CVE-2022-48629

In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> crypto: qcom-rng - ensure buffer for generate is completely filled<br /> <br /> The generate function in struct rng_alg expects that the destination<br /> buffer is completely filled if the function returns 0. qcom_rng_read()<br /> can run into a situation where the buffer is partially filled with<br /> randomness and the remaining part of the buffer is zeroed since<br /> qcom_rng_generate() doesn&amp;#39;t check the return value. This issue can<br /> be reproduced by running the following from libkcapi:<br /> <br /> kcapi-rng -b 9000000 &gt; OUTFILE<br /> <br /> The generated OUTFILE will have three huge sections that contain all<br /> zeros, and this is caused by the code where the test<br /> &amp;#39;val &amp; PRNG_STATUS_DATA_AVAIL&amp;#39; fails.<br /> <br /> Let&amp;#39;s fix this issue by ensuring that qcom_rng_read() always returns<br /> with a full buffer if the function returns success. Let&amp;#39;s also have<br /> qcom_rng_generate() return the correct value.<br /> <br /> Here&amp;#39;s some statistics from the ent project<br /> (https://www.fourmilab.ch/random/) that shows information about the<br /> quality of the generated numbers:<br /> <br /> $ ent -c qcom-random-before<br /> Value Char Occurrences Fraction<br /> 0 606748 0.067416<br /> 1 33104 0.003678<br /> 2 33001 0.003667<br /> ...<br /> 253 � 32883 0.003654<br /> 254 � 33035 0.003671<br /> 255 � 33239 0.003693<br /> <br /> Total: 9000000 1.000000<br /> <br /> Entropy = 7.811590 bits per byte.<br /> <br /> Optimum compression would reduce the size<br /> of this 9000000 byte file by 2 percent.<br /> <br /> Chi square distribution for 9000000 samples is 9329962.81, and<br /> randomly would exceed this value less than 0.01 percent of the<br /> times.<br /> <br /> Arithmetic mean value of data bytes is 119.3731 (127.5 = random).<br /> Monte Carlo value for Pi is 3.197293333 (error 1.77 percent).<br /> Serial correlation coefficient is 0.159130 (totally uncorrelated =<br /> 0.0).<br /> <br /> Without this patch, the results of the chi-square test is 0.01%, and<br /> the numbers are certainly not random according to ent&amp;#39;s project page.<br /> The results improve with this patch:<br /> <br /> $ ent -c qcom-random-after<br /> Value Char Occurrences Fraction<br /> 0 35432 0.003937<br /> 1 35127 0.003903<br /> 2 35424 0.003936<br /> ...<br /> 253 � 35201 0.003911<br /> 254 � 34835 0.003871<br /> 255 � 35368 0.003930<br /> <br /> Total: 9000000 1.000000<br /> <br /> Entropy = 7.999979 bits per byte.<br /> <br /> Optimum compression would reduce the size<br /> of this 9000000 byte file by 0 percent.<br /> <br /> Chi square distribution for 9000000 samples is 258.77, and randomly<br /> would exceed this value 42.24 percent of the times.<br /> <br /> Arithmetic mean value of data bytes is 127.5006 (127.5 = random).<br /> Monte Carlo value for Pi is 3.141277333 (error 0.01 percent).<br /> Serial correlation coefficient is 0.000468 (totally uncorrelated =<br /> 0.0).<br /> <br /> This change was tested on a Nexus 5 phone (msm8974 SoC).