• Jarod Wilson's avatar
    drivers/char/random.c: fix priming of last_data · 1e7e2e05
    Jarod Wilson authored
    Commit ec8f02da ("random: prime last_data value per fips
    requirements") added priming of last_data per fips requirements.
    
    Unfortuantely, it did so in a way that can lead to multiple threads all
    incrementing nbytes, but only one actually doing anything with the extra
    data, which leads to some fun random corruption and panics.
    
    The fix is to simply do everything needed to prime last_data in a single
    shot, so there's no window for multiple cpus to increment nbytes -- in
    fact, we won't even increment or decrement nbytes anymore, we'll just
    extract the needed EXTRACT_SIZE one time per pool and then carry on with
    the normal routine.
    
    All these changes have been tested across multiple hosts and
    architectures where panics were previously encoutered.  The code changes
    are are strictly limited to areas only touched when when booted in fips
    mode.
    
    This change should also go into 3.8-stable, to make the myriads of fips
    users on 3.8.x happy.
    Signed-off-by: default avatarJarod Wilson <jarod@redhat.com>
    Tested-by: default avatarJan Stancek <jstancek@redhat.com>
    Tested-by: default avatarJan Stodola <jstodola@redhat.com>
    Cc: Herbert Xu <herbert@gondor.apana.org.au>
    Acked-by: default avatarNeil Horman <nhorman@tuxdriver.com>
    Cc: "David S. Miller" <davem@davemloft.net>
    Cc: Matt Mackall <mpm@selenic.com>
    Cc: "Theodore Ts'o" <tytso@mit.edu>
    Cc: <stable@vger.kernel.org>
    Signed-off-by: default avatarAndrew Morton <akpm@linux-foundation.org>
    Signed-off-by: default avatarLinus Torvalds <torvalds@linux-foundation.org>
    1e7e2e05
random.c 44.5 KB