linux/drivers
Theodore Ts'o 81e69df38e random: mix rdrand with entropy sent in from userspace
Fedora has integrated the jitter entropy daemon to work around slow
boot problems, especially on VM's that don't support virtio-rng:

    https://bugzilla.redhat.com/show_bug.cgi?id=1572944

It's understandable why they did this, but the Jitter entropy daemon
works fundamentally on the principle: "the CPU microarchitecture is
**so** complicated and we can't figure it out, so it *must* be
random".  Yes, it uses statistical tests to "prove" it is secure, but
AES_ENCRYPT(NSA_KEY, COUNTER++) will also pass statistical tests with
flying colors.

So if RDRAND is available, mix it into entropy submitted from
userspace.  It can't hurt, and if you believe the NSA has backdoored
RDRAND, then they probably have enough details about the Intel
microarchitecture that they can reverse engineer how the Jitter
entropy daemon affects the microarchitecture, and attack its output
stream.  And if RDRAND is in fact an honest DRNG, it will immeasurably
improve on what the Jitter entropy daemon might produce.

This also provides some protection against someone who is able to read
or set the entropy seed file.

Signed-off-by: Theodore Ts'o <tytso@mit.edu>
Cc: stable@vger.kernel.org
Cc: Arnd Bergmann <arnd@arndb.de>
2018-07-17 21:32:36 -04:00
..
accessibility
acpi Merge branches 'acpi-tables' and 'acpica' 2018-07-05 13:03:43 +02:00
amba Merge branch 'for-linus' of git://git.armlinux.org.uk/~rmk/linux-arm 2018-06-06 13:49:25 -07:00
android treewide: kzalloc() -> kcalloc() 2018-06-12 16:19:22 -07:00
ata treewide: devm_kzalloc() -> devm_kcalloc() 2018-06-12 16:19:22 -07:00
atm atm: zatm: Fix potential Spectre v1 2018-06-30 21:24:18 +09:00
auxdisplay treewide: kmalloc() -> kmalloc_array() 2018-06-12 16:19:22 -07:00
base PM / Domains: Don't power on at attach for the multi PM domain case 2018-07-03 16:42:51 +02:00
bcma dma-mapping updates for 4.18: 2018-06-04 10:58:12 -07:00
block for-linus-20180706 2018-07-06 19:13:42 -07:00
bluetooth bluetooth: hci_nokia: Don't include linux/unaligned/le_struct.h directly. 2018-06-17 08:38:55 +09:00
bus bus: ti-sysc: Use 2-factor allocator arguments 2018-07-02 04:24:44 -07:00
cdrom treewide: kmalloc() -> kmalloc_array() 2018-06-12 16:19:22 -07:00
char random: mix rdrand with entropy sent in from userspace 2018-07-17 21:32:36 -04:00
clk clk: davinci: fixes for 4.18 2018-06-27 11:01:29 -07:00
clocksource Merge branch 'timers-urgent-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip 2018-06-24 19:16:42 +08:00
connector Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-next 2018-06-06 18:39:49 -07:00
cpufreq cpufreq: qcom-kryo: Fix error handling in probe() 2018-06-24 23:00:36 +02:00
cpuidle powerpc updates for 4.18 2018-06-07 10:23:33 -07:00
crypto Merge branch 'linus' of git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6 2018-06-24 06:31:54 +08:00
dax dax: check for QUEUE_FLAG_DAX in bdev_dax_supported() 2018-06-28 16:06:08 -04:00
dca
devfreq treewide: devm_kzalloc() -> devm_kcalloc() 2018-06-12 16:19:22 -07:00
dio
dma dmaengine: k3dma: Off by one in k3_of_dma_simple_xlate() 2018-06-28 11:57:21 +05:30
dma-buf
edac treewide: kzalloc() -> kcalloc() 2018-06-12 16:19:22 -07:00
eisa
extcon treewide: kzalloc() -> kcalloc() 2018-06-12 16:19:22 -07:00
firewire treewide: kmalloc() -> kmalloc_array() 2018-06-12 16:19:22 -07:00
