From: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
To: linux-kernel@vger.kernel.org
Cc: Greg Kroah-Hartman <gregkh@linuxfoundation.org>,
stable@vger.kernel.org, Theodore Tso <tytso@mit.edu>,
Dominik Brodowski <linux@dominikbrodowski.net>,
Eric Biggers <ebiggers@google.com>,
"Jason A. Donenfeld" <Jason@zx2c4.com>
Subject: [PATCH 5.15 069/145] random: group entropy collection functions
Date: Fri, 27 May 2022 10:49:30 +0200 [thread overview]
Message-ID: <20220527084858.850722024@linuxfoundation.org> (raw)
In-Reply-To: <20220527084850.364560116@linuxfoundation.org>
From: "Jason A. Donenfeld" <Jason@zx2c4.com>
commit 92c653cf14400946f376a29b828d6af7e01f38dd upstream.
This pulls all of the entropy collection-focused functions into the
fourth labeled section.
No functional changes.
Cc: Theodore Ts'o <tytso@mit.edu>
Reviewed-by: Dominik Brodowski <linux@dominikbrodowski.net>
Reviewed-by: Eric Biggers <ebiggers@google.com>
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
---
drivers/char/random.c | 370 +++++++++++++++++++++++++++-----------------------
1 file changed, 206 insertions(+), 164 deletions(-)
--- a/drivers/char/random.c
+++ b/drivers/char/random.c
@@ -1039,60 +1039,112 @@ static bool drain_entropy(void *buf, siz
return true;
}
-struct fast_pool {
- union {
- u32 pool32[4];
- u64 pool64[2];
- };
- unsigned long last;
- u16 reg_idx;
- u8 count;
-};
+
+/**********************************************************************
+ *
+ * Entropy collection routines.
+ *
+ * The following exported functions are used for pushing entropy into
+ * the above entropy accumulation routines:
+ *
+ * void add_device_randomness(const void *buf, size_t size);
+ * void add_input_randomness(unsigned int type, unsigned int code,
+ * unsigned int value);
+ * void add_disk_randomness(struct gendisk *disk);
+ * void add_hwgenerator_randomness(const void *buffer, size_t count,
+ * size_t entropy);
+ * void add_bootloader_randomness(const void *buf, size_t size);
+ * void add_interrupt_randomness(int irq);
+ *
+ * add_device_randomness() adds data to the input pool that
+ * is likely to differ between two devices (or possibly even per boot).
+ * This would be things like MAC addresses or serial numbers, or the
+ * read-out of the RTC. This does *not* credit any actual entropy to
+ * the pool, but it initializes the pool to different values for devices
+ * that might otherwise be identical and have very little entropy
+ * available to them (particularly common in the embedded world).
+ *
+ * add_input_randomness() uses the input layer interrupt timing, as well
+ * as the event type information from the hardware.
+ *
+ * add_disk_randomness() uses what amounts to the seek time of block
+ * layer request events, on a per-disk_devt basis, as input to the
+ * entropy pool. Note that high-speed solid state drives with very low
+ * seek times do not make for good sources of entropy, as their seek
+ * times are usually fairly consistent.
+ *
+ * The above two routines try to estimate how many bits of entropy
+ * to credit. They do this by keeping track of the first and second
+ * order deltas of the event timings.
+ *
+ * add_hwgenerator_randomness() is for true hardware RNGs, and will credit
+ * entropy as specified by the caller. If the entropy pool is full it will
+ * block until more entropy is needed.
+ *
+ * add_bootloader_randomness() is the same as add_hwgenerator_randomness() or
+ * add_device_randomness(), depending on whether or not the configuration
+ * option CONFIG_RANDOM_TRUST_BOOTLOADER is set.
+ *
+ * add_interrupt_randomness() uses the interrupt timing as random
+ * inputs to the entropy pool. Using the cycle counters and the irq source
+ * as inputs, it feeds the input pool roughly once a second or after 64
+ * interrupts, crediting 1 bit of entropy for whichever comes first.
+ *
+ **********************************************************************/
+
+static bool trust_cpu __ro_after_init = IS_ENABLED(CONFIG_RANDOM_TRUST_CPU);
+static int __init parse_trust_cpu(char *arg)
+{
+ return kstrtobool(arg, &trust_cpu);
+}
+early_param("random.trust_cpu", parse_trust_cpu);
/*
- * This is a fast mixing routine used by the interrupt randomness
- * collector. It's hardcoded for an 128 bit pool and assumes that any
- * locks that might be needed are taken by the caller.
+ * The first collection of entropy occurs at system boot while interrupts
+ * are still turned off. Here we push in RDSEED, a timestamp, and utsname().
+ * Depending on the above configuration knob, RDSEED may be considered
+ * sufficient for initialization. Note that much earlier setup may already
+ * have pushed entropy into the input pool by the time we get here.
