From: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
To: linux-kernel@vger.kernel.org
Cc: Greg Kroah-Hartman <gregkh@linuxfoundation.org>,
stable@vger.kernel.org, Sasha Levin <sasha.levin@oracle.com>,
Hannes Frederic Sowa <hannes@stressinduktion.org>,
Daniel Borkmann <dborkman@redhat.com>,
"David S. Miller" <davem@davemloft.net>
Subject: [PATCH 3.13 15/22] random32: avoid attempt to late reseed if in the middle of seeding
Date: Mon, 31 Mar 2014 21:08:45 -0700 [thread overview]
Message-ID: <20140401040706.799542067@linuxfoundation.org> (raw)
In-Reply-To: <20140401040703.045139933@linuxfoundation.org>
3.13-stable review patch. If anyone has any objections, please let me know.
------------------
From: Sasha Levin <sasha.levin@oracle.com>
commit 05efa8c943b1d5d90fa8c8147571837573338bb6 upstream.
Commit 4af712e8df ("random32: add prandom_reseed_late() and call when
nonblocking pool becomes initialized") has added a late reseed stage
that happens as soon as the nonblocking pool is marked as initialized.
This fails in the case that the nonblocking pool gets initialized
during __prandom_reseed()'s call to get_random_bytes(). In that case
we'd double back into __prandom_reseed() in an attempt to do a late
reseed - deadlocking on 'lock' early on in the boot process.
Instead, just avoid even waiting to do a reseed if a reseed is already
occuring.
Fixes: 4af712e8df99 ("random32: add prandom_reseed_late() and call when nonblocking pool becomes initialized")
Signed-off-by: Sasha Levin <sasha.levin@oracle.com>
Acked-by: Hannes Frederic Sowa <hannes@stressinduktion.org>
Signed-off-by: Daniel Borkmann <dborkman@redhat.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
---
lib/random32.c | 13 ++++++++++++-
1 file changed, 12 insertions(+), 1 deletion(-)
--- a/lib/random32.c
+++ b/lib/random32.c
@@ -244,8 +244,19 @@ static void __prandom_reseed(bool late)
static bool latch = false;
static DEFINE_SPINLOCK(lock);
+ /* Asking for random bytes might result in bytes getting
+ * moved into the nonblocking pool and thus marking it
+ * as initialized. In this case we would double back into
+ * this function and attempt to do a late reseed.
+ * Ignore the pointless attempt to reseed again if we're
+ * already waiting for bytes when the nonblocking pool
+ * got initialized.
+ */
+
/* only allow initial seeding (late == false) once */
- spin_lock_irqsave(&lock, flags);
+ if (!spin_trylock_irqsave(&lock, flags))
+ return;
+
if (latch && !late)
goto out;
latch = true;
next prev parent reply other threads:[~2014-04-01 4:08 UTC|newest]
Thread overview: 29+ messages / expand[flat|nested] mbox.gz Atom feed top
2014-04-01 4:08 [PATCH 3.13 00/22] 3.13.9-stable review Greg Kroah-Hartman
2014-04-01 4:08 ` [PATCH 3.13 01/22] ext4: atomically set inode->i_flags in ext4_set_inode_flags() Greg Kroah-Hartman
2014-04-01 4:08 ` [PATCH 3.13 02/22] rcuwalk: recheck mount_lock after mountpoint crossing attempts Greg Kroah-Hartman
2014-04-01 4:08 ` [PATCH 3.13 03/22] Input: mousedev - fix race when creating mixed device Greg Kroah-Hartman
2014-04-01 4:08 ` [PATCH 3.13 04/22] Input: synaptics - add manual min/max quirk Greg Kroah-Hartman
2014-04-01 4:08 ` [PATCH 3.13 05/22] Input: synaptics - add manual min/max quirk for ThinkPad X240 Greg Kroah-Hartman
2014-04-01 4:08 ` [PATCH 3.13 06/22] Input: cypress_ps2 - dont report as a button pads Greg Kroah-Hartman
2014-04-01 4:08 ` [PATCH 3.13 07/22] xen/balloon: flush persistent kmaps in correct position Greg Kroah-Hartman
2014-04-01 4:08 ` [PATCH 3.13 08/22] Revert "xen: properly account for _PAGE_NUMA during xen pte translations" Greg Kroah-Hartman
2014-04-10 10:05 ` Steven Noonan
2014-04-10 10:08 ` David Vrabel
2014-04-01 4:08 ` [PATCH 3.13 09/22] i2c: cpm: Fix build by adding of_address.h and of_irq.h Greg Kroah-Hartman
2014-04-01 4:08 ` [PATCH 3.13 10/22] drm/i915: Undo gtt scratch pte unmapping again Greg Kroah-Hartman
2014-04-01 4:08 ` [PATCH 3.13 11/22] x86: fix boot on uniprocessor systems Greg Kroah-Hartman
2014-04-01 4:08 ` [PATCH 3.13 12/22] make prepend_name() work correctly when called with negative *buflen Greg Kroah-Hartman
2014-04-09 20:17 ` Sasha Levin
2014-04-01 4:08 ` [PATCH 3.13 13/22] net: mvneta: rename MVNETA_GMAC2_PSC_ENABLE to MVNETA_GMAC2_PCS_ENABLE Greg Kroah-Hartman
2014-04-01 4:08 ` [PATCH 3.13 14/22] net: mvneta: fix usage as a module on RGMII configurations Greg Kroah-Hartman
2014-04-01 4:08 ` Greg Kroah-Hartman [this message]
2014-04-01 4:08 ` [PATCH 3.13 16/22] resizable namespace.c hashes Greg Kroah-Hartman
2014-04-01 4:08 ` [PATCH 3.13 17/22] keep shadowed vfsmounts together Greg Kroah-Hartman
2014-04-01 4:08 ` [PATCH 3.13 18/22] dont bother with propagate_mnt() unless the target is shared Greg Kroah-Hartman
2014-04-01 4:08 ` [PATCH 3.13 19/22] switch mnt_hash to hlist Greg Kroah-Hartman
2014-04-01 4:08 ` [PATCH 3.13 20/22] mm: close PageTail race Greg Kroah-Hartman
2014-04-01 4:08 ` [PATCH 3.13 21/22] cgroup: protect modifications to cgroup_idr with cgroup_mutex Greg Kroah-Hartman
2014-04-01 4:08 ` [PATCH 3.13 22/22] netfilter: nf_conntrack_dccp: fix skb_header_pointer API usages Greg Kroah-Hartman
2014-04-02 0:03 ` [PATCH 3.13 00/22] 3.13.9-stable review Guenter Roeck
2014-04-03 22:45 ` Greg Kroah-Hartman
2014-04-04 13:30 ` Shuah Khan
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20140401040706.799542067@linuxfoundation.org \
--to=gregkh@linuxfoundation.org \
--cc=davem@davemloft.net \
--cc=dborkman@redhat.com \
--cc=hannes@stressinduktion.org \
--cc=linux-kernel@vger.kernel.org \
--cc=sasha.levin@oracle.com \
--cc=stable@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).