From: "Jason A. Donenfeld" <Jason@zx2c4.com>
To: Eric Biggers <ebiggers@kernel.org>
Cc: linux-kernel@vger.kernel.org, patches@lists.linux.dev,
tglx@linutronix.de, linux-crypto@vger.kernel.org,
linux-api@vger.kernel.org, x86@kernel.org,
Greg Kroah-Hartman <gregkh@linuxfoundation.org>,
Adhemerval Zanella Netto <adhemerval.zanella@linaro.org>,
Carlos O'Donell <carlos@redhat.com>,
Florian Weimer <fweimer@redhat.com>,
Arnd Bergmann <arnd@arndb.de>, Jann Horn <jannh@google.com>,
Christian Brauner <brauner@kernel.org>
Subject: Re: [PATCH v13 6/7] random: introduce generic vDSO getrandom() implementation
Date: Sun, 1 Jan 2023 16:53:22 +0100 [thread overview]
Message-ID: <Y7GschU1qZPFZAhm@zx2c4.com> (raw)
In-Reply-To: <Y6OHa196S8e1mImg@sol.localdomain>
On Wed, Dec 21, 2022 at 02:23:39PM -0800, Eric Biggers wrote:
> On Wed, Dec 21, 2022 at 03:23:26PM +0100, Jason A. Donenfeld wrote:
> > diff --git a/drivers/char/random.c b/drivers/char/random.c
> > index 6425f5f838e0..660cd15b6228 100644
> > --- a/drivers/char/random.c
> > +++ b/drivers/char/random.c
> > @@ -60,6 +60,7 @@
> > #include <crypto/blake2s.h>
> > #ifdef CONFIG_VDSO_GETRANDOM
> > #include <vdso/getrandom.h>
> > +#include <vdso/datapage.h>
> > #endif
> > #include <asm/archrandom.h>
> > #include <asm/processor.h>
> > @@ -407,6 +408,9 @@ static void crng_reseed(struct work_struct *work)
> > /*
> > * We copy the new key into the base_crng, overwriting the old one,
> > * and update the generation counter. We avoid hitting ULONG_MAX,
> > * because the per-cpu crngs are initialized to ULONG_MAX, so this
> > * forces new CPUs that come online to always initialize.
> > */
> > spin_lock_irqsave(&base_crng.lock, flags);
> > memcpy(base_crng.key, key, sizeof(base_crng.key));
> > next_gen = base_crng.generation + 1;
> > if (next_gen == ULONG_MAX)
> > ++next_gen;
> > WRITE_ONCE(base_crng.generation, next_gen);
> > +#ifdef CONFIG_VDSO_GETRANDOM
> > + smp_store_release(&_vdso_rng_data.generation, next_gen + 1);
> > +#endif
>
> It's confusing that "uninitialized generation" is ULONG_MAX in the per-cpu
> crngs, but 0 in the vdso_rng_data. That results in a weird off-by one thing,
> where the vdso_rng_data generation number has to be 1 higher.
>
> Would it be possible to use 0 for both?
It might be, but this will involve some changes to how the batching
works too, so I think I'd like to do that separately, if at all.
However, I'll add a comment there noting what's happening so it's a bit
less confusing.
Jason
next prev parent reply other threads:[~2023-01-01 15:53 UTC|newest]
Thread overview: 12+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-12-21 14:23 [PATCH v13 0/7] implement getrandom() in vDSO Jason A. Donenfeld
2022-12-21 14:23 ` [PATCH v13 1/7] x86: lib: Separate instruction decoder MMIO type from MMIO trace Jason A. Donenfeld
2022-12-21 14:23 ` [PATCH v13 2/7] mm: add VM_DROPPABLE for designating always lazily freeable mappings Jason A. Donenfeld
2022-12-21 14:23 ` [PATCH v13 3/7] x86: mm: Skip faulting instruction for VM_DROPPABLE faults Jason A. Donenfeld
2022-12-21 14:23 ` [PATCH v13 4/7] random: add vgetrandom_alloc() syscall Jason A. Donenfeld
2022-12-21 14:23 ` [PATCH v13 5/7] arch: allocate vgetrandom_alloc() syscall number Jason A. Donenfeld
2022-12-21 14:23 ` [PATCH v13 6/7] random: introduce generic vDSO getrandom() implementation Jason A. Donenfeld
2022-12-21 22:23 ` Eric Biggers
2023-01-01 15:53 ` Jason A. Donenfeld [this message]
2022-12-21 14:23 ` [PATCH v13 7/7] x86: vdso: Wire up getrandom() vDSO implementation Jason A. Donenfeld
2022-12-21 23:27 ` Eric Biggers
2023-01-01 16:21 ` Jason A. Donenfeld
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=Y7GschU1qZPFZAhm@zx2c4.com \
--to=jason@zx2c4.com \
--cc=adhemerval.zanella@linaro.org \
--cc=arnd@arndb.de \
--cc=brauner@kernel.org \
--cc=carlos@redhat.com \
--cc=ebiggers@kernel.org \
--cc=fweimer@redhat.com \
--cc=gregkh@linuxfoundation.org \
--cc=jannh@google.com \
--cc=linux-api@vger.kernel.org \
--cc=linux-crypto@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=patches@lists.linux.dev \
--cc=tglx@linutronix.de \
--cc=x86@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.