*/
-static void fast_mix(u32 pool[4])
+int __init rand_initialize(void)
{
- u32 a = pool[0], b = pool[1];
- u32 c = pool[2], d = pool[3];
-
- a += b; c += d;
- b = rol32(b, 6); d = rol32(d, 27);
- d ^= a; b ^= c;
+ size_t i;
+ ktime_t now = ktime_get_real();
+ bool arch_init = true;
+ unsigned long rv;
- a += b; c += d;
- b = rol32(b, 16); d = rol32(d, 14);
- d ^= a; b ^= c;
+ for (i = 0; i < BLAKE2S_BLOCK_SIZE; i += sizeof(rv)) {
+ if (!arch_get_random_seed_long_early(&rv) &&
+ !arch_get_random_long_early(&rv)) {
+ rv = random_get_entropy();
+ arch_init = false;
+ }
+ mix_pool_bytes(&rv, sizeof(rv));
+ }
+ mix_pool_bytes(&now, sizeof(now));
+ mix_pool_bytes(utsname(), sizeof(*(utsname())));
- a += b; c += d;
- b = rol32(b, 6); d = rol32(d, 27);
- d ^= a; b ^= c;
+ extract_entropy(base_crng.key, sizeof(base_crng.key));
+ ++base_crng.generation;
- a += b; c += d;
- b = rol32(b, 16); d = rol32(d, 14);
- d ^= a; b ^= c;
+ if (arch_init && trust_cpu && crng_init < 2) {
+ crng_init = 2;
+ pr_notice("crng init done (trusting CPU's manufacturer)\n");
+ }
- pool[0] = a; pool[1] = b;
- pool[2] = c; pool[3] = d;
+ if (ratelimit_disable) {
+ urandom_warning.interval = 0;
+ unseeded_warning.interval = 0;
+ }
+ return 0;
}
-/*********************************************************************
- *
- * Entropy input management
- *
- *********************************************************************/
-
/* There is one of these per entropy source */
struct timer_rand_state {
cycles_t last_time;
long last_delta, last_delta2;
};
-#define INIT_TIMER_RAND_STATE { INITIAL_JIFFIES, };
-
/*
* Add device- or boot-specific data to the input pool to help
* initialize it.
@@ -1116,8 +1168,6 @@ void add_device_randomness(const void *b
}
EXPORT_SYMBOL(add_device_randomness);
-static struct timer_rand_state input_timer_state = INIT_TIMER_RAND_STATE;
-
/*
* This function adds entropy to the entropy "pool" by using timing
* delays. It uses the timer_rand_state structure to make an estimate
@@ -1179,8 +1229,9 @@ void add_input_randomness(unsigned int t
unsigned int value)
{
static unsigned char last_value;
+ static struct timer_rand_state input_timer_state = { INITIAL_JIFFIES };
- /* ignore autorepeat and the like */
+ /* Ignore autorepeat and the like. */
if (value == last_value)
return;
@@ -1190,6 +1241,119 @@ void add_input_randomness(unsigned int t
}
EXPORT_SYMBOL_GPL(add_input_randomness);
+#ifdef CONFIG_BLOCK
+void add_disk_randomness(struct gendisk *disk)
+{
+ if (!disk || !disk->random)
+ return;
+ /* First major is 1, so we get >= 0x200 here. */
+ add_timer_randomness(disk->random, 0x100 + disk_devt(disk));
+}
+EXPORT_SYMBOL_GPL(add_disk_randomness);
+
+void rand_initialize_disk(struct gendisk *disk)
+{
+ struct timer_rand_state *state;
+
+ /*
+ * If kzalloc returns null, we just won't use that entropy
+ * source.
+ */
+ state = kzalloc(sizeof(struct timer_rand_state), GFP_KERNEL);
+ if (state) {
+ state->last_time = INITIAL_JIFFIES;
+ disk->random = state;
+ }
+}
+#endif
+
+/*
+ * Interface for in-kernel drivers of true hardware RNGs.
+ * Those devices may produce endless random bits and will be throttled
+ * when our pool is full.
+ */
+void add_hwgenerator_randomness(const void *buffer, size_t count,
+ size_t entropy)
+{
+ if (unlikely(crng_init == 0)) {
+ size_t ret = crng_fast_load(buffer, count);
+ mix_pool_bytes(buffer, ret);
+ count -= ret;
+ buffer += ret;
+ if (!count || crng_init == 0)
+ return;
+ }
+
+ /*
+ * Throttle writing if we're above the trickle threshold.
+ * We'll be woken up again once below POOL_MIN_BITS, when
+ * the calling thread is about to terminate, or once
+ * CRNG_RESEED_INTERVAL has elapsed.