firmware efi/libstub/tpm: Initialize efi_physical_addr_t vars to zero for mixed mode 2018-06-22 10:58:27 +02:00
fmc treewide: kzalloc() -> kcalloc() 2018-06-12 16:19:22 -07:00
fpga
fsi
gpio treewide: devm_kzalloc() -> devm_kcalloc() 2018-06-12 16:19:22 -07:00
gpu Fixups 2018-07-06 10:47:02 +10:00
hid Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jikos/hid 2018-06-20 16:42:39 +09:00
hsi
hv treewide: kzalloc() -> kcalloc() 2018-06-12 16:19:22 -07:00
hwmon hwmon: (nct6775) Fix loop limit 2018-06-16 16:40:36 -07:00
hwspinlock hwspinlock updates for v4.18 2018-06-11 12:09:19 -07:00
hwtracing treewide: devm_kzalloc() -> devm_kcalloc() 2018-06-12 16:19:22 -07:00
i2c i2c: gpio: initialize SCL to HIGH again 2018-06-29 08:23:12 +02:00
ide treewide: kzalloc() -> kcalloc() 2018-06-12 16:19:22 -07:00
idle
iio iio: imu: inv_mpu6050: Fix probe() failure on older ACPI based machines 2018-06-24 14:50:52 +01:00
infiniband mlx5-fixes-2018-06-26 2018-06-28 16:21:35 +09:00
input Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/dtor/input 2018-06-27 09:16:53 -07:00
iommu Revert "iommu/intel-iommu: Enable CONFIG_DMA_DIRECT_OPS=y and clean up intel_{alloc,free}_coherent()" 2018-07-05 13:32:06 -06:00
ipack treewide: kzalloc() -> kcalloc() 2018-06-12 16:19:22 -07:00
irqchip irqchip/gic-v3-its: Fix reprogramming of redistributors on CPU hotplug 2018-06-22 14:22:02 +02:00
isdn Revert changes to convert to ->poll_mask() and aio IOCB_CMD_POLL 2018-06-28 10:40:47 -07:00
leds treewide: devm_kzalloc() -> devm_kcalloc() 2018-06-12 16:19:22 -07:00
lightnvm for-linus-20180623 2018-06-24 06:33:54 +08:00
macintosh powerpc updates for 4.18 2018-06-07 10:23:33 -07:00
mailbox treewide: devm_kzalloc() -> devm_kcalloc() 2018-06-12 16:19:22 -07:00
mcb
md Merge branch 'for-next' of git://git.kernel.org/pub/scm/linux/kernel/git/shli/md 2018-07-02 12:40:59 -07:00
media bpf: fix attach type BPF_LIRC_MODE2 dependency wrt CONFIG_CGROUP_BPF 2018-06-26 11:28:38 +02:00
memory - Error path bug fix for overflow tests (Dan) 2018-06-12 18:28:00 -07:00
memstick treewide: kmalloc() -> kmalloc_array() 2018-06-12 16:19:22 -07:00
message treewide: kmalloc() -> kmalloc_array() 2018-06-12 16:19:22 -07:00
mfd Merge branch 'i2c/for-4.18' of git://git.kernel.org/pub/scm/linux/kernel/git/wsa/linux 2018-06-14 16:21:46 +09:00
misc Merge branch 'i2c/for-4.18' of git://git.kernel.org/pub/scm/linux/kernel/git/wsa/linux 2018-06-14 16:21:46 +09:00
mmc treewide: devm_kzalloc() -> devm_kcalloc() 2018-06-12 16:19:22 -07:00
mtd mtd: rawnand: denali_dt: set clk_x_rate to 200 MHz unconditionally 2018-06-22 18:47:56 +02:00
mux
net pci-v4.18-fixes-2 2018-07-08 10:55:21 -07:00
nfc NFC: pn533: Fix wrong GFP flag usage 2018-06-25 21:36:45 +08:00
ntb - Error path bug fix for overflow tests (Dan) 2018-06-12 18:28:00 -07:00
nubus Char/Misc driver patches for 4.18-rc1 2018-06-05 16:20:22 -07:00
nvdimm pmem: only set QUEUE_FLAG_DAX for fsdax mode 2018-06-28 16:05:59 -04:00
nvme nvme-rdma: fix possible double free of controller async event buffer 2018-06-28 16:29:54 +02:00
nvmem treewide: kzalloc() -> kcalloc() 2018-06-12 16:19:22 -07:00
of - Error path bug fix for overflow tests (Dan) 2018-06-12 18:28:00 -07:00
opp PM / OPP: Update voltage in case freq == old_freq 2018-06-19 15:53:32 +05:30
oprofile treewide: Use array_size() in vmalloc() 2018-06-12 16:19:22 -07:00
