From: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
To: linux-kernel@vger.kernel.org
Cc: Greg Kroah-Hartman <gregkh@linuxfoundation.org>,
stable@vger.kernel.org, Theodore Tso <tytso@mit.edu>,
Dominik Brodowski <linux@dominikbrodowski.net>,
Eric Biggers <ebiggers@google.com>,
"Jason A. Donenfeld" <Jason@zx2c4.com>
Subject: [PATCH 4.9 134/264] random: group initialization wait functions
Date: Thu, 23 Jun 2022 18:42:07 +0200 [thread overview]
Message-ID: <20220623164347.857604522@linuxfoundation.org> (raw)
In-Reply-To: <20220623164344.053938039@linuxfoundation.org>
From: "Jason A. Donenfeld" <Jason@zx2c4.com>
commit 5f1bb112006b104b3e2a1e1b39bbb9b2617581e6 upstream.
This pulls all of the readiness waiting-focused functions into the first
labeled section.
No functional changes.
Cc: Theodore Ts'o <tytso@mit.edu>
Reviewed-by: Dominik Brodowski <linux@dominikbrodowski.net>
Reviewed-by: Eric Biggers <ebiggers@google.com>
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
---
drivers/char/random.c | 1066 ++++++++++++++++++++++++--------------------------
1 file changed, 527 insertions(+), 539 deletions(-)
--- a/drivers/char/random.c
+++ b/drivers/char/random.c
@@ -202,126 +202,144 @@
#include <asm/irq_regs.h>
#include <asm/io.h>
-enum {
- POOL_BITS = BLAKE2S_HASH_SIZE * 8,
- POOL_MIN_BITS = POOL_BITS /* No point in settling for less. */
-};
-
-/*
- * Static global variables
- */
-static DECLARE_WAIT_QUEUE_HEAD(random_write_wait);
-static struct fasync_struct *fasync;
-
-static DEFINE_SPINLOCK(random_ready_list_lock);
-static LIST_HEAD(random_ready_list);
+/*********************************************************************
+ *
+ * Initialization and readiness waiting.
+ *
+ * Much of the RNG infrastructure is devoted to various dependencies
+ * being able to wait until the RNG has collected enough entropy and
+ * is ready for safe consumption.
+ *
+ *********************************************************************/
/*
* crng_init = 0 --> Uninitialized
* 1 --> Initialized
* 2 --> Initialized from input_pool
*
- * crng_init is protected by primary_crng->lock, and only increases
+ * crng_init is protected by base_crng->lock, and only increases
* its value (from 0->1->2).
*/
static int crng_init = 0;
#define crng_ready() (likely(crng_init > 1))
-static int crng_init_cnt = 0;
-static void process_random_ready_list(void);
-static void _get_random_bytes(void *buf, size_t nbytes);
+/* Various types of waiters for crng_init->2 transition. */
+static DECLARE_WAIT_QUEUE_HEAD(crng_init_wait);
+static struct fasync_struct *fasync;
+static DEFINE_SPINLOCK(random_ready_list_lock);
+static LIST_HEAD(random_ready_list);
+/* Control how we warn userspace. */
static struct ratelimit_state unseeded_warning =
RATELIMIT_STATE_INIT("warn_unseeded_randomness", HZ, 3);
static struct ratelimit_state urandom_warning =
RATELIMIT_STATE_INIT("warn_urandom_randomness", HZ, 3);
-
static int ratelimit_disable __read_mostly;
-
module_param_named(ratelimit_disable, ratelimit_disable, int, 0644);
MODULE_PARM_DESC(ratelimit_disable, "Disable random ratelimit suppression");
-/**********************************************************************
- *
- * OS independent entropy store. Here are the functions which handle
- * storing entropy in an entropy pool.
+/*
+ * Returns whether or not the input pool has been seeded and thus guaranteed
+ * to supply cryptographically secure random numbers. This applies to: the
+ * /dev/urandom device, the get_random_bytes function, and the get_random_{u32,
+ * ,u64,int,long} family of functions.
*
- **********************************************************************/
-
-static struct {
- struct blake2s_state hash;
- spinlock_t lock;
- unsigned int entropy_count;
-} input_pool = {
- .hash.h = { BLAKE2S_IV0 ^ (0x01010000 | BLAKE2S_HASH_SIZE),
- BLAKE2S_IV1, BLAKE2S_IV2, BLAKE2S_IV3, BLAKE2S_IV4,
- BLAKE2S_IV5, BLAKE2S_IV6, BLAKE2S_IV7 },
- .hash.outlen = BLAKE2S_HASH_SIZE,
- .lock = __SPIN_LOCK_UNLOCKED(input_pool.lock),
-};
-
-static void extract_entropy(void *buf, size_t nbytes);
-static bool drain_entropy(void *buf, size_t nbytes);
+ * Returns: true if the input pool has been seeded.