+ */
+ wait_event_interruptible_timeout(random_write_wait,
+ !system_wq || kthread_should_stop() ||
+ input_pool.entropy_count < POOL_MIN_BITS,
+ CRNG_RESEED_INTERVAL);
+ mix_pool_bytes(buffer, count);
+ credit_entropy_bits(entropy);
+}
+EXPORT_SYMBOL_GPL(add_hwgenerator_randomness);
+
+/*
+ * Handle random seed passed by bootloader.
+ * If the seed is trustworthy, it would be regarded as hardware RNGs. Otherwise
+ * it would be regarded as device data.
+ * The decision is controlled by CONFIG_RANDOM_TRUST_BOOTLOADER.
+ */
+void add_bootloader_randomness(const void *buf, size_t size)
+{
+ if (IS_ENABLED(CONFIG_RANDOM_TRUST_BOOTLOADER))
+ add_hwgenerator_randomness(buf, size, size * 8);
+ else
+ add_device_randomness(buf, size);
+}
+EXPORT_SYMBOL_GPL(add_bootloader_randomness);
+
+struct fast_pool {
+ union {
+ u32 pool32[4];
+ u64 pool64[2];
+ };
+ unsigned long last;
+ u16 reg_idx;
+ u8 count;
+};
+
+/*
+ * This is a fast mixing routine used by the interrupt randomness
+ * collector. It's hardcoded for an 128 bit pool and assumes that any
+ * locks that might be needed are taken by the caller.
+ */
+static void fast_mix(u32 pool[4])
+{
+ u32 a = pool[0], b = pool[1];
+ u32 c = pool[2], d = pool[3];
+
+ a += b; c += d;
+ b = rol32(b, 6); d = rol32(d, 27);
+ d ^= a; b ^= c;
+
+ a += b; c += d;
+ b = rol32(b, 16); d = rol32(d, 14);
+ d ^= a; b ^= c;
+
+ a += b; c += d;
+ b = rol32(b, 6); d = rol32(d, 27);
+ d ^= a; b ^= c;
+
+ a += b; c += d;
+ b = rol32(b, 16); d = rol32(d, 14);
+ d ^= a; b ^= c;
+
+ pool[0] = a; pool[1] = b;
+ pool[2] = c; pool[3] = d;
+}
+
static DEFINE_PER_CPU(struct fast_pool, irq_randomness);
static u32 get_reg(struct fast_pool *f, struct pt_regs *regs)
@@ -1259,22 +1423,11 @@ void add_interrupt_randomness(int irq)
fast_pool->count = 0;
- /* award one bit for the contents of the fast pool */
+ /* Award one bit for the contents of the fast pool. */
credit_entropy_bits(1);
}
EXPORT_SYMBOL_GPL(add_interrupt_randomness);
-#ifdef CONFIG_BLOCK
-void add_disk_randomness(struct gendisk *disk)
-{
- if (!disk || !disk->random)
- return;
- /* first major is 1, so we get >= 0x200 here */
- add_timer_randomness(disk->random, 0x100 + disk_devt(disk));
-}
-EXPORT_SYMBOL_GPL(add_disk_randomness);
-#endif
-
/*
* Each time the timer fires, we expect that we got an unpredictable
* jump in the cycle counter. Even if the timer is running on another
@@ -1324,73 +1477,6 @@ static void try_to_generate_entropy(void
mix_pool_bytes(&stack.now, sizeof(stack.now));
}
-static bool trust_cpu __ro_after_init = IS_ENABLED(CONFIG_RANDOM_TRUST_CPU);
-static int __init parse_trust_cpu(char *arg)
-{
- return kstrtobool(arg, &trust_cpu);
-}
-early_param("random.trust_cpu", parse_trust_cpu);
-
-/*
- * Note that setup_arch() may call add_device_randomness()
- * long before we get here. This allows seeding of the pools
- * with some platform dependent data very early in the boot
- * process. But it limits our options here. We must use
- * statically allocated structures that already have all
- * initializations complete at compile time. We should also
- * take care not to overwrite the precious per platform data
- * we were given.
- */
-int __init rand_initialize(void)
-{
- size_t i;
- ktime_t now = ktime_get_real();
- bool arch_init = true;
- unsigned long rv;
-
- for (i = 0; i < BLAKE2S_BLOCK_SIZE; i += sizeof(rv)) {
- if (!arch_get_random_seed_long_early(&rv) &&
- !arch_get_random_long_early(&rv)) {
- rv = random_get_entropy();
- arch_init = false;
- }
- mix_pool_bytes(&rv, sizeof(rv));
- }
- mix_pool_bytes(&now, sizeof(now));
- mix_pool_bytes(utsname(), sizeof(*(utsname())));
-
- extract_entropy(base_crng.key, sizeof(base_crng.key));
- ++base_crng.generation;
-
- if (arch_init && trust_cpu && crng_init < 2) {
- crng_init = 2;
- pr_notice("crng init done (trusting CPU's manufacturer)\n");
- }
-
- if (ratelimit_disable) {
- urandom_warning.interval = 0;
- unseeded_warning.interval = 0;
- }
- return 0;
-}
-
-#ifdef CONFIG_BLOCK
-void rand_initialize_disk(struct gendisk *disk)
-{
- struct timer_rand_state *state;
-
- /*
- * If kzalloc returns null, we just won't use that entropy
- * source.
