[kernel] r9130 - in dists/etch-security/linux-2.6/debian: . patches/bugfix patches/series

Fri Jul 13 06:13:01 UTC 2007

Author: dannf
Date: Fri Jul 13 06:13:01 2007
New Revision: 9130

Log:
* bugfix/random-fix-seeding-with-zero-entropy.patch
  bugfix/random-fix-error-in-entropy-extraction.patch
  [SECURITY] Avoid seeding with the same values at boot time when a
  system has no entropy source and fix a casting error in entropy
  extraction that resulted in slightly less random numbers.
  See CVE-2007-2453

Added:
   dists/etch-security/linux-2.6/debian/patches/bugfix/random-fix-error-in-entropy-extraction.patch
   dists/etch-security/linux-2.6/debian/patches/bugfix/random-fix-seeding-with-zero-entropy.patch
Modified:
   dists/etch-security/linux-2.6/debian/changelog
   dists/etch-security/linux-2.6/debian/patches/series/13etch1

Modified: dists/etch-security/linux-2.6/debian/changelog
==============================================================================

--- dists/etch-security/linux-2.6/debian/changelog	(original)
+++ dists/etch-security/linux-2.6/debian/changelog	Fri Jul 13 06:13:01 2007
@@ -20,8 +20,14 @@
   * bugfix/dn_fib-out-of-bounds.patch
     [SECURITY] Fix out of bounds condition in dn_fib_props[]
     See CVE-2007-2172
+  * bugfix/random-fix-seeding-with-zero-entropy.patch
+    bugfix/random-fix-error-in-entropy-extraction.patch
+    [SECURITY] Avoid seeding with the same values at boot time when a
+    system has no entropy source and fix a casting error in entropy
+    extraction that resulted in slightly less random numbers.
+    See CVE-2007-2453
 
- -- dann frazier <dannf at debian.org>  Thu, 12 Jul 2007 23:30:55 -0600
+ -- dann frazier <dannf at debian.org>  Fri, 13 Jul 2007 00:06:31 -0600
 
 linux-2.6 (2.6.18.dfsg.1-13) stable; urgency=high
 

Added: dists/etch-security/linux-2.6/debian/patches/bugfix/random-fix-error-in-entropy-extraction.patch
==============================================================================
--- (empty file)
+++ dists/etch-security/linux-2.6/debian/patches/bugfix/random-fix-error-in-entropy-extraction.patch	Fri Jul 13 06:13:01 2007
@@ -0,0 +1,51 @@
+commit 602b6aeefe8932dd8bb15014e8fe6bb25d736361
+Author: Matt Mackall <mpm at selenic.com>
+Date:   Tue May 29 21:54:27 2007 -0500
+
+    random: fix error in entropy extraction
+    
+    Fix cast error in entropy extraction.
+    Add comments explaining the magic 16.
+    Remove extra confusing loop variable.
+    
+    Signed-off-by: Matt Mackall <mpm at selenic.com>
+    Acked-by: "Theodore Ts'o" <tytso at mit.edu>
+    Signed-off-by: Linus Torvalds <torvalds at linux-foundation.org>
+
+diff --git a/drivers/char/random.c b/drivers/char/random.c
+index 46c1b97..9705b43 100644
+--- a/drivers/char/random.c
++++ b/drivers/char/random.c
+@@ -760,7 +760,7 @@ static size_t account(struct entropy_store *r, size_t nbytes, int min,
+ 
+ static void extract_buf(struct entropy_store *r, __u8 *out)
+ {
+-	int i, x;
++	int i;
+ 	__u32 data[16], buf[5 + SHA_WORKSPACE_WORDS];
+ 
+ 	sha_init(buf);
+@@ -772,9 +772,11 @@ static void extract_buf(struct entropy_store *r, __u8 *out)
+ 	 * attempts to find previous ouputs), unless the hash
+ 	 * function can be inverted.
+ 	 */
+-	for (i = 0, x = 0; i < r->poolinfo->poolwords; i += 16, x+=2) {
+-		sha_transform(buf, (__u8 *)r->pool+i, buf + 5);
+-		add_entropy_words(r, &buf[x % 5], 1);
++	for (i = 0; i < r->poolinfo->poolwords; i += 16) {
++		/* hash blocks of 16 words = 512 bits */
++		sha_transform(buf, (__u8 *)(r->pool + i), buf + 5);
++		/* feed back portion of the resulting hash */
++		add_entropy_words(r, &buf[i % 5], 1);
+ 	}
+ 
+ 	/*
+@@ -782,7 +784,7 @@ static void extract_buf(struct entropy_store *r, __u8 *out)
+ 	 * portion of the pool while mixing, and hash one
+ 	 * final time.
+ 	 */
+-	__add_entropy_words(r, &buf[x % 5], 1, data);
++	__add_entropy_words(r, &buf[i % 5], 1, data);
+ 	sha_transform(buf, (__u8 *)data, buf + 5);
+ 
+ 	/*