+ * false if the input pool has not been seeded.
+ */
+bool rng_is_initialized(void)
+{
+ return crng_ready();
+}
+EXPORT_SYMBOL(rng_is_initialized);
-static void crng_reseed(void);
+/* Used by wait_for_random_bytes(), and considered an entropy collector, below. */
+static void try_to_generate_entropy(void);
/*
- * This function adds bytes into the entropy "pool". It does not
- * update the entropy estimate. The caller should call
- * credit_entropy_bits if this is appropriate.
+ * Wait for the input pool to be seeded and thus guaranteed to supply
+ * cryptographically secure random numbers. This applies to: the /dev/urandom
+ * device, the get_random_bytes function, and the get_random_{u32,u64,int,long}
+ * family of functions. Using any of these functions without first calling
+ * this function forfeits the guarantee of security.
+ *
+ * Returns: 0 if the input pool has been seeded.
+ * -ERESTARTSYS if the function was interrupted by a signal.
*/
-static void _mix_pool_bytes(const void *in, size_t nbytes)
+int wait_for_random_bytes(void)
{
- blake2s_update(&input_pool.hash, in, nbytes);
-}
+ if (likely(crng_ready()))
+ return 0;
-static void mix_pool_bytes(const void *in, size_t nbytes)
-{
- unsigned long flags;
+ do {
+ int ret;
+ ret = wait_event_interruptible_timeout(crng_init_wait, crng_ready(), HZ);
+ if (ret)
+ return ret > 0 ? 0 : ret;
- spin_lock_irqsave(&input_pool.lock, flags);
- _mix_pool_bytes(in, nbytes);
- spin_unlock_irqrestore(&input_pool.lock, flags);
-}
+ try_to_generate_entropy();
+ } while (!crng_ready());
-struct fast_pool {
- union {
- u32 pool32[4];
- u64 pool64[2];
- };
- unsigned long last;
- u16 reg_idx;
- u8 count;
-};
+ return 0;
+}
+EXPORT_SYMBOL(wait_for_random_bytes);
/*
- * This is a fast mixing routine used by the interrupt randomness
- * collector. It's hardcoded for an 128 bit pool and assumes that any
- * locks that might be needed are taken by the caller.
+ * Add a callback function that will be invoked when the input
+ * pool is initialised.
+ *
+ * returns: 0 if callback is successfully added
+ * -EALREADY if pool is already initialised (callback not called)
+ * -ENOENT if module for callback is not alive
*/
-static void fast_mix(u32 pool[4])
+int add_random_ready_callback(struct random_ready_callback *rdy)
{
- u32 a = pool[0], b = pool[1];
- u32 c = pool[2], d = pool[3];
+ struct module *owner;
+ unsigned long flags;
+ int err = -EALREADY;
- a += b; c += d;
- b = rol32(b, 6); d = rol32(d, 27);
- d ^= a; b ^= c;
+ if (crng_ready())
+ return err;
- a += b; c += d;
- b = rol32(b, 16); d = rol32(d, 14);
- d ^= a; b ^= c;
+ owner = rdy->owner;
+ if (!try_module_get(owner))
+ return -ENOENT;
- a += b; c += d;
- b = rol32(b, 6); d = rol32(d, 27);
- d ^= a; b ^= c;
+ spin_lock_irqsave(&random_ready_list_lock, flags);
+ if (crng_ready())
+ goto out;
- a += b; c += d;
- b = rol32(b, 16); d = rol32(d, 14);
- d ^= a; b ^= c;
+ owner = NULL;
- pool[0] = a; pool[1] = b;
- pool[2] = c; pool[3] = d;
+ list_add(&rdy->list, &random_ready_list);
+ err = 0;
+
+out:
+ spin_unlock_irqrestore(&random_ready_list_lock, flags);
+
+ module_put(owner);
+
+ return err;
}
+EXPORT_SYMBOL(add_random_ready_callback);
+
+/*
+ * Delete a previously registered readiness callback function.