- */
- state = kzalloc(sizeof(struct timer_rand_state), GFP_KERNEL);
- if (state) {
- state->last_time = INITIAL_JIFFIES;
- disk->random = state;
- }
-}
-#endif
-
static ssize_t urandom_read(struct file *file, char __user *buf, size_t nbytes,
loff_t *ppos)
{
@@ -1675,47 +1761,3 @@ struct ctl_table random_table[] = {
{ }
};
#endif /* CONFIG_SYSCTL */
-
-/* Interface for in-kernel drivers of true hardware RNGs.
- * Those devices may produce endless random bits and will be throttled
- * when our pool is full.
- */
-void add_hwgenerator_randomness(const void *buffer, size_t count,
- size_t entropy)
-{
- if (unlikely(crng_init == 0)) {
- size_t ret = crng_fast_load(buffer, count);
- mix_pool_bytes(buffer, ret);
- count -= ret;
- buffer += ret;
- if (!count || crng_init == 0)
- return;
- }
-
- /* Throttle writing if we're above the trickle threshold.
- * We'll be woken up again once below POOL_MIN_BITS, when
- * the calling thread is about to terminate, or once
- * CRNG_RESEED_INTERVAL has elapsed.
- */
- wait_event_interruptible_timeout(random_write_wait,
- !system_wq || kthread_should_stop() ||
- input_pool.entropy_count < POOL_MIN_BITS,
- CRNG_RESEED_INTERVAL);
- mix_pool_bytes(buffer, count);
- credit_entropy_bits(entropy);
-}
-EXPORT_SYMBOL_GPL(add_hwgenerator_randomness);
-
-/* Handle random seed passed by bootloader.
- * If the seed is trustworthy, it would be regarded as hardware RNGs. Otherwise
- * it would be regarded as device data.
- * The decision is controlled by CONFIG_RANDOM_TRUST_BOOTLOADER.
- */
-void add_bootloader_randomness(const void *buf, size_t size)
-{
- if (IS_ENABLED(CONFIG_RANDOM_TRUST_BOOTLOADER))
- add_hwgenerator_randomness(buf, size, size * 8);
- else
- add_device_randomness(buf, size);
-}
-EXPORT_SYMBOL_GPL(add_bootloader_randomness);
next prev parent reply other threads:[~2022-05-27 11:59 UTC|newest]
Thread overview: 152+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-05-27 8:48 [PATCH 5.15 000/145] 5.15.44-rc1 review Greg Kroah-Hartman
2022-05-27 8:48 ` [PATCH 5.15 001/145] HID: amd_sfh: Add support for sensor discovery Greg Kroah-Hartman
2022-05-27 8:48 ` [PATCH 5.15 002/145] KVM: x86/mmu: fix NULL pointer dereference on guest INVPCID Greg Kroah-Hartman
2022-05-27 8:48 ` [PATCH 5.15 003/145] [PATCH 5.15] ice: fix crash at allocation failure Greg Kroah-Hartman
2022-05-27 8:48 ` [PATCH 5.15 004/145] ACPI: sysfs: Fix BERT error region memory mapping Greg Kroah-Hartman
2022-05-27 8:48 ` [PATCH 5.15 005/145] MAINTAINERS: co-maintain random.c Greg Kroah-Hartman
2022-05-27 8:48 ` [PATCH 5.15 006/145] MAINTAINERS: add git tree for random.c Greg Kroah-Hartman
2022-05-27 8:48 ` [PATCH 5.15 007/145] lib/crypto: blake2s: include as built-in Greg Kroah-Hartman
2022-05-27 8:48 ` [PATCH 5.15 008/145] lib/crypto: blake2s: move hmac construction into wireguard Greg Kroah-Hartman
2022-05-27 8:48 ` [PATCH 5.15 009/145] lib/crypto: sha1: re-roll loops to reduce code size Greg Kroah-Hartman
2022-05-27 8:48 ` [PATCH 5.15 010/145] lib/crypto: blake2s: avoid indirect calls to compression function for Clang CFI Greg Kroah-Hartman
2022-05-27 8:48 ` [PATCH 5.15 011/145] random: document add_hwgenerator_randomness() with other input functions Greg Kroah-Hartman
2022-05-27 8:48 ` [PATCH 5.15 012/145] random: remove unused irq_flags argument from add_interrupt_randomness() Greg Kroah-Hartman
2022-05-27 8:48 ` [PATCH 5.15 013/145] random: use BLAKE2s instead of SHA1 in extraction Greg Kroah-Hartman
2022-05-27 8:48 ` [PATCH 5.15 014/145] random: do not sign extend bytes for rotation when mixing Greg Kroah-Hartman