Added: dists/etch-security/linux-2.6/debian/patches/bugfix/random-fix-seeding-with-zero-entropy.patch
==============================================================================
--- (empty file)
+++ dists/etch-security/linux-2.6/debian/patches/bugfix/random-fix-seeding-with-zero-entropy.patch	Fri Jul 13 06:13:01 2007
@@ -0,0 +1,97 @@
+commit 7f397dcdb78d699a20d96bfcfb595a2411a5bbd2
+Author: Matt Mackall <mpm at selenic.com>
+Date:   Tue May 29 21:58:10 2007 -0500
+
+    random: fix seeding with zero entropy
+    
+    Add data from zero-entropy random_writes directly to output pools to
+    avoid accounting difficulties on machines without entropy sources.
+    
+    Tested on lguest with all entropy sources disabled.
+    
+    Signed-off-by: Matt Mackall <mpm at selenic.com>
+    Acked-by: "Theodore Ts'o" <tytso at mit.edu>
+    Signed-off-by: Linus Torvalds <torvalds at linux-foundation.org>
+
+# Backported to Debian's 2.6.18 by dann frazier <dannf at debian.org>
+
+--- linux-source-2.6.18/drivers/char/random.c.orig	2006-09-19 21:42:06.000000000 -0600
++++ linux-source-2.6.18/drivers/char/random.c	2007-07-12 23:57:12.000000000 -0600
+@@ -1017,37 +1017,44 @@ random_poll(struct file *file, poll_tabl
+ 	return mask;
+ }
+ 
+-static ssize_t
+-random_write(struct file * file, const char __user * buffer,
+-	     size_t count, loff_t *ppos)
++static int
++write_pool(struct entropy_store *r, const char __user *buffer, size_t count)
+ {
+-	int ret = 0;
+ 	size_t bytes;
+ 	__u32 buf[16];
+ 	const char __user *p = buffer;
+-	size_t c = count;
+ 
+-	while (c > 0) {
+-		bytes = min(c, sizeof(buf));
++	while (count > 0) {
++		bytes = min(count, sizeof(buf));
++		if (copy_from_user(&buf, p, bytes))
++			return -EFAULT;
+ 
+-		bytes -= copy_from_user(&buf, p, bytes);
+-		if (!bytes) {
+-			ret = -EFAULT;
+-			break;
+-		}
+-		c -= bytes;
++		count -= bytes;
+ 		p += bytes;
+ 
+-		add_entropy_words(&input_pool, buf, (bytes + 3) / 4);
+-	}
+-	if (p == buffer) {
+-		return (ssize_t)ret;
+-	} else {
+-		struct inode *inode = file->f_dentry->d_inode;
+-	        inode->i_mtime = current_fs_time(inode->i_sb);
+-		mark_inode_dirty(inode);
+-		return (ssize_t)(p - buffer);
++		add_entropy_words(r, buf, (bytes + 3) / 4);
+ 	}
++
++	return 0;
++}
++
++static ssize_t
++random_write(struct file * file, const char __user * buffer,
++	     size_t count, loff_t *ppos)
++{
++	size_t ret;
++	struct inode *inode = file->f_path.dentry->d_inode;
++
++	ret = write_pool(&blocking_pool, buffer, count);
++	if (ret)
++		return ret;
++	ret = write_pool(&nonblocking_pool, buffer, count);
++	if (ret)
++		return ret;
++
++	inode->i_mtime = current_fs_time(inode->i_sb);
++	mark_inode_dirty(inode);
++	return (ssize_t)count;
+ }
+ 
+ static int
+@@ -1086,8 +1093,8 @@ random_ioctl(struct inode * inode, struc
+ 			return -EINVAL;
+ 		if (get_user(size, p++))
+ 			return -EFAULT;
+-		retval = random_write(file, (const char __user *) p,
+-				      size, &file->f_pos);
++		retval = write_pool(&input_pool, (const char __user *)p,
++				    size);
+ 		if (retval < 0)
+ 			return retval;
+ 		credit_entropy_store(&input_pool, ent_count);

Modified: dists/etch-security/linux-2.6/debian/patches/series/13etch1
==============================================================================
--- dists/etch-security/linux-2.6/debian/patches/series/13etch1	(original)
+++ dists/etch-security/linux-2.6/debian/patches/series/13etch1	Fri Jul 13 06:13:01 2007
@@ -5,3 +5,5 @@
 + bugfix/pppoe-socket-release-mem-leak.patch
 + bugfix/nf_conntrack_h323-bounds-checking.patch
 + bugfix/dn_fib-out-of-bounds.patch
++ bugfix/random-fix-seeding-with-zero-entropy.patch
++ bugfix/random-fix-error-in-entropy-extraction.patch

