This is a note to let you know that I've just added the patch titled efi: random: Properly limit the size of the random seed to the 4.14-stable tree which can be found at: http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=summary The filename of the patch is: efi-random-properly-limit-the-size-of-the-random-seed.patch and it can be found in the queue-4.14 subdirectory. If you, or anyone else, feels it should not be added to the stable tree, please let <stable@xxxxxxxxxxxxxxx> know about it. >From ben@xxxxxxxxxxxxxxx Sat Dec 3 14:43:55 2022 From: Ben Hutchings <ben@xxxxxxxxxxxxxxx> Date: Thu, 1 Dec 2022 00:47:22 +0100 Subject: efi: random: Properly limit the size of the random seed To: stable@xxxxxxxxxxxxxxx Cc: Ard Biesheuvel <ardb@xxxxxxxxxx>, "Jason A. Donenfeld" <Jason@xxxxxxxxx>, Ilias Apalodimas <ilias.apalodimas@xxxxxxxxxx> Message-ID: <Y4frikbdKtF5V1WU@xxxxxxxxxxxxxxx> Content-Disposition: inline From: Ben Hutchings <ben@xxxxxxxxxxxxxxx> Commit be36f9e7517e ("efi: READ_ONCE rng seed size before munmap") added a READ_ONCE() and also changed the call to add_bootloader_randomness() to use the local size variable. Neither of these changes was actually needed and this was not backported to the 4.14 stable branch. Commit 161a438d730d ("efi: random: reduce seed size to 32 bytes") reverted the addition of READ_ONCE() and added a limit to the value of size. This depends on the earlier commit, because size can now differ from seed->size, but it was wrongly backported to the 4.14 stable branch by itself. Apply the missing change to the add_bootloader_randomness() parameter (except that here we are still using add_device_randomness()). Fixes: 700485f70e50 ("efi: random: reduce seed size to 32 bytes") Signed-off-by: Ben Hutchings <ben@xxxxxxxxxxxxxxx> Signed-off-by: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx> --- drivers/firmware/efi/efi.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) --- a/drivers/firmware/efi/efi.c +++ b/drivers/firmware/efi/efi.c @@ -541,7 +541,7 @@ int __init efi_config_parse_tables(void seed = early_memremap(efi.rng_seed, sizeof(*seed) + size); if (seed != NULL) { - add_device_randomness(seed->bits, seed->size); + add_device_randomness(seed->bits, size); early_memunmap(seed, sizeof(*seed) + size); pr_notice("seeding entropy pool\n"); } else { Patches currently in stable-queue which might be from ben@xxxxxxxxxxxxxxx are queue-4.14/efi-random-properly-limit-the-size-of-the-random-seed.patch