From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1753590AbbKGOa4 (ORCPT ); Sat, 7 Nov 2015 09:30:56 -0500 Received: from mail-qg0-f47.google.com ([209.85.192.47]:35557 "EHLO mail-qg0-f47.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1753528AbbKGOas (ORCPT ); Sat, 7 Nov 2015 09:30:48 -0500 From: Sandy Harris To: "Theodore Ts\\'o" , Jason Cooper , "H. Peter Anvin" , John Denker Cc: linux-kernel@vger.kernel.org, linux-crypto@vger.kernel.org Subject: [PATCH 3/7] Initialise pools randomly if CONFIG_RANDOM_INIT=y Date: Sat, 7 Nov 2015 09:30:38 -0500 Message-Id: <1446906642-19372-3-git-send-email-sandyinchina@gmail.com> X-Mailer: git-send-email 2.5.0 In-Reply-To: <1446906642-19372-1-git-send-email-sandyinchina@gmail.com> References: <1446906642-19372-1-git-send-email-sandyinchina@gmail.com> Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Signed-off-by: Sandy Harris --- drivers/char/random.c | 50 ++++++++++++++++++++++++++++++++++++++++++++++---- 1 file changed, 46 insertions(+), 4 deletions(-) diff --git a/drivers/char/random.c b/drivers/char/random.c index d0da5d8..e222e0f 100644 --- a/drivers/char/random.c +++ b/drivers/char/random.c @@ -231,7 +231,7 @@ * not be attributed to the Phil, Colin, or any of authors of PGP. * * Further background information on this topic may be obtained from - * RFC 1750, "Randomness Recommendations for Security", by Donald + * RFC 4086, "Randomness Requirements for Security", by Donald * Eastlake, Steve Crocker, and Jeff Schiller. */ @@ -275,13 +275,19 @@ /* * Configuration information */ +#ifdef CONFIG_RANDOM_INIT + +#include + +#else #define INPUT_POOL_SHIFT 12 #define INPUT_POOL_WORDS (1 << (INPUT_POOL_SHIFT-5)) #define OUTPUT_POOL_SHIFT 10 #define OUTPUT_POOL_WORDS (1 << (OUTPUT_POOL_SHIFT-5)) -#define SEC_XFER_SIZE 512 -#define EXTRACT_SIZE 10 +#endif +#define EXTRACT_SIZE 10 +#define SEC_XFER_SIZE 512 #define DEBUG_RANDOM_BOOT 0 #define LONGS(x) (((x) + sizeof(unsigned long) - 1)/sizeof(unsigned long)) @@ -296,6 +302,27 @@ #define ENTROPY_SHIFT 3 #define ENTROPY_BITS(r) ((r)->entropy_count >> ENTROPY_SHIFT) +/* sanity checks */ + +#if ((ENTROPY_SHIFT+INPUT_POOL_SHIFT) >= 16) +#ifndef CONFIG_64BIT +#error *_SHIFT values problematic for credit_entropy_bits() +#endif +#endif + +#if ((INPUT_POOL_WORDS%16) || (OUTPUT_POOL_WORDS%16)) +#error Pool size not divisible by 16, which code assumes +#endif + +#if (INPUT_POOL_WORDS < 32) +#error Input pool less than a quarter of default size +#endif + +#if (INPUT_POOL_WORDS < OUTPUT_POOL_WORDS) +#error Strange configuration, input pool smalller than output +#endif + + /* * The minimum number of bits of entropy before we wake up a read on * /dev/random. Should be enough to do a significant reseed. @@ -442,16 +469,23 @@ struct entropy_store { }; static void push_to_pool(struct work_struct *work); + +#ifndef CONFIG_RANDOM_INIT static __u32 input_pool_data[INPUT_POOL_WORDS]; static __u32 blocking_pool_data[OUTPUT_POOL_WORDS]; static __u32 nonblocking_pool_data[OUTPUT_POOL_WORDS]; +#endif static struct entropy_store input_pool = { .poolinfo = &poolinfo_table[0], .name = "input", .limit = 1, .lock = __SPIN_LOCK_UNLOCKED(input_pool.lock), - .pool = input_pool_data +#ifdef CONFIG_RANDOM_INIT + .pool = pools, +#else + .pool = input_pool_data, +#endif }; static struct entropy_store blocking_pool = { @@ -460,7 +494,11 @@ static struct entropy_store blocking_pool = { .limit = 1, .pull = &input_pool, .lock = __SPIN_LOCK_UNLOCKED(blocking_pool.lock), +#ifdef CONFIG_RANDOM_INIT + .pool = pools + INPUT_POOL_WORDS, +#else .pool = blocking_pool_data, +#endif .push_work = __WORK_INITIALIZER(blocking_pool.push_work, push_to_pool), }; @@ -470,7 +508,11 @@ static struct entropy_store nonblocking_pool = { .name = "nonblocking", .pull = &input_pool, .lock = __SPIN_LOCK_UNLOCKED(nonblocking_pool.lock), +#ifdef CONFIG_RANDOM_INIT + .pool = pools + INPUT_POOL_WORDS + OUTPUT_POOL_WORDS, +#else .pool = nonblocking_pool_data, +#endif .push_work = __WORK_INITIALIZER(nonblocking_pool.push_work, push_to_pool), }; -- 2.5.0