From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 03502C4332F for ; Mon, 7 Nov 2022 15:28:48 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S231754AbiKGP2r (ORCPT ); Mon, 7 Nov 2022 10:28:47 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:35212 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S232331AbiKGP2p (ORCPT ); Mon, 7 Nov 2022 10:28:45 -0500 Received: from dfw.source.kernel.org (dfw.source.kernel.org [IPv6:2604:1380:4641:c500::1]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 36D1F12D06 for ; Mon, 7 Nov 2022 07:28:44 -0800 (PST) Received: from smtp.kernel.org (relay.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by dfw.source.kernel.org (Postfix) with ESMTPS id ADA0361196 for ; Mon, 7 Nov 2022 15:28:43 +0000 (UTC) Received: by smtp.kernel.org (Postfix) with ESMTPSA id B4B09C433D6; Mon, 7 Nov 2022 15:28:42 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=linuxfoundation.org; s=korg; t=1667834923; bh=FJtbIMc0QBwKfVt8fb7WzYrChNllIkYGqoKR6RRzigc=; h=Subject:To:Cc:From:Date:From; b=Zyabge5Zig1j4Ii66TklyYJv9/VV8ia2ajKgsHaBhiDTWfhhjRawFINIDUeGKMwqQ 0+pXvbk83oqXU94BjI/A3w3j2Sw+x8BhLwymQSs9V3HTgEjtqdq7Ofpppai/1dsuej IDnJrAmpUy2u51pd6fBg8Om3EVMDWbI281r9mVUs= Subject: FAILED: patch "[PATCH] efi: random: reduce seed size to 32 bytes" failed to apply to 4.14-stable tree To: ardb@kernel.org, Jason@zx2c4.com, ilias.apalodimas@linaro.org, stable@vger.kernel.org Cc: From: Date: Mon, 07 Nov 2022 16:28:31 +0100 Message-ID: <16678349111147@kroah.com> MIME-Version: 1.0 Content-Type: text/plain; charset=ANSI_X3.4-1968 Content-Transfer-Encoding: 8bit Precedence: bulk List-ID: X-Mailing-List: stable@vger.kernel.org The patch below does not apply to the 4.14-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to . Possible dependencies: 161a438d730d ("efi: random: reduce seed size to 32 bytes") 6120681bdf1a ("Merge branch 'efi/urgent' into efi/core, to pick up fixes") thanks, greg k-h ------------------ original commit in Linus's tree ------------------ >From 161a438d730dade2ba2b1bf8785f0759aba4ca5f Mon Sep 17 00:00:00 2001 From: Ard Biesheuvel Date: Thu, 20 Oct 2022 10:39:08 +0200 Subject: [PATCH] efi: random: reduce seed size to 32 bytes We no longer need at least 64 bytes of random seed to permit the early crng init to complete. The RNG is now based on Blake2s, so reduce the EFI seed size to the Blake2s hash size, which is sufficient for our purposes. While at it, drop the READ_ONCE(), which was supposed to prevent size from being evaluated after seed was unmapped. However, this cannot actually happen, so READ_ONCE() is unnecessary here. Cc: # v4.14+ Signed-off-by: Ard Biesheuvel Reviewed-by: Jason A. Donenfeld Acked-by: Ilias Apalodimas diff --git a/drivers/firmware/efi/efi.c b/drivers/firmware/efi/efi.c index 3ecdc43a3f2b..a46df5d1d094 100644 --- a/drivers/firmware/efi/efi.c +++ b/drivers/firmware/efi/efi.c @@ -611,7 +611,7 @@ int __init efi_config_parse_tables(const efi_config_table_t *config_tables, seed = early_memremap(efi_rng_seed, sizeof(*seed)); if (seed != NULL) { - size = READ_ONCE(seed->size); + size = min(seed->size, EFI_RANDOM_SEED_SIZE); early_memunmap(seed, sizeof(*seed)); } else { pr_err("Could not map UEFI random seed!\n"); diff --git a/include/linux/efi.h b/include/linux/efi.h index 80f3c1c7827d..929d559ad41d 100644 --- a/include/linux/efi.h +++ b/include/linux/efi.h @@ -1222,7 +1222,7 @@ efi_status_t efi_random_get_seed(void); arch_efi_call_virt_teardown(); \ }) -#define EFI_RANDOM_SEED_SIZE 64U +#define EFI_RANDOM_SEED_SIZE 32U // BLAKE2S_HASH_SIZE struct linux_efi_random_seed { u32 size;