Author: dannf
Date: Fri Jul 13 06:13:01 2007
New Revision: 9130
Log:
* bugfix/random-fix-seeding-with-zero-entropy.patch
bugfix/random-fix-error-in-entropy-extraction.patch
[SECURITY] Avoid seeding with the same values at boot time when a
system has no entropy source and fix a casting error in entropy
extraction that resulted in slightly less random numbers.
See CVE-2007-2453
Added:
dists/etch-security/linux-2.6/debian/patches/bugfix/random-fix-error-in-entropy-extraction.patch
dists/etch-security/linux-2.6/debian/patches/bugfix/random-fix-seeding-with-zero-entropy.patch
Modified:
dists/etch-security/linux-2.6/debian/changelog
dists/etch-security/linux-2.6/debian/patches/series/13etch1
Modified: dists/etch-security/linux-2.6/debian/changelog
==============================================================================
--- dists/etch-security/linux-2.6/debian/changelog (original)
+++ dists/etch-security/linux-2.6/debian/changelog Fri Jul 13 06:13:01 2007
@@ -20,8 +20,14 @@
* bugfix/dn_fib-out-of-bounds.patch
[SECURITY] Fix out of bounds condition in dn_fib_props[]
See CVE-2007-2172
+ * bugfix/random-fix-seeding-with-zero-entropy.patch
+ bugfix/random-fix-error-in-entropy-extraction.patch
+ [SECURITY] Avoid seeding with the same values at boot time when a
+ system has no entropy source and fix a casting error in entropy
+ extraction that resulted in slightly less random numbers.
+ See CVE-2007-2453
- -- dann frazier <[EMAIL PROTECTED]> Thu, 12 Jul 2007 23:30:55 -0600
+ -- dann frazier <[EMAIL PROTECTED]> Fri, 13 Jul 2007 00:06:31 -0600
linux-2.6 (2.6.18.dfsg.1-13) stable; urgency=high
Added:
dists/etch-security/linux-2.6/debian/patches/bugfix/random-fix-error-in-entropy-extraction.patch
==============================================================================
--- (empty file)
+++
dists/etch-security/linux-2.6/debian/patches/bugfix/random-fix-error-in-entropy-extraction.patch
Fri Jul 13 06:13:01 2007
@@ -0,0 +1,51 @@
+commit 602b6aeefe8932dd8bb15014e8fe6bb25d736361
+Author: Matt Mackall <[EMAIL PROTECTED]>
+Date: Tue May 29 21:54:27 2007 -0500
+
+ random: fix error in entropy extraction
+
+ Fix cast error in entropy extraction.
+ Add comments explaining the magic 16.
+ Remove extra confusing loop variable.
+
+ Signed-off-by: Matt Mackall <[EMAIL PROTECTED]>
+ Acked-by: "Theodore Ts'o" <[EMAIL PROTECTED]>
+ Signed-off-by: Linus Torvalds <[EMAIL PROTECTED]>
+
+diff --git a/drivers/char/random.c b/drivers/char/random.c
+index 46c1b97..9705b43 100644
+--- a/drivers/char/random.c
++++ b/drivers/char/random.c
+@@ -760,7 +760,7 @@ static size_t account(struct entropy_store *r, size_t
nbytes, int min,
+
+ static void extract_buf(struct entropy_store *r, __u8 *out)
+ {
+- int i, x;
++ int i;
+ __u32 data[16], buf[5 + SHA_WORKSPACE_WORDS];
+
+ sha_init(buf);
+@@ -772,9 +772,11 @@ static void extract_buf(struct entropy_store *r, __u8
*out)
+ * attempts to find previous ouputs), unless the hash
+ * function can be inverted.
+ */
+- for (i = 0, x = 0; i < r->poolinfo->poolwords; i += 16, x+=2) {
+- sha_transform(buf, (__u8 *)r->pool+i, buf + 5);
+- add_entropy_words(r, &buf[x % 5], 1);
++ for (i = 0; i < r->poolinfo->poolwords; i += 16) {
++ /* hash blocks of 16 words = 512 bits */
++ sha_transform(buf, (__u8 *)(r->pool + i), buf + 5);
++ /* feed back portion of the resulting hash */
++ add_entropy_words(r, &buf[i % 5], 1);
+ }
+
+ /*
+@@ -782,7 +784,7 @@ static void extract_buf(struct entropy_store *r, __u8 *out)
+ * portion of the pool while mixing, and hash one
+ * final time.
