| Message ID | 20201216162807.10685-1-matthias.bgg@kernel.org |
|---|---|
| Headers | show |
| Series | Use RNG to get random behaviour | expand |
On Wed, 16 Dec 2020 17:28:05 +0100 matthias.bgg@kernel.org wrote: > From: Matthias Brugger <mbrugger@suse.com> > > > For now bootp and uuid code use a weak seed for generating random > data. U-Boot as support for RNG devices now, so we should change to > code to use them if they are present. This will help mitigate issues > like seen in CVE-2019-11690. > > Changes in v2: > - fix dm_rng_read() parameters > - add missing include > - fix dm_rng_read() parameters > - add missing include file One more thing for both patches: https://www.kernel.org/doc/html/latest/process/coding-style.html#conditional-compilation If U-Boot also follows these, it should be if (IS_ENABLED(CONFIG_DM_RNG) ) { ... } Instead of #if defined(...). AFAICS, it's easy to see for the compiler that randv is constantly 0 if only the devp usage is made conditional. That would also be more readable. Torsten
From: Matthias Brugger <mbrugger@suse.com> For now bootp and uuid code use a weak seed for generating random data. U-Boot as support for RNG devices now, so we should change to code to use them if they are present. This will help mitigate issues like seen in CVE-2019-11690. Changes in v2: - fix dm_rng_read() parameters - add missing include - fix dm_rng_read() parameters - add missing include file Matthias Brugger (2): lib: uuid: use RNG device if present net: Use NDRNG device in srand_mac() lib/uuid.c | 21 ++++++++++++++++++--- net/net_rand.h | 19 ++++++++++++++++++- 2 files changed, 36 insertions(+), 4 deletions(-)