summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
Diffstat
-rw-r--r--kernel.spec9
-rw-r--r--resend-4.9-hw_random-Don-t-use-a-stack-buffer-in-add_early_randomness.patch56
2 files changed, 64 insertions, 1 deletions
diff --git a/kernel.spec b/kernel.spec
index 015e15f09..daa12c89a 100644
--- a/kernel.spec
+++ b/kernel.spec
@@ -44,7 +44,7 @@ Summary: The Linux kernel
# For non-released -rc kernels, this will be appended after the rcX and
# gitX tags, so a 3 here would become part of release "0.rcX.gitX.3"
#
-%global baserelease 1
+%global baserelease 2
%global fedora_build %{baserelease}
# base_sublevel is the kernel version we're starting with and patching
@@ -623,6 +623,9 @@ Patch848: 0001-cpupower-Correct-return-type-of-cpu_power_is_cpu_onl.patch
#ongoing complaint, full discussion delayed until ksummit/plumbers
Patch849: 0001-iio-Use-event-header-from-kernel-tree.patch
+#rhbz 1383451
+Patch850: resend-4.9-hw_random-Don-t-use-a-stack-buffer-in-add_early_randomness.patch
+
# END OF PATCH DEFINITIONS
%endif
@@ -2164,6 +2167,10 @@ fi
#
#
%changelog
+* Mon Oct 24 2016 Laura Abbott <labbott@redhat.com> - 4.9.0-0.rc2.git0.2
+- Rebuild for build problems
+- Add fix for rng with VMAP_STACK (rhbz 1383451)
+
* Mon Oct 24 2016 Laura Abbott <labbott@redhat.com> - 4.9.0-0.rc2.git0.1
- Linux v4.9-rc2
diff --git a/resend-4.9-hw_random-Don-t-use-a-stack-buffer-in-add_early_randomness.patch b/resend-4.9-hw_random-Don-t-use-a-stack-buffer-in-add_early_randomness.patch
new file mode 100644
index 000000000..b3e4f8d9d
--- /dev/null
+++ b/resend-4.9-hw_random-Don-t-use-a-stack-buffer-in-add_early_randomness.patch
@@ -0,0 +1,56 @@
+From patchwork Mon Oct 17 17:06:27 2016
+Content-Type: text/plain; charset="utf-8"
+MIME-Version: 1.0
+Content-Transfer-Encoding: 7bit
+Subject: [resend,
+ 4.9] hw_random: Don't use a stack buffer in add_early_randomness()
+From: Andrew Lutomirski <luto@kernel.org>
+X-Patchwork-Id: 9380037
+Message-Id: <4169224b6858d1cf149f1a73f8a03603fa19076d.1476638125.git.luto@kernel.org>
+To: linux-crypto@vger.kernel.org, linux-kernel@vger.kernel.org,
+ Matt Mackall <mpm@selenic.com>, Herbert Xu <herbert@gondor.apana.org.au>,
+ Rusty Russell <rusty@rustcorp.com.au>
+Cc: Jens Axboe <axboe@fb.com>, Matt Mullins <mmullins@mmlx.us>,
+ Andy Lutomirski <luto@kernel.org>
+Date: Mon, 17 Oct 2016 10:06:27 -0700
+
+hw_random carefully avoids using a stack buffer except in
+add_early_randomness(). This causes a crash in virtio_rng if
+CONFIG_VMAP_STACK=y.
+
+Reported-by: Matt Mullins <mmullins@mmlx.us>
+Tested-by: Matt Mullins <mmullins@mmlx.us>
+Fixes: d3cc7996473a ("hwrng: fetch randomness only after device init")
+Signed-off-by: Andy Lutomirski <luto@kernel.org>
+---
+
+This fixes a crash in 4.9-rc1.
+
+resending because I typoed the git send-email command. I stealthily added
+Matt's Tested-by, too.
+
+ drivers/char/hw_random/core.c | 6 +++---
+ 1 file changed, 3 insertions(+), 3 deletions(-)
+
+diff --git a/drivers/char/hw_random/core.c b/drivers/char/hw_random/core.c
+index 9203f2d130c0..340f96e44642 100644
+--- a/drivers/char/hw_random/core.c
++++ b/drivers/char/hw_random/core.c
+@@ -84,14 +84,14 @@ static size_t rng_buffer_size(void)
+
+ static void add_early_randomness(struct hwrng *rng)
+ {
+- unsigned char bytes[16];
+ int bytes_read;
++ size_t size = min_t(size_t, 16, rng_buffer_size());
+
+ mutex_lock(&reading_mutex);
+- bytes_read = rng_get_data(rng, bytes, sizeof(bytes), 1);
++ bytes_read = rng_get_data(rng, rng_buffer, size, 1);
+ mutex_unlock(&reading_mutex);
+ if (bytes_read > 0)
+- add_device_randomness(bytes, bytes_read);
++ add_device_randomness(rng_buffer, bytes_read);
+ }
+
+ static inline void cleanup_rng(struct kref *kref)
generated by cgit (git 2.34.1) at 2024-05-08 12:20:53 +0000