list kernel-hardening@lists.openwall.com Received: (qmail 16294 invoked from network); 6 Jun 2017 00:51:54 -0000 DKIM-Signature: v=1; a=rsa-sha1; c=relaxed; d=zx2c4.com; h=from:to:cc :subject:date:message-id:in-reply-to:references; s=mail; bh=xMK8 DFrVjItGXiyAyLVVMjvBWcM=; b=2iPdr/gjFhOzMWfZOboZW40GZbhbNbvmDtJu w2fqz9xYoTyLtaN+VUKCchuwef4iBS1fU6lAcRxsCII0WDNpYDOCMNiX9cbKYOQV nyJaAs+cYWE3H2iGRWEi5YNcwox6nfSmXVggWRsTSuwhV6WSpDWVtmAu/c5XwF0j r3j5YPmBmsc0pLPQtG/f3+5J48b5drB3wQbo+X/+v0onvaScTcU/IrK4hJ5rEq6k Fx2sM3NZD6P3nbxN16REcNWSxL0g6yitYVu6XGLLFouN65L2bd+b6dtTe98pjM/Z czGszk5WU13ux8dciNoMqOwU5QWq69A58JDgklJ+K6+mIpElpQ== From: "Jason A. Donenfeld" To: Theodore Ts'o , Linux Crypto Mailing List , LKML , kernel-hardening@lists.openwall.com, Greg Kroah-Hartman , David Miller Cc: "Jason A. Donenfeld" , Ilya Dryomov , "Yan, Zheng" , Sage Weil Date: Tue, 6 Jun 2017 02:51:02 +0200 Message-Id: <20170606005108.5646-8-Jason@zx2c4.com> X-Mailer: git-send-email 2.13.0 In-Reply-To: <20170606005108.5646-1-Jason@zx2c4.com> References: <20170606005108.5646-1-Jason@zx2c4.com> Subject: [kernel-hardening] [PATCH v3 07/13] ceph: ensure RNG is seeded before using X-Virus-Scanned: ClamAV using ClamSMTP Ceph uses the RNG for various nonce generations, and it shouldn't accept using bad randomness. So, we wait for the RNG to be properly seeded. We do this by calling wait_for_random_bytes() in a function that is certainly called in process context, early on, so that all subsequent calls to get_random_bytes are necessarily acceptable. Signed-off-by: Jason A. Donenfeld Cc: Ilya Dryomov Cc: "Yan, Zheng" Cc: Sage Weil --- net/ceph/ceph_common.c | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/net/ceph/ceph_common.c b/net/ceph/ceph_common.c index 4fd02831beed..26ab58665f77 100644 --- a/net/ceph/ceph_common.c +++ b/net/ceph/ceph_common.c @@ -611,7 +611,11 @@ struct ceph_client *ceph_create_client(struct ceph_options *opt, void *private) { struct ceph_client *client; struct ceph_entity_addr *myaddr = NULL; - int err = -ENOMEM; + int err; + + err = wait_for_random_bytes(); + if (err < 0) + return ERR_PTR(err); client = kzalloc(sizeof(*client), GFP_KERNEL); if (client == NULL)