2022-05-27 8:48 ` [PATCH 5.15 015/145] random: do not re-init if crng_reseed completes before primary init Greg Kroah-Hartman
2022-05-27 8:48 ` [PATCH 5.15 016/145] random: mix bootloader randomness into pool Greg Kroah-Hartman
2022-05-27 8:48 ` [PATCH 5.15 017/145] random: harmonize "crng init done" messages Greg Kroah-Hartman
2022-05-27 8:48 ` [PATCH 5.15 018/145] random: use IS_ENABLED(CONFIG_NUMA) instead of ifdefs Greg Kroah-Hartman
2022-05-27 8:48 ` [PATCH 5.15 019/145] random: early initialization of ChaCha constants Greg Kroah-Hartman
2022-05-27 8:48 ` [PATCH 5.15 020/145] random: avoid superfluous call to RDRAND in CRNG extraction Greg Kroah-Hartman
2022-05-27 8:48 ` [PATCH 5.15 021/145] random: dont reset crng_init_cnt on urandom_read() Greg Kroah-Hartman
2022-05-27 8:48 ` [PATCH 5.15 022/145] random: fix typo in comments Greg Kroah-Hartman
2022-05-27 8:48 ` [PATCH 5.15 023/145] random: cleanup poolinfo abstraction Greg Kroah-Hartman
2022-05-27 8:48 ` [PATCH 5.15 024/145] random: cleanup integer types Greg Kroah-Hartman
2022-05-27 8:48 ` [PATCH 5.15 025/145] random: remove incomplete last_data logic Greg Kroah-Hartman
2022-05-27 8:48 ` [PATCH 5.15 026/145] random: remove unused extract_entropy() reserved argument Greg Kroah-Hartman
2022-05-27 8:48 ` [PATCH 5.15 027/145] random: rather than entropy_store abstraction, use global Greg Kroah-Hartman
2022-05-27 8:48 ` [PATCH 5.15 028/145] random: remove unused OUTPUT_POOL constants Greg Kroah-Hartman
2022-05-27 8:48 ` [PATCH 5.15 029/145] random: de-duplicate INPUT_POOL constants Greg Kroah-Hartman
2022-05-27 8:48 ` [PATCH 5.15 030/145] random: prepend remaining pool constants with POOL_ Greg Kroah-Hartman
2022-05-27 8:48 ` [PATCH 5.15 031/145] random: cleanup fractional entropy shift constants Greg Kroah-Hartman
2022-05-27 8:48 ` [PATCH 5.15 032/145] random: access input_pool_data directly rather than through pointer Greg Kroah-Hartman
2022-05-27 8:48 ` [PATCH 5.15 033/145] random: selectively clang-format where it makes sense Greg Kroah-Hartman
2022-05-27 8:48 ` [PATCH 5.15 034/145] random: simplify arithmetic function flow in account() Greg Kroah-Hartman
2022-05-27 8:48 ` [PATCH 5.15 035/145] random: continually use hwgenerator randomness Greg Kroah-Hartman
2022-05-27 8:48 ` [PATCH 5.15 036/145] random: access primary_pool directly rather than through pointer Greg Kroah-Hartman
2022-05-27 8:48 ` [PATCH 5.15 037/145] random: only call crng_finalize_init() for primary_crng Greg Kroah-Hartman
2022-05-27 8:48 ` [PATCH 5.15 038/145] random: use computational hash for entropy extraction Greg Kroah-Hartman
2022-05-27 8:49 ` [PATCH 5.15 039/145] random: simplify entropy debiting Greg Kroah-Hartman
2022-05-27 8:49 ` [PATCH 5.15 040/145] random: use linear min-entropy accumulation crediting Greg Kroah-Hartman
2022-05-27 8:49 ` [PATCH 5.15 041/145] random: always wake up entropy writers after extraction Greg Kroah-Hartman
2022-05-27 8:49 ` [PATCH 5.15 042/145] random: make credit_entropy_bits() always safe Greg Kroah-Hartman
2022-05-27 8:49 ` [PATCH 5.15 043/145] random: remove use_input_pool parameter from crng_reseed() Greg Kroah-Hartman
2022-05-27 8:49 ` [PATCH 5.15 044/145] random: remove batched entropy locking Greg Kroah-Hartman
2022-05-27 8:49 ` [PATCH 5.15 045/145] random: fix locking in crng_fast_load() Greg Kroah-Hartman
2022-05-27 8:49 ` [PATCH 5.15 046/145] random: use RDSEED instead of RDRAND in entropy extraction Greg Kroah-Hartman
2022-05-27 8:49 ` [PATCH 5.15 047/145] random: get rid of secondary crngs Greg Kroah-Hartman
2022-05-27 8:49 ` [PATCH 5.15 048/145] random: inline leaves of rand_initialize() Greg Kroah-Hartman