parisc dma-mapping updates for 4.18: 2018-06-04 10:58:12 -07:00
parport docs: Fix some broken references 2018-06-15 18:10:01 -03:00
pci pci-v4.18-fixes-2 2018-07-08 10:55:21 -07:00
pcmcia treewide: kzalloc() -> kcalloc() 2018-06-12 16:19:22 -07:00
perf drivers/perf: xgene_pmu: Fix IOB SLOW PMU parser error 2018-06-18 17:48:42 +01:00
phy Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-next 2018-06-06 18:39:49 -07:00
pinctrl pinctrl: mt7622: fix a kernel panic when pio don't work as EINT controller 2018-06-18 07:55:57 +02:00
platform fix a series of Documentation/ broken file name references 2018-06-15 18:10:01 -03:00
pnp media updates for v4.18-rc1 2018-06-07 12:34:37 -07:00
power treewide: devm_kzalloc() -> devm_kcalloc() 2018-06-12 16:19:22 -07:00
powercap treewide: kzalloc() -> kcalloc() 2018-06-12 16:19:22 -07:00
pps
ps3
ptp ptp: replace getnstimeofday64() with ktime_get_real_ts64() 2018-06-20 07:59:53 +09:00
pwm pwm: Changes for v4.18-rc1 2018-06-14 16:25:43 +09:00
rapidio treewide: Use array_size() in vmalloc() 2018-06-12 16:19:22 -07:00
ras
regulator treewide: devm_kzalloc() -> devm_kcalloc() 2018-06-12 16:19:22 -07:00
remoteproc treewide: use PHYS_ADDR_MAX to avoid type casting ULLONG_MAX 2018-06-15 07:55:25 +09:00
reset - Error path bug fix for overflow tests (Dan) 2018-06-12 18:28:00 -07:00
rpmsg rpmsg: smd: do not use mananged resources for endpoints and channels 2018-06-04 12:35:03 -07:00
rtc - New Device Support 2018-06-11 07:20:17 -07:00
s390 Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/s390/linux 2018-07-06 09:14:34 -07:00
sbus fix a series of Documentation/ broken file name references 2018-06-15 18:10:01 -03:00
scsi SCSI fixes on 20180706 2018-07-06 19:45:47 -07:00
sfi
sh treewide: kzalloc() -> kcalloc() 2018-06-12 16:19:22 -07:00
siox
slimbus treewide: kzalloc() -> kcalloc() 2018-06-12 16:19:22 -07:00
sn
soc Qualcomm Fixes for v4.18-rc2 2018-06-26 10:42:31 -07:00
soundwire docs: Fix more broken references 2018-06-15 18:11:26 -03:00
spi treewide: devm_kzalloc() -> devm_kcalloc() 2018-06-12 16:19:22 -07:00
spmi
ssb
staging Staging/IIO fixes for 4.18-rc3 2018-07-01 12:20:20 -07:00
target scsi: target: Fix truncated PR-in ReadKeys response 2018-06-19 21:36:37 -04:00
tc
tee
thermal - Error path bug fix for overflow tests (Dan) 2018-06-12 18:28:00 -07:00
thunderbolt
tty vt: prevent leaking uninitialized data to userspace via /dev/vcs* 2018-06-28 21:34:39 +09:00
uio treewide: kzalloc() -> kcalloc() 2018-06-12 16:19:22 -07:00
usb USB-serial fixes for v4.18-rc3 2018-06-28 19:19:10 +09:00
uwb treewide: kmalloc() -> kmalloc_array() 2018-06-12 16:19:22 -07:00
vfio vfio: Use get_user_pages_longterm correctly 2018-06-30 13:58:09 -06:00
vhost vhost_net: validate sock before trying to put its fd 2018-06-23 10:23:49 +09:00
video Solve a series of broken links for files under Documentation: 2018-06-17 05:25:18 +09:00
virt treewide: kzalloc() -> kcalloc() 2018-06-12 16:19:22 -07:00
virtio virtio, vhost: features, fixes 2018-06-16 06:35:02 +09:00
visorbus
vlynq
vme
w1 Char/Misc driver patches for 4.18-rc1 2018-06-05 16:20:22 -07:00
watchdog MIPS changes for 4.18 2018-06-12 12:56:02 -07:00
xen xen: fixes for 4.18-rc2 2018-06-23 20:44:11 +08:00
zorro - Introduce arithmetic overflow test helper functions (Rasmus) 2018-06-06 17:27:14 -07:00
Kconfig
Makefile