[PATCH 4.4-cip 5/6] drivers: char: random: add get_random_long()

Ben Hutchings <ben.hutchings@...>

Daniel Cashman <dcashman@...>

commit ec9ee4acd97c0039a61c0ae4f12705767ae62153 upstream.

Commit d07e22597d1d ("mm: mmap: add new /proc tunable for mmap_base
ASLR") added the ability to choose from a range of values to use for
entropy count in generating the random offset to the mmap_base address.

The maximum value on this range was set to 32 bits for 64-bit x86
systems, but this value could be increased further, requiring more than
the 32 bits of randomness provided by get_random_int(), as is already
possible for arm64. Add a new function: get_random_long() which more
naturally fits with the mmap usage of get_random_int() but operates
exactly the same as get_random_int().

Also, fix the shifting constant in mmap_rnd() to be an unsigned long so
that values greater than 31 bits generate an appropriate mask without
overflow. This is especially important on x86, as its shift instruction
uses a 5-bit mask for the shift operand, which meant that any value for
mmap_rnd_bits over 31 acts as a no-op and effectively disables mmap_base

Finally, replace calls to get_random_int() with get_random_long() where

This patch (of 2):

Add get_random_long().

Signed-off-by: Daniel Cashman <dcashman@...>
Acked-by: Kees Cook <keescook@...>
Cc: "Theodore Ts'o" <tytso@...>
Cc: Arnd Bergmann <arnd@...>
Cc: Greg Kroah-Hartman <gregkh@...>
Cc: Catalin Marinas <catalin.marinas@...>
Cc: Will Deacon <will.deacon@...>
Cc: Ralf Baechle <ralf@...>
Cc: Benjamin Herrenschmidt <benh@...>
Cc: Paul Mackerras <paulus@...>
Cc: Michael Ellerman <mpe@...>
Cc: David S. Miller <davem@...>
Cc: Thomas Gleixner <tglx@...>
Cc: Ingo Molnar <mingo@...>
Cc: H. Peter Anvin <hpa@...>
Cc: Al Viro <viro@...>
Cc: Nick Kralevich <nnk@...>
Cc: Jeff Vander Stoep <jeffv@...>
Cc: Mark Salyzyn <salyzyn@...>
Signed-off-by: Andrew Morton <akpm@...>
Signed-off-by: Linus Torvalds <torvalds@...>
Signed-off-by: Ben Hutchings <ben.hutchings@...>
drivers/char/random.c | 22 ++++++++++++++++++++++
include/linux/random.h | 1 +
2 files changed, 23 insertions(+)

diff --git a/drivers/char/random.c b/drivers/char/random.c
index 491a4dce13fe..d93dfebae0bb 100644
--- a/drivers/char/random.c
+++ b/drivers/char/random.c
@@ -1825,6 +1825,28 @@ unsigned int get_random_int(void)

+ * Same as get_random_int(), but returns unsigned long.
+ */
+unsigned long get_random_long(void)
+ __u32 *hash;
+ unsigned long ret;
+ if (arch_get_random_long(&ret))
+ return ret;
+ hash = get_cpu_var(get_random_int_hash);
+ hash[0] += current->pid + jiffies + random_get_entropy();
+ md5_transform(hash, random_int_secret);
+ ret = *(unsigned long *)hash;
+ put_cpu_var(get_random_int_hash);
+ return ret;
* randomize_range() returns a start address such that
* [...... <range> .....]
diff --git a/include/linux/random.h b/include/linux/random.h
index a75840c1aa71..9c29122037f9 100644
--- a/include/linux/random.h
+++ b/include/linux/random.h
@@ -34,6 +34,7 @@ extern const struct file_operations random_fops, urandom_fops;

unsigned int get_random_int(void);
+unsigned long get_random_long(void);
unsigned long randomize_range(unsigned long start, unsigned long end, unsigned long len);

u32 prandom_u32(void);

Ben Hutchings
Software Developer, Codethink Ltd.