2022-05-27 8:49 ` [PATCH 5.15 049/145] random: ensure early RDSEED goes through mixer on init Greg Kroah-Hartman
2022-05-27 8:49 ` [PATCH 5.15 050/145] random: do not xor RDRAND when writing into /dev/random Greg Kroah-Hartman
2022-05-27 8:49 ` [PATCH 5.15 051/145] random: absorb fast pool into input pool after fast load Greg Kroah-Hartman
2022-05-27 8:49 ` [PATCH 5.15 052/145] random: use simpler fast key erasure flow on per-cpu keys Greg Kroah-Hartman
2022-05-27 8:49 ` [PATCH 5.15 053/145] random: use hash function for crng_slow_load() Greg Kroah-Hartman
2022-05-27 8:49 ` [PATCH 5.15 054/145] random: make more consistent use of integer types Greg Kroah-Hartman
2022-05-27 8:49 ` [PATCH 5.15 055/145] random: remove outdated INT_MAX >> 6 check in urandom_read() Greg Kroah-Hartman
2022-05-27 8:49 ` [PATCH 5.15 056/145] random: zero buffer after reading entropy from userspace Greg Kroah-Hartman
2022-05-27 8:49 ` [PATCH 5.15 057/145] random: fix locking for crng_init in crng_reseed() Greg Kroah-Hartman
2022-05-27 8:49 ` [PATCH 5.15 058/145] random: tie batched entropy generation to base_crng generation Greg Kroah-Hartman
2022-05-27 8:49 ` [PATCH 5.15 059/145] random: remove ifdefd out interrupt bench Greg Kroah-Hartman
2022-05-27 8:49 ` [PATCH 5.15 060/145] random: remove unused tracepoints Greg Kroah-Hartman
2022-05-27 8:49 ` [PATCH 5.15 061/145] random: add proper SPDX header Greg Kroah-Hartman
2022-05-27 8:49 ` [PATCH 5.15 062/145] random: deobfuscate irq u32/u64 contributions Greg Kroah-Hartman
2022-05-27 8:49 ` [PATCH 5.15 063/145] random: introduce drain_entropy() helper to declutter crng_reseed() Greg Kroah-Hartman
2022-05-27 8:49 ` [PATCH 5.15 064/145] random: remove useless header comment Greg Kroah-Hartman
2022-05-27 8:49 ` [PATCH 5.15 065/145] random: remove whitespace and reorder includes Greg Kroah-Hartman
2022-05-27 8:49 ` [PATCH 5.15 066/145] random: group initialization wait functions Greg Kroah-Hartman
2022-05-27 8:49 ` [PATCH 5.15 067/145] random: group crng functions Greg Kroah-Hartman
2022-05-27 8:49 ` [PATCH 5.15 068/145] random: group entropy extraction functions Greg Kroah-Hartman
2022-05-27 8:49 ` Greg Kroah-Hartman [this message]
2022-05-27 8:49 ` [PATCH 5.15 070/145] random: group userspace read/write functions Greg Kroah-Hartman
2022-05-27 8:49 ` [PATCH 5.15 071/145] random: group sysctl functions Greg Kroah-Hartman
2022-05-27 8:49 ` [PATCH 5.15 072/145] random: rewrite header introductory comment Greg Kroah-Hartman
2022-05-27 8:49 ` [PATCH 5.15 073/145] random: defer fast pool mixing to worker Greg Kroah-Hartman
2022-05-27 8:49 ` [PATCH 5.15 074/145] random: do not take pool spinlock at boot Greg Kroah-Hartman
2022-05-27 8:49 ` [PATCH 5.15 075/145] random: unify early init crng load accounting Greg Kroah-Hartman
2022-05-27 8:49 ` [PATCH 5.15 076/145] random: check for crng_init == 0 in add_device_randomness() Greg Kroah-Hartman
2022-05-27 8:49 ` [PATCH 5.15 077/145] random: pull add_hwgenerator_randomness() declaration into random.h Greg Kroah-Hartman
2022-05-27 8:49 ` [PATCH 5.15 078/145] random: clear fast pool, crng, and batches in cpuhp bring up Greg Kroah-Hartman
2022-05-27 8:49 ` [PATCH 5.15 079/145] random: round-robin registers as ulong, not u32 Greg Kroah-Hartman
2022-05-27 8:49 ` [PATCH 5.15 080/145] random: only wake up writers after zap if threshold was passed Greg Kroah-Hartman
2022-05-27 8:49 ` [PATCH 5.15 081/145] random: cleanup UUID handling Greg Kroah-Hartman
2022-05-27 8:49 ` [PATCH 5.15 082/145] random: unify cycles_t and jiffies usage and types Greg Kroah-Hartman
