From patchwork Tue Jun 6 17:47:58 2017 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "Jason A. Donenfeld" X-Patchwork-Id: 9769393 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork.web.codeaurora.org (Postfix) with ESMTP id 3FEB26035D for ; Tue, 6 Jun 2017 17:49:33 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 37CF4200DF for ; Tue, 6 Jun 2017 17:49:33 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id 2AD8B205AF; Tue, 6 Jun 2017 17:49:33 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-4.1 required=2.0 tests=BAYES_00,DKIM_SIGNED, RCVD_IN_DNSWL_MED,T_DKIM_INVALID autolearn=ham version=3.3.1 Received: from mother.openwall.net (mother.openwall.net [195.42.179.200]) by mail.wl.linuxfoundation.org (Postfix) with SMTP id 46E32200DF for ; Tue, 6 Jun 2017 17:49:32 +0000 (UTC) Received: (qmail 1737 invoked by uid 550); 6 Jun 2017 17:48:32 -0000 Mailing-List: contact kernel-hardening-help@lists.openwall.com; run by ezmlm Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-ID: Delivered-To: mailing list kernel-hardening@lists.openwall.com Received: (qmail 1635 invoked from network); 6 Jun 2017 17:48:29 -0000 DKIM-Signature: v=1; a=rsa-sha1; c=relaxed; d=zx2c4.com; h=from:to:cc :subject:date:message-id:in-reply-to:references; s=mail; bh=xMK8 DFrVjItGXiyAyLVVMjvBWcM=; b=WUjhsTKSFydIeHy667VWbW6lAzBMyR9u3ec6 MCCCQt/eKgSA+SCRioPM7f4suu6611pDVk3h3U//I6P6QFawbXcUEkuo4oVKQKW6 R7kBbPRH+yAXhK3TMjDHpfy6+nRP4wCfV9DYjUPKv93b28Rvai6Mb1mgPqfLS4an E4+8gt8PxfyySCwvxpaP+xVqqwo2Vr7D11T5xWggu3vExVQk6YOdCM7ayG3AGQmO ASl6avPh0jmdLXGPtTeVjMLgY5xk/ghNoJYSGNxeO/ObKzUInNPXh22VuFpbDLqs Q/prIKeHr94bVeszBJAiu9ICWpFlPTFWyr+na0XGsIubzVtPvQ== From: "Jason A. Donenfeld" To: Theodore Ts'o , Linux Crypto Mailing List , LKML , kernel-hardening@lists.openwall.com, Greg Kroah-Hartman , David Miller , Eric Biggers Cc: "Jason A. Donenfeld" , Ilya Dryomov , "Yan, Zheng" , Sage Weil Date: Tue, 6 Jun 2017 19:47:58 +0200 Message-Id: <20170606174804.31124-8-Jason@zx2c4.com> X-Mailer: git-send-email 2.13.0 In-Reply-To: <20170606174804.31124-1-Jason@zx2c4.com> References: <20170606174804.31124-1-Jason@zx2c4.com> Subject: [kernel-hardening] [PATCH v4 07/13] ceph: ensure RNG is seeded before using X-Virus-Scanned: ClamAV using ClamSMTP Ceph uses the RNG for various nonce generations, and it shouldn't accept using bad randomness. So, we wait for the RNG to be properly seeded. We do this by calling wait_for_random_bytes() in a function that is certainly called in process context, early on, so that all subsequent calls to get_random_bytes are necessarily acceptable. Signed-off-by: Jason A. Donenfeld Cc: Ilya Dryomov Cc: "Yan, Zheng" Cc: Sage Weil --- net/ceph/ceph_common.c | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/net/ceph/ceph_common.c b/net/ceph/ceph_common.c index 4fd02831beed..26ab58665f77 100644 --- a/net/ceph/ceph_common.c +++ b/net/ceph/ceph_common.c @@ -611,7 +611,11 @@ struct ceph_client *ceph_create_client(struct ceph_options *opt, void *private) { struct ceph_client *client; struct ceph_entity_addr *myaddr = NULL; - int err = -ENOMEM; + int err; + + err = wait_for_random_bytes(); + if (err < 0) + return ERR_PTR(err); client = kzalloc(sizeof(*client), GFP_KERNEL); if (client == NULL)