Random number generator fixes for Linux 5.18-rc1.
-----BEGIN PGP SIGNATURE----- iQIzBAABCAAdFiEEq5lC5tSkz8NBJiCnSfxwEqXeA64FAmJGFgQACgkQSfxwEqXe A64CbBAAmi1I+wOVtO8BAC/Two4yH9s9WC0nBc7c70ZIhVnNF+hi2KmJuVGnj8Id Lj3yIVKDqfZuoqqqOTlDKwPPsNLHPX2h/XrhrYju/nJBY6Eh8cSbOHRA26Xnziq5 cGfOW85eQpKyxDTWH3R4SDs7ng+omPYtn54tDnUsN/obJYiSsX7yT7IFFJgCtRpA 9tboSO9Wb6u9+wR1TnxvLYDEXwrUjmz2UKNlKlMlgeAVCvmnfvzD47ez/vo9B44+ IOPa8QM5PCHIxBvWDyVlMHZs6lK6fDZF4TWAwe5etJda972eQWDb9mpQZ2ft9INX 9gBN6g7CLCSb9047ItaPqkgzdhRqnxww8Pd1ccxf/6tW/5+kVedaA7Eypy1UcuA/ WrQIqx6lh+Qx4YcWyO8ULUiky64zad7pahtaFXzjdEGjQuylqjPHCxxCmiltpSZ9 PTbR5r+2wEdVlm4I2u3cIVSLy+lgS5sgF5YA2UKOB32fqlB3y2Cykq4FfOiJZK6Z 9VdQqqhWs3zE5d6olfFiNewDLyKTfnJ1FBOOxMNLhOKEL0qDFcjd9UXmrkpZHdv2 yz4Ps4k+d3gqGpcIue97zEBA7mU9UyP9rzX6pMEMTb+i8WpZa8rrdxak1AmJBwfI FINjZl4fe6ZmDPBTW9FZB2ibjRAt7wtzEsQjNI7sfT9hKnGZlYI= =NfL4 -----END PGP SIGNATURE----- Merge tag 'random-5.18-rc1-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/crng/random Pull random number generator fixes from Jason Donenfeld: - If a hardware random number generator passes a sufficiently large chunk of entropy to random.c during early boot, we now skip the "fast_init" business and let it initialize the RNG. This makes CONFIG_RANDOM_TRUST_BOOTLOADER=y actually useful. - We already have the command line `random.trust_cpu=0/1` option for RDRAND, which let distros enable CONFIG_RANDOM_TRUST_CPU=y while placating concerns of more paranoid users. Now we add `random.trust_bootloader=0/1` so that distros can similarly enable CONFIG_RANDOM_TRUST_BOOTLOADER=y. - Re-add a comment that got removed by accident in the recent revert. - Add the spec-compliant ACPI CID for vmgenid, which Microsoft added to the vmgenid spec at Ard's request during earlier review. - Restore build-time randomness via the latent entropy plugin, which was lost when we transitioned to using a hash function. * tag 'random-5.18-rc1-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/crng/random: random: mix build-time latent entropy into pool at init virt: vmgenid: recognize new CID added by Hyper-V random: re-add removed comment about get_random_{u32,u64} reseeding random: treat bootloader trust toggle the same way as cpu trust toggle random: skip fast_init if hwrng provides large chunk of entropy
This commit is contained in:
commit
478f74a3d8
|
@ -4427,6 +4427,12 @@
|
|||
fully seed the kernel's CRNG. Default is controlled
|
||||
by CONFIG_RANDOM_TRUST_CPU.
|
||||
|
||||
random.trust_bootloader={on,off}
|
||||
[KNL] Enable or disable trusting the use of a
|
||||
seed passed by the bootloader (if available) to
|
||||
fully seed the kernel's CRNG. Default is controlled
|
||||
by CONFIG_RANDOM_TRUST_BOOTLOADER.
|
||||
|
||||
randomize_kstack_offset=
|
||||
[KNL] Enable or disable kernel stack offset
|
||||
randomization, which provides roughly 5 bits of
|
||||
|
|
|
@ -449,6 +449,7 @@ config RANDOM_TRUST_BOOTLOADER
|
|||
device randomness. Say Y here to assume the entropy provided by the
|
||||
booloader is trustworthy so it will be added to the kernel's entropy
|
||||
pool. Otherwise, say N here so it will be regarded as device input that
|
||||
only mixes the entropy pool.