2022-05-27 8:49 ` [PATCH 5.15 083/145] random: do crng pre-init loading in worker rather than irq Greg Kroah-Hartman
2022-05-27 8:49 ` [PATCH 5.15 084/145] random: give sysctl_random_min_urandom_seed a more sensible value Greg Kroah-Hartman
2022-05-27 8:49 ` [PATCH 5.15 085/145] random: dont let 644 read-only sysctls be written to Greg Kroah-Hartman
2022-05-27 8:49 ` [PATCH 5.15 086/145] random: replace custom notifier chain with standard one Greg Kroah-Hartman
2022-05-27 8:49 ` [PATCH 5.15 087/145] random: use SipHash as interrupt entropy accumulator Greg Kroah-Hartman
2022-05-27 8:49 ` [PATCH 5.15 088/145] random: make consistent usage of crng_ready() Greg Kroah-Hartman
2022-05-27 8:49 ` [PATCH 5.15 089/145] random: reseed more often immediately after booting Greg Kroah-Hartman
2022-05-27 8:49 ` [PATCH 5.15 090/145] random: check for signal and try earlier when generating entropy Greg Kroah-Hartman
2022-05-27 8:49 ` [PATCH 5.15 091/145] random: skip fast_init if hwrng provides large chunk of entropy Greg Kroah-Hartman
2022-05-27 8:49 ` [PATCH 5.15 092/145] random: treat bootloader trust toggle the same way as cpu trust toggle Greg Kroah-Hartman
2022-05-27 8:49 ` [PATCH 5.15 093/145] random: re-add removed comment about get_random_{u32,u64} reseeding Greg Kroah-Hartman
2022-05-27 8:49 ` [PATCH 5.15 094/145] random: mix build-time latent entropy into pool at init Greg Kroah-Hartman
2022-05-27 8:49 ` [PATCH 5.15 095/145] random: do not split fast init input in add_hwgenerator_randomness() Greg Kroah-Hartman
2022-05-27 8:49 ` [PATCH 5.15 096/145] random: do not allow user to keep crng key around on stack Greg Kroah-Hartman
2022-05-27 8:49 ` [PATCH 5.15 097/145] random: check for signal_pending() outside of need_resched() check Greg Kroah-Hartman
2022-05-27 8:49 ` [PATCH 5.15 098/145] random: check for signals every PAGE_SIZE chunk of /dev/[u]random Greg Kroah-Hartman
2022-05-27 8:50 ` [PATCH 5.15 099/145] random: allow partial reads if later user copies fail Greg Kroah-Hartman
2022-05-27 8:50 ` [PATCH 5.15 100/145] random: make random_get_entropy() return an unsigned long Greg Kroah-Hartman
2022-05-27 8:50 ` [PATCH 5.15 101/145] random: document crng_fast_key_erasure() destination possibility Greg Kroah-Hartman
2022-05-27 8:50 ` [PATCH 5.15 102/145] random: fix sysctl documentation nits Greg Kroah-Hartman
2022-05-27 8:50 ` [PATCH 5.15 103/145] init: call time_init() before rand_initialize() Greg Kroah-Hartman
2022-05-27 8:50 ` [PATCH 5.15 104/145] ia64: define get_cycles macro for arch-override Greg Kroah-Hartman
2022-05-27 8:50 ` [PATCH 5.15 105/145] s390: " Greg Kroah-Hartman
2022-05-27 8:50 ` [PATCH 5.15 106/145] parisc: " Greg Kroah-Hartman
2022-05-27 8:50 ` [PATCH 5.15 107/145] alpha: " Greg Kroah-Hartman
2022-05-27 8:50 ` [PATCH 5.15 108/145] powerpc: " Greg Kroah-Hartman
2022-05-27 8:50 ` [PATCH 5.15 109/145] timekeeping: Add raw clock fallback for random_get_entropy() Greg Kroah-Hartman
2022-05-27 8:50 ` [PATCH 5.15 110/145] m68k: use fallback for random_get_entropy() instead of zero Greg Kroah-Hartman
2022-05-27 8:50 ` [PATCH 5.15 111/145] riscv: " Greg Kroah-Hartman
2022-05-27 8:50 ` [PATCH 5.15 112/145] mips: use fallback for random_get_entropy() instead of just c0 random Greg Kroah-Hartman
2022-05-27 8:50 ` [PATCH 5.15 113/145] arm: use fallback for random_get_entropy() instead of zero Greg Kroah-Hartman
2022-05-27 8:50 ` [PATCH 5.15 114/145] nios2: " Greg Kroah-Hartman
2022-05-27 8:50 ` [PATCH 5.15 115/145] x86/tsc: Use " Greg Kroah-Hartman
2022-05-27 8:50 ` [PATCH 5.15 116/145] um: use " Greg Kroah-Hartman
2022-05-27 8:50 ` [PATCH 5.15 117/145] sparc: " Greg Kroah-Hartman
