[PATCH] hwrng: core - zeroize buffers with random data

linux-crypto.vger.kernel.org archive mirror
 help / color / mirror / Atom feed

* [PATCH] hwrng: core - zeroize buffers with random data
@ 2016-10-22 13:57 Stephan Mueller
  2016-11-01  0:42 ` Herbert Xu
  0 siblings, 1 reply; 2+ messages in thread
From: Stephan Mueller @ 2016-10-22 13:57 UTC (permalink / raw)
  To: herbert; +Cc: linux-crypto, Andy Lutomirski

Hi Herbert,

As requested by Andy, I have created the following patch. This patch is against the cryptodev-2.6 tree and applies cleanly. However, due to Andy's patch to Linus' tree, the patch will fail to apply to that tree.

How would you want to proceed? Do you want to pull Andy's patch into your cryptodev-2.6 tree which means I will rework the patch?

Thanks
Stephan

---8<---

The HWRNG core allocates two buffers during initialization which are
used to obtain random data. After that data is processed, it is now
zeroized as it is possible that the HWRNG core will not be asked to
produce more random data for a long time. This prevents leaving such
sensitive data in memory.

Signed-off-by: Stephan Mueller <smueller@chronox.de>
---
 drivers/char/hw_random/core.c | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/drivers/char/hw_random/core.c b/drivers/char/hw_random/core.c
index d2d2c89..f976641 100644
--- a/drivers/char/hw_random/core.c
+++ b/drivers/char/hw_random/core.c
@@ -92,6 +92,7 @@ static void add_early_randomness(struct hwrng *rng)
 	mutex_unlock(&reading_mutex);
 	if (bytes_read > 0)
 		add_device_randomness(rng_buffer, bytes_read);
+	memset(rng_buffer, 0, size);
 }

 static inline void cleanup_rng(struct kref *kref)
@@ -287,6 +288,7 @@ static ssize_t rng_dev_read(struct file *filp, char __user *buf,
 		}
 	}
 out:
+	memset(rng_buffer, 0, rng_buffer_size());
 	return ret ? : err;

 out_unlock_reading:
@@ -425,6 +427,7 @@ static int hwrng_fillfn(void *unused)
 		/* Outside lock, sure, but y'know: randomness. */
 		add_hwgenerator_randomness((void *)rng_fillbuf, rc,
 					   rc * current_quality * 8 >> 10);
+		memset(rng_fillbuf, 0, rng_buffer_size());
 	}
 	hwrng_fill = NULL;
 	return 0;
-- 
2.7.4

^ permalink raw reply related	[flat|nested] 2+ messages in thread

* Re: [PATCH] hwrng: core - zeroize buffers with random data
  2016-10-22 13:57 [PATCH] hwrng: core - zeroize buffers with random data Stephan Mueller
@ 2016-11-01  0:42 ` Herbert Xu
  0 siblings, 0 replies; 2+ messages in thread
From: Herbert Xu @ 2016-11-01  0:42 UTC (permalink / raw)
  To: Stephan Mueller; +Cc: linux-crypto, Andy Lutomirski

On Sat, Oct 22, 2016 at 03:57:05PM +0200, Stephan Mueller wrote:
> 
> The HWRNG core allocates two buffers during initialization which are
> used to obtain random data. After that data is processed, it is now
> zeroized as it is possible that the HWRNG core will not be asked to
> produce more random data for a long time. This prevents leaving such
> sensitive data in memory.
> 
> Signed-off-by: Stephan Mueller <smueller@chronox.de>

Patch applied.  Thanks.
-- 
Email: Herbert Xu <herbert@gondor.apana.org.au>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt

^ permalink raw reply	[flat|nested] 2+ messages in thread

end of thread, other threads:[~2016-11-01  0:42 UTC | newest]

Thread overview: 2+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2016-10-22 13:57 [PATCH] hwrng: core - zeroize buffers with random data Stephan Mueller
2016-11-01  0:42 ` Herbert Xu

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).