android_kernel_google_msm/drivers/char
Theodore Ts'o 095f11b227 random: mix rdrand with entropy sent in from userspace
commit 81e69df38e2911b642ec121dec319fad2a4782f3 upstream.

Fedora has integrated the jitter entropy daemon to work around slow
boot problems, especially on VM's that don't support virtio-rng:

    https://bugzilla.redhat.com/show_bug.cgi?id=1572944

It's understandable why they did this, but the Jitter entropy daemon
works fundamentally on the principle: "the CPU microarchitecture is
**so** complicated and we can't figure it out, so it *must* be
random".  Yes, it uses statistical tests to "prove" it is secure, but
AES_ENCRYPT(NSA_KEY, COUNTER++) will also pass statistical tests with
flying colors.

So if RDRAND is available, mix it into entropy submitted from
userspace.  It can't hurt, and if you believe the NSA has backdoored
RDRAND, then they probably have enough details about the Intel
microarchitecture that they can reverse engineer how the Jitter
entropy daemon affects the microarchitecture, and attack its output
stream.  And if RDRAND is in fact an honest DRNG, it will immeasurably
improve on what the Jitter entropy daemon might produce.

This also provides some protection against someone who is able to read
or set the entropy seed file.

Signed-off-by: Theodore Ts'o <tytso@mit.edu>
Cc: stable@vger.kernel.org
Cc: Arnd Bergmann <arnd@arndb.de>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Change-Id: I4d4ac36af58c5f3d1a5066b54afff4b8f478affd
2023-03-24 20:53:06 +01:00
..
agp agp/intel: Fix typo in needs_ilk_vtd_wa() 2015-10-22 09:20:06 +08:00
diag char: Fix NULL pointer dereferences 2016-10-29 23:12:34 +08:00
hw_random hwrng: core - Don't use a stack buffer in add_early_randomness() 2023-03-24 20:53:04 +01:00
ipmi ipmi: fix timeout calculation when bmc is disconnected 2015-09-18 09:20:46 +08:00
mwave
pcmcia
tpm Merge remote-tracking branch 'stable/linux-3.4.y' into lineage-15.1 2017-12-27 17:13:15 +03:00
xilinx_hwicap
adsprpc.c char: Fix NULL pointer dereferences 2016-10-29 23:12:34 +08:00
adsprpc_shared.h
apm-emulation.c
applicom.c
applicom.h
bfin-otp.c
bsr.c
csdio.c
dcc_tty.c
ds1302.c
ds1620.c
dsp56k.c
dtlk.c
efirtc.c
generic_nvram.c
genrtc.c
hangcheck-timer.c
hpet.c
i8k.c
Kconfig Fixing an issue that caused DEVPORT to always be set. 2020-11-09 21:31:14 +01:00
lp.c
Makefile
mbcs.c
mbcs.h
mem.c mm: Tighten x86 /dev/mem with zeroing reads 2017-07-04 12:34:19 +03:00
misc.c
mmtimer.c
msm_rotator.c Rotator getting stuck leading to fence timeout 2018-08-27 14:52:43 +00:00
msm_smd_pkt.c
mspec.c
nsc_gpio.c
nvram.c
nwbutton.c
nwbutton.h
nwflash.c
pc8736x_gpio.c
ppdev.c
ps3flash.c
ramoops.c
random.c random: mix rdrand with entropy sent in from userspace 2023-03-24 20:53:06 +01:00
raw.c
rtc.c
scx200_gpio.c
snsc.c
snsc.h
snsc_event.c
sonypi.c
tb0219.c
tile-srom.c
tlclk.c
toshiba.c
ttyprintk.c
uv_mmtimer.c
virtio_console.c virtio_console: avoid config access from irq 2015-06-19 11:40:25 +08:00