Hi, Mark H Weaver <[email protected]> writes:
> [email protected] (Ludovic Courtès) writes: > >> Mark H Weaver <[email protected]> skribis: >> >>> FYI, I just pushed commit 8c21c64e59d3f4d223d8aeef91f06fdde7de1ab7 which >>> updates linux-libre to 4.16.6. Would you like to see if the problem >>> still persists? >> >> It does. > > I suggest doing a git bisect on the 4.16.y branch of the linux-stable > git repository, between the 4.16.3 and 4.16.4 tags. I did it, here is the result: --8<---------------cut here---------------start------------->8--- cd8d7a5778a4abf76ee8fe8f1bfcf78976029f8d is the first bad commit commit cd8d7a5778a4abf76ee8fe8f1bfcf78976029f8d Author: Theodore Ts'o <[email protected]> Date: Wed Apr 11 13:27:52 2018 -0400 random: fix crng_ready() test commit 43838a23a05fbd13e47d750d3dfd77001536dd33 upstream. The crng_init variable has three states: 0: The CRNG is not initialized at all 1: The CRNG has a small amount of entropy, hopefully good enough for early-boot, non-cryptographical use cases 2: The CRNG is fully initialized and we are sure it is safe for cryptographic use cases. The crng_ready() function should only return true once we are in the last state. This addresses CVE-2018-1108. Reported-by: Jann Horn <[email protected]> Fixes: e192be9d9a30 ("random: replace non-blocking pool...") Cc: [email protected] # 4.8+ Signed-off-by: Theodore Ts'o <[email protected]> Reviewed-by: Jann Horn <[email protected]> Signed-off-by: Greg Kroah-Hartman <[email protected]> :040000 040000 4bdc62a4604b0a754614e8601ce794f316e83622 da682af7d9d779f193becb7757a8722a71e5d85d M drivers --8<---------------cut here---------------end--------------->8--- Clément