2022-05-27 8:50 ` [PATCH 5.15 118/145] xtensa: " Greg Kroah-Hartman
2022-05-27 8:50 ` [PATCH 5.15 119/145] random: insist on random_get_entropy() existing in order to simplify Greg Kroah-Hartman
2022-05-27 8:50 ` [PATCH 5.15 120/145] random: do not use batches when !crng_ready() Greg Kroah-Hartman
2022-05-27 8:50 ` [PATCH 5.15 121/145] random: use first 128 bits of input as fast init Greg Kroah-Hartman
2022-05-27 8:50 ` [PATCH 5.15 122/145] random: do not pretend to handle premature next security model Greg Kroah-Hartman
2022-05-27 8:50 ` [PATCH 5.15 123/145] random: order timer entropy functions below interrupt functions Greg Kroah-Hartman
2022-05-27 8:50 ` [PATCH 5.15 124/145] random: do not use input pool from hard IRQs Greg Kroah-Hartman
2022-05-27 8:50 ` [PATCH 5.15 125/145] random: help compiler out with fast_mix() by using simpler arguments Greg Kroah-Hartman
2022-05-27 8:50 ` [PATCH 5.15 126/145] siphash: use one source of truth for siphash permutations Greg Kroah-Hartman
2022-05-27 8:50 ` [PATCH 5.15 127/145] random: use symbolic constants for crng_init states Greg Kroah-Hartman
2022-05-27 8:50 ` [PATCH 5.15 128/145] random: avoid initializing twice in credit race Greg Kroah-Hartman
2022-05-27 8:50 ` [PATCH 5.15 129/145] random: move initialization out of reseeding hot path Greg Kroah-Hartman
2022-05-27 8:50 ` [PATCH 5.15 130/145] random: remove ratelimiting for in-kernel unseeded randomness Greg Kroah-Hartman
2022-05-27 8:50 ` [PATCH 5.15 131/145] random: use proper jiffies comparison macro Greg Kroah-Hartman
2022-05-27 8:50 ` [PATCH 5.15 132/145] random: handle latent entropy and command line from random_init() Greg Kroah-Hartman
2022-05-27 8:50 ` [PATCH 5.15 133/145] random: credit architectural init the exact amount Greg Kroah-Hartman
2022-05-27 8:50 ` [PATCH 5.15 134/145] random: use static branch for crng_ready() Greg Kroah-Hartman
2022-05-27 8:50 ` [PATCH 5.15 135/145] random: remove extern from functions in header Greg Kroah-Hartman
2022-05-27 8:50 ` [PATCH 5.15 136/145] random: use proper return types on get_random_{int,long}_wait() Greg Kroah-Hartman
2022-05-27 8:50 ` [PATCH 5.15 137/145] random: make consistent use of buf and len Greg Kroah-Hartman
2022-05-27 8:50 ` [PATCH 5.15 138/145] random: move initialization functions out of hot pages Greg Kroah-Hartman
2022-05-27 8:50 ` [PATCH 5.15 139/145] random: move randomize_page() into mm where it belongs Greg Kroah-Hartman
2022-05-27 8:50 ` [PATCH 5.15 140/145] random: unify batched entropy implementations Greg Kroah-Hartman
2022-05-27 8:50 ` [PATCH 5.15 141/145] random: convert to using fops->read_iter() Greg Kroah-Hartman
2022-05-27 8:50 ` [PATCH 5.15 142/145] random: convert to using fops->write_iter() Greg Kroah-Hartman
2022-05-27 8:50 ` [PATCH 5.15 143/145] random: wire up fops->splice_{read,write}_iter() Greg Kroah-Hartman
2022-05-27 8:50 ` [PATCH 5.15 144/145] random: check for signals after page of pool writes Greg Kroah-Hartman
2022-05-27 8:50 ` [PATCH 5.15 145/145] ALSA: ctxfi: Add SB046x PCI ID Greg Kroah-Hartman
2022-05-27 22:39 ` [PATCH 5.15 000/145] 5.15.44-rc1 review Guenter Roeck
2022-05-28 6:29 ` Bagas Sanjaya
2022-05-28 10:52 ` Naresh Kamboju
2022-05-28 15:27 ` Sudip Mukherjee
2022-05-28 21:08 ` Ron Economos
2022-05-29 0:35 ` Fox Chen
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20220527084858.850722024@linuxfoundation.org \
--to=gregkh@linuxfoundation.org \
--cc=Jason@zx2c4.com \
--cc=ebiggers@google.com \
--cc=linux-kernel@vger.kernel.org \
--cc=linux@dominikbrodowski.net \
--cc=stable@vger.kernel.org \
--cc=tytso@mit.edu \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).