linux/drivers/char
Daniel Cashman ec9ee4acd9 drivers: char: random: add get_random_long()
Commit d07e22597d ("mm: mmap: add new /proc tunable for mmap_base
ASLR") added the ability to choose from a range of values to use for
entropy count in generating the random offset to the mmap_base address.

The maximum value on this range was set to 32 bits for 64-bit x86
systems, but this value could be increased further, requiring more than
the 32 bits of randomness provided by get_random_int(), as is already
possible for arm64.  Add a new function: get_random_long() which more
naturally fits with the mmap usage of get_random_int() but operates
exactly the same as get_random_int().

Also, fix the shifting constant in mmap_rnd() to be an unsigned long so
that values greater than 31 bits generate an appropriate mask without
overflow.  This is especially important on x86, as its shift instruction
uses a 5-bit mask for the shift operand, which meant that any value for
mmap_rnd_bits over 31 acts as a no-op and effectively disables mmap_base
randomization.

Finally, replace calls to get_random_int() with get_random_long() where
appropriate.

This patch (of 2):

Add get_random_long().

Signed-off-by: Daniel Cashman <dcashman@android.com>
Acked-by: Kees Cook <keescook@chromium.org>
Cc: "Theodore Ts'o" <tytso@mit.edu>
Cc: Arnd Bergmann <arnd@arndb.de>
Cc: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Cc: Catalin Marinas <catalin.marinas@arm.com>
Cc: Will Deacon <will.deacon@arm.com>
Cc: Ralf Baechle <ralf@linux-mips.org>
Cc: Benjamin Herrenschmidt <benh@kernel.crashing.org>
Cc: Paul Mackerras <paulus@samba.org>
Cc: Michael Ellerman <mpe@ellerman.id.au>
Cc: David S. Miller <davem@davemloft.net>
Cc: Thomas Gleixner <tglx@linutronix.de>
Cc: Ingo Molnar <mingo@redhat.com>
Cc: H. Peter Anvin <hpa@zytor.com>
Cc: Al Viro <viro@zeniv.linux.org.uk>
Cc: Nick Kralevich <nnk@google.com>
Cc: Jeff Vander Stoep <jeffv@google.com>
Cc: Mark Salyzyn <salyzyn@android.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2016-02-27 10:28:52 -08:00
..
agp agp/uninorth: fix a memleak in create_gatt_table 2015-10-02 22:57:59 +10:00
hw_random hwrng: stm32 - Fix dependencies for !HAS_IOMEM archs 2016-01-26 22:27:34 +08:00
ipmi ipmi: put acpi.h with the other headers 2016-02-03 10:35:52 -06:00
mwave drivers/char: delete non-required instances of include <linux/init.h> 2014-02-07 15:10:19 -08:00
pcmcia tty: Remove ASYNC_CLOSING checks in open()/hangup() methods 2015-10-17 21:11:29 -07:00
tpm keys, trusted: seal with a TPM2 authorization policy 2015-12-20 15:27:13 +02:00
xilinx_hwicap char:xilinx_hwicap:buffer_icap - change 1/0 to true/false for bool type variable in function buffer_icap_set_configuration(). 2015-06-12 16:58:33 -07:00
xillybus char: xillybus: Allow 64-bit DMA on PCIe interface 2015-08-05 12:27:09 -07:00
apm-emulation.c apm-emulation: add hibernation APM events to support suspend2disk 2014-01-07 13:50:28 +01:00
applicom.c applicom: dereferencing NULL on error path 2014-05-27 17:43:12 -07:00
applicom.h
bfin-otp.c
bsr.c bsr: avoid format string leaking into device name 2014-07-09 16:59:15 -07:00
ds1302.c
ds1620.c ds1620: single_open() leak 2013-05-05 00:11:29 -04:00
dsp56k.c drivers/char/dsp56k.c: drop check for negativity of unsigned parameter 2014-07-17 18:38:37 -07:00
dtlk.c
efirtc.c drivers/char: make efirtc.c driver explicitly non-modular 2015-09-20 19:32:35 -07:00
generic_nvram.c don't open-code generic_file_llseek_size() 2015-12-09 13:00:45 -05:00
genrtc.c rtc: single_open() leaks 2013-05-05 00:12:29 -04:00
hangcheck-timer.c hangcheck-timer: cleanup casting in hangcheck_init() 2014-11-07 11:24:01 -08:00
hpet.c hpet: Drop stale URLs 2016-02-17 09:39:56 +01:00
Kconfig drivers/char: Remove msm_smd_pkt driver 2015-05-24 12:24:35 -07:00
lp.c char: Int overflow in lp_do_ioctl(). 2013-12-18 16:39:54 -08:00
Makefile hwmon: Rename i8k driver to dell-smm-hwmon and move it to hwmon tree 2015-05-24 12:48:12 -07:00
mbcs.c don't open-code generic_file_llseek_size() 2015-12-09 13:00:45 -05:00
mbcs.h
mem.c wrappers for ->i_mutex access 2016-01-22 18:04:28 -05:00
misc.c char: make misc_deregister a void function 2015-08-05 10:35:49 -07:00
mmtimer.c
mspec.c tree wide: use kvfree() than conditional kfree()/vfree() 2016-01-22 17:02:18 -08:00
nsc_gpio.c
nvram.c don't open-code generic_file_llseek_size() 2015-12-09 13:00:45 -05:00
nwbutton.c char: nwbutton: open-code interruptible_sleep_on 2014-01-08 15:29:52 -08:00
nwbutton.h
nwflash.c new helpers: no_seek_end_llseek{,_size}() 2015-12-23 10:41:31 -05:00
pc8736x_gpio.c
ppdev.c
ps3flash.c wrappers for ->i_mutex access 2016-01-22 18:04:28 -05:00
random.c drivers: char: random: add get_random_long() 2016-02-27 10:28:52 -08:00
raw.c block: use bd{grab,put}() instead of open-coding 2016-01-13 10:24:27 -07:00
rtc.c various char drivers: remove deprecated IRQF_DISABLED 2013-10-16 12:36:10 -07:00
scx200_gpio.c
snsc_event.c various char drivers: remove deprecated IRQF_DISABLED 2013-10-16 12:36:10 -07:00
snsc.c drivers/char: make SGI snsc.c driver explicitly non-modular 2015-09-20 19:32:35 -07:00
snsc.h
sonypi.c char: drop owner assignment from platform_drivers 2014-10-20 16:20:19 +02:00
tb0219.c char: drop owner assignment from platform_drivers 2014-10-20 16:20:19 +02:00
tile-srom.c fs: move struct kiocb to fs.h 2015-03-25 20:28:11 -04:00
tlclk.c tlclk: remove deprecated IRQF_DISABLED 2013-10-16 12:36:10 -07:00
toshiba.c toshiba laptop: replace ioremap_cache with ioremap 2015-08-05 17:26:00 -07:00
ttyprintk.c ttyprintk: Allow built as a module 2014-04-16 14:21:06 -07:00
uv_mmtimer.c
virtio_console.c virtio_console: silence a static checker warning 2015-05-24 12:24:35 -07:00