+ */
+- __add_entropy_words(r, &buf[x % 5], 1, data);
++ __add_entropy_words(r, &buf[i % 5], 1, data);
+ sha_transform(buf, (__u8 *)data, buf + 5);
+
+ /*
Added:
dists/etch-security/linux-2.6/debian/patches/bugfix/random-fix-seeding-with-zero-entropy.patch
==============================================================================
--- (empty file)
+++
dists/etch-security/linux-2.6/debian/patches/bugfix/random-fix-seeding-with-zero-entropy.patch
Fri Jul 13 06:13:01 2007
@@ -0,0 +1,97 @@
+commit 7f397dcdb78d699a20d96bfcfb595a2411a5bbd2
+Author: Matt Mackall <[EMAIL PROTECTED]>
+Date: Tue May 29 21:58:10 2007 -0500
+
+ random: fix seeding with zero entropy
+
+ Add data from zero-entropy random_writes directly to output pools to
+ avoid accounting difficulties on machines without entropy sources.
+
+ Tested on lguest with all entropy sources disabled.
+
+ Signed-off-by: Matt Mackall <[EMAIL PROTECTED]>
+ Acked-by: "Theodore Ts'o" <[EMAIL PROTECTED]>
+ Signed-off-by: Linus Torvalds <[EMAIL PROTECTED]>
+
+# Backported to Debian's 2.6.18 by dann frazier <[EMAIL PROTECTED]>
+
+--- linux-source-2.6.18/drivers/char/random.c.orig 2006-09-19
21:42:06.000000000 -0600
++++ linux-source-2.6.18/drivers/char/random.c 2007-07-12 23:57:12.000000000
-0600
+@@ -1017,37 +1017,44 @@ random_poll(struct file *file, poll_tabl
+ return mask;
+ }
+
+-static ssize_t
+-random_write(struct file * file, const char __user * buffer,
+- size_t count, loff_t *ppos)
++static int
++write_pool(struct entropy_store *r, const char __user *buffer, size_t count)
+ {
+- int ret = 0;
+ size_t bytes;
+ __u32 buf[16];
+ const char __user *p = buffer;
+- size_t c = count;
+
+- while (c > 0) {
+- bytes = min(c, sizeof(buf));
++ while (count > 0) {
++ bytes = min(count, sizeof(buf));
++ if (copy_from_user(&buf, p, bytes))
++ return -EFAULT;
+
+- bytes -= copy_from_user(&buf, p, bytes);
+- if (!bytes) {
+- ret = -EFAULT;
+- break;
+- }
+- c -= bytes;
++ count -= bytes;
+ p += bytes;
+
+- add_entropy_words(&input_pool, buf, (bytes + 3) / 4);
+- }
+- if (p == buffer) {
+- return (ssize_t)ret;
+- } else {
+- struct inode *inode = file->f_dentry->d_inode;
+- inode->i_mtime = current_fs_time(inode->i_sb);
+- mark_inode_dirty(inode);
+- return (ssize_t)(p - buffer);
++ add_entropy_words(r, buf, (bytes + 3) / 4);
+ }
++
++ return 0;
++}
++
++static ssize_t
++random_write(struct file * file, const char __user * buffer,
++ size_t count, loff_t *ppos)
++{
++ size_t ret;
++ struct inode *inode = file->f_path.dentry->d_inode;
++
++ ret = write_pool(&blocking_pool, buffer, count);
++ if (ret)
++ return ret;
++ ret = write_pool(&nonblocking_pool, buffer, count);
++ if (ret)
++ return ret;
++
++ inode->i_mtime = current_fs_time(inode->i_sb);
++ mark_inode_dirty(inode);
++ return (ssize_t)count;
+ }
+
+ static int
+@@ -1086,8 +1093,8 @@ random_ioctl(struct inode * inode, struc
+ return -EINVAL;
+ if (get_user(size, p++))
+ return -EFAULT;
+- retval = random_write(file, (const char __user *) p,
+- size, &file->f_pos);
++ retval = write_pool(&input_pool, (const char __user *)p,
++ size);
+ if (retval < 0)
+ return retval;
+ credit_entropy_store(&input_pool, ent_count);
Modified: dists/etch-security/linux-2.6/debian/patches/series/13etch1
==============================================================================
--- dists/etch-security/linux-2.6/debian/patches/series/13etch1 (original)
+++ dists/etch-security/linux-2.6/debian/patches/series/13etch1 Fri Jul 13
06:13:01 2007
@@ -5,3 +5,5 @@
+ bugfix/pppoe-socket-release-mem-leak.patch
+ bugfix/nf_conntrack_h323-bounds-checking.patch
+ bugfix/dn_fib-out-of-bounds.patch
++ bugfix/random-fix-seeding-with-zero-entropy.patch
++ bugfix/random-fix-error-in-entropy-extraction.patch
_______________________________________________
Kernel-svn-changes mailing list
[email protected]
http://lists.alioth.debian.org/mailman/listinfo/kernel-svn-changes
