Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Skip to content
Commit 43838a23 authored by Theodore Ts'o's avatar Theodore Ts'o
Browse files

random: fix crng_ready() test 



The crng_init variable has three states:

0: The CRNG is not initialized at all
1: The CRNG has a small amount of entropy, hopefully good enough for
   early-boot, non-cryptographical use cases
2: The CRNG is fully initialized and we are sure it is safe for
   cryptographic use cases.

The crng_ready() function should only return true once we are in the
last state.  This addresses CVE-2018-1108.

Reported-by: default avatarJann Horn <jannh@google.com>
Fixes: e192be9d ("random: replace non-blocking pool...")
Cc: stable@kernel.org # 4.8+
Signed-off-by: default avatarTheodore Ts'o <tytso@mit.edu>
Reviewed-by: default avatarJann Horn <jannh@google.com>
parent 5e747dd9
Hide whitespace changes
Inline Side-by-side
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment