archive mirror
 help / color / mirror / Atom feed
From: "Jason A. Donenfeld" <>
To: Linus Torvalds <>
Cc:, "Jason A. Donenfeld" <>
Subject: [GIT PULL] random number generator updates for 5.17
Date: Fri,  7 Jan 2022 00:59:20 +0100	[thread overview]
Message-ID: <> (raw)

Hi Linus,

Please pull these random number generator updates for 5.17. They're a bit more
numerous than usual for the RNG, due to folks resubmitting patches that had
been pending prior and generally renewed interest. There are a few categories
of patches in this pull:

1) Dominik Brodowski and I traded a series back and forth for a some weeks
   that fixed numerous issues related to seeds being provided at extremely
   early boot by the firmware, before other parts of the kernel or of the RNG
   have been initialized, both fixing some crashes and addressing correctness
   around early boot randomness. One of these is marked for stable.

2) I replaced the RNG's usage of SHA-1 with BLAKE2s in the entropy extractor,
   and made the construction a bit safer and more standard. This was sort of a
   long overdue low hanging fruit, as we were supposed to have phased out
   SHA-1 usage quite some time ago (even if all we needed here was
   non-invertibility). Along the way it also made extraction 131% faster. This
   required a bit of Kconfig and symbol plumbing to make things work well with
   the crypto libraries, which is one of the reasons why I'm sending you this
   pull early in the cycle.

3) I got rid of a truly superfluous call to RDRAND in the hot path, which
   resulted in a whopping 370% increase in performance.

4) Sebastian Andrzej Siewior sent some patches regarding PREEMPT_RT, the full
   series of which wasn't ready yet, but the first two preparatory cleanups
   were good on their own. One of them touches files in kernel/irq/, which is
   the other reason why I'm sending you this pull early in the cycle.

5) Other assorted correctness fixes from Eric Biggers, Jann Horn, Mark Brown,
   Dominik Brodowski, and myself.


The following changes since commit 75acfdb6fd922598a408a0d864486aeb167c1a97:

  Merge tag 'net-5.16-final' of git:// (2022-01-05 14:08:56 -0800)

are available in the Git repository at: random-5.17-for-linus

for you to fetch changes up to 6c8e11e08a5b74bb8a5cdd5cbc1e5143df0fba72:

  random: don't reset crng_init_cnt on urandom_read() (2022-01-07 00:25:25 +0100)

Dominik Brodowski (3):
      random: fix crash on multiple early calls to add_bootloader_randomness()
      random: harmonize "crng init done" messages
      random: early initialization of ChaCha constants

Eric Biggers (2):
      random: fix data race on crng_node_pool
      random: fix data race on crng init time

Jann Horn (1):
      random: don't reset crng_init_cnt on urandom_read()

Jason A. Donenfeld (9):
      MAINTAINERS: add git tree for random.c
      lib/crypto: blake2s: include as built-in
      random: use BLAKE2s instead of SHA1 in extraction
      random: do not sign extend bytes for rotation when mixing
      random: do not re-init if crng_reseed completes before primary init
      random: do not throw away excess input to crng_fast_load
      random: mix bootloader randomness into pool
      random: use IS_ENABLED(CONFIG_NUMA) instead of ifdefs
      random: avoid superfluous call to RDRAND in CRNG extraction

Mark Brown (1):
      random: document add_hwgenerator_randomness() with other input functions

Sebastian Andrzej Siewior (2):
      random: remove unused irq_flags argument from add_interrupt_randomness()
      irq: remove unused flags argument from __handle_irq_event_percpu()

 MAINTAINERS                       |   1 +
 arch/arm/crypto/Makefile          |   4 +-
 arch/arm/crypto/blake2s-core.S    |   8 +-
 arch/arm/crypto/blake2s-glue.c    |  73 +----------
 arch/arm/crypto/blake2s-shash.c   |  75 ++++++++++++
 arch/x86/crypto/Makefile          |   4 +-
 arch/x86/crypto/blake2s-glue.c    |  68 +----------
 arch/x86/crypto/blake2s-shash.c   |  77 ++++++++++++
 arch/x86/kernel/cpu/mshyperv.c    |   2 +-
 crypto/Kconfig                    |   3 +-
 drivers/char/random.c             | 248 ++++++++++++++++++++------------------
 drivers/hv/vmbus_drv.c            |   2 +-
 drivers/net/Kconfig               |   1 -
 include/crypto/chacha.h           |  15 ++-
 include/crypto/internal/blake2s.h |   6 +-
 include/linux/random.h            |   2 +-
 kernel/irq/chip.c                 |   4 +-
 kernel/irq/handle.c               |  11 +-
 kernel/irq/internals.h            |   2 +-
 lib/crypto/Kconfig                |  23 +---
 lib/crypto/Makefile               |   9 +-
 lib/crypto/blake2s-generic.c      |   6 +-
 lib/crypto/blake2s.c              |   6 -
 23 files changed, 341 insertions(+), 309 deletions(-)
 create mode 100644 arch/arm/crypto/blake2s-shash.c
 create mode 100644 arch/x86/crypto/blake2s-shash.c

             reply	other threads:[~2022-01-06 23:59 UTC|newest]

Thread overview: 2+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2022-01-06 23:59 Jason A. Donenfeld [this message]
2022-01-10 20:22 ` pr-tracker-bot

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \ \ \ \ \
    --subject='Re: [GIT PULL] random number generator updates for 5.17' \

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).