|
||||
only mixes the entropy pool. This can also be configured at boot with
|
||||
"random.trust_bootloader=on/off".
|
||||
|
||||
endmenu
|
||||
|
|
|
@ -224,9 +224,10 @@ static void _warn_unseeded_randomness(const char *func_name, void *caller, void
|
|||
*
|
||||
* These interfaces will return the requested number of random bytes
|
||||
* into the given buffer or as a return value. This is equivalent to
|
||||
* a read from /dev/urandom. The integer family of functions may be
|
||||
* higher performance for one-off random integers, because they do a
|
||||
* bit of buffering.
|
||||
* a read from /dev/urandom. The u32, u64, int, and long family of
|
||||
* functions may be higher performance for one-off random integers,
|
||||
* because they do a bit of buffering and do not invoke reseeding
|
||||
* until the buffer is emptied.
|
||||
*
|
||||
*********************************************************************/
|
||||
|
||||
|
@ -948,11 +949,17 @@ static bool drain_entropy(void *buf, size_t nbytes, bool force)
|
|||
**********************************************************************/
|
||||
|
||||
static bool trust_cpu __ro_after_init = IS_ENABLED(CONFIG_RANDOM_TRUST_CPU);
|
||||
static bool trust_bootloader __ro_after_init = IS_ENABLED(CONFIG_RANDOM_TRUST_BOOTLOADER);
|
||||
static int __init parse_trust_cpu(char *arg)
|
||||
{
|
||||
return kstrtobool(arg, &trust_cpu);
|
||||
}
|
||||
static int __init parse_trust_bootloader(char *arg)
|
||||
{
|
||||
return kstrtobool(arg, &trust_bootloader);
|
||||
}
|
||||
early_param("random.trust_cpu", parse_trust_cpu);
|
||||
early_param("random.trust_bootloader", parse_trust_bootloader);
|
||||
|
||||
/*
|
||||
* The first collection of entropy occurs at system boot while interrupts
|
||||
|
@ -968,6 +975,11 @@ int __init rand_initialize(void)
|
|||
bool arch_init = true;
|
||||
unsigned long rv;
|
||||
|
||||
#if defined(LATENT_ENTROPY_PLUGIN)
|
||||
static const u8 compiletime_seed[BLAKE2S_BLOCK_SIZE] __initconst __latent_entropy;
|
||||
_mix_pool_bytes(compiletime_seed, sizeof(compiletime_seed));
|
||||
#endif
|
||||
|
||||
for (i = 0; i < BLAKE2S_BLOCK_SIZE; i += sizeof(rv)) {
|
||||
if (!arch_get_random_seed_long_early(&rv) &&
|
||||
!arch_get_random_long_early(&rv)) {
|
||||
|
@ -1128,7 +1140,7 @@ void rand_initialize_disk(struct gendisk *disk)
|
|||
void add_hwgenerator_randomness(const void *buffer, size_t count,
|
||||
size_t entropy)
|
||||
{
|
||||
if (unlikely(crng_init == 0)) {
|
||||
if (unlikely(crng_init == 0 && entropy < POOL_MIN_BITS)) {
|
||||
size_t ret = crng_pre_init_inject(buffer, count, true);
|
||||
mix_pool_bytes(buffer, ret);
|
||||
count -= ret;
|
||||
|
@ -1160,7 +1172,7 @@ EXPORT_SYMBOL_GPL(add_hwgenerator_randomness);
|
|||
*/
|
||||
void add_bootloader_randomness(const void *buf, size_t size)
|
||||
{
|
||||
if (IS_ENABLED(CONFIG_RANDOM_TRUST_BOOTLOADER))
|
||||
if (trust_bootloader)
|
||||
add_hwgenerator_randomness(buf, size, size * 8);
|
||||
else
|
||||
add_device_randomness(buf, size);
|
||||
|
|
|
@ -78,6 +78,7 @@ static void vmgenid_notify(struct acpi_device *device, u32 event)
|
|||
}
|
||||
|
||||
static const struct acpi_device_id vmgenid_ids[] = {
|
||||
{ "VMGENCTR", 0 },
|
||||
{ "VM_GEN_COUNTER", 0 },
|
||||
{ }
|
||||
};
|
||||
|
|
Loading…
Reference in New Issue