+ */
+void del_random_ready_callback(struct random_ready_callback *rdy)
+{
+ unsigned long flags;
+ struct module *owner = NULL;
+
+ spin_lock_irqsave(&random_ready_list_lock, flags);
+ if (!list_empty(&rdy->list)) {
+ list_del_init(&rdy->list);
+ owner = rdy->owner;
+ }
+ spin_unlock_irqrestore(&random_ready_list_lock, flags);
+
+ module_put(owner);
+}
+EXPORT_SYMBOL(del_random_ready_callback);
static void process_random_ready_list(void)
{
@@ -339,27 +357,51 @@ static void process_random_ready_list(vo
spin_unlock_irqrestore(&random_ready_list_lock, flags);
}
-static void credit_entropy_bits(size_t nbits)
+#define warn_unseeded_randomness(previous) \
+ _warn_unseeded_randomness(__func__, (void *)_RET_IP_, (previous))
+
+static void _warn_unseeded_randomness(const char *func_name, void *caller, void **previous)
{
- unsigned int entropy_count, orig, add;
+#ifdef CONFIG_WARN_ALL_UNSEEDED_RANDOM
+ const bool print_once = false;
+#else
+ static bool print_once __read_mostly;
+#endif
- if (!nbits)
+ if (print_once || crng_ready() ||
+ (previous && (caller == READ_ONCE(*previous))))
return;
-
- add = min_t(size_t, nbits, POOL_BITS);
-
- do {
- orig = READ_ONCE(input_pool.entropy_count);
- entropy_count = min_t(unsigned int, POOL_BITS, orig + add);
- } while (cmpxchg(&input_pool.entropy_count, orig, entropy_count) != orig);
-
- if (crng_init < 2 && entropy_count >= POOL_MIN_BITS)
- crng_reseed();
+ WRITE_ONCE(*previous, caller);
+#ifndef CONFIG_WARN_ALL_UNSEEDED_RANDOM
+ print_once = true;
+#endif
+ if (__ratelimit(&unseeded_warning))
+ printk_deferred(KERN_NOTICE "random: %s called from %pS with crng_init=%d\n",
+ func_name, caller, crng_init);
}
+
/*********************************************************************
*
- * CRNG using CHACHA20
+ * Fast key erasure RNG, the "crng".
+ *
+ * These functions expand entropy from the entropy extractor into
+ * long streams for external consumption using the "fast key erasure"
+ * RNG described at <https://blog.cr.yp.to/20170723-random.html>.
+ *
+ * There are a few exported interfaces for use by other drivers:
+ *
+ * void get_random_bytes(void *buf, size_t nbytes)
+ * u32 get_random_u32()
+ * u64 get_random_u64()
+ * unsigned int get_random_int()
+ * unsigned long get_random_long()
+ *
+ * These interfaces will return the requested number of random bytes
+ * into the given buffer or as a return value. This is equivalent to
+ * a read from /dev/urandom. The integer family of functions may be
+ * higher performance for one-off random integers, because they do a
+ * bit of buffering.
*
*********************************************************************/
@@ -386,123 +428,14 @@ static DEFINE_PER_CPU(struct crng, crngs
.generation = ULONG_MAX
};
-static DECLARE_WAIT_QUEUE_HEAD(crng_init_wait);
-
-/*
- * crng_fast_load() can be called by code in the interrupt service
- * path. So we can't afford to dilly-dally. Returns the number of
- * bytes processed from cp.
- */
-static size_t crng_fast_load(const void *cp, size_t len)
-{
- unsigned long flags;
- const u8 *src = (const u8 *)cp;
- size_t ret = 0;
-
- if (!spin_trylock_irqsave(&base_crng.lock, flags))
- return 0;
- if (crng_init != 0) {
- spin_unlock_irqrestore(&base_crng.lock, flags);
- return 0;
- }
- while (len > 0 && crng_init_cnt < CRNG_INIT_CNT_THRESH) {
- base_crng.key[crng_init_cnt % sizeof(base_crng.key)] ^= *src;
- src++; crng_init_cnt++; len--; ret++;
- }
- if (crng_init_cnt >= CRNG_INIT_CNT_THRESH) {
- ++base_crng.generation;
- crng_init = 1;
- }
- spin_unlock_irqrestore(&base_crng.lock, flags);
- if (crng_init == 1)
- pr_notice("fast init done\n");
- return ret;
-}
-
-#ifdef CONFIG_NUMA
-static void do_numa_crng_init(struct work_struct *work)
-{
- int i;
- struct crng_state *crng;
- struct crng_state **pool;
-
- pool = kcalloc(nr_node_ids, sizeof(*pool), GFP_KERNEL|__GFP_NOFAIL);
- for_each_online_node(i) {
- crng = kmalloc_node(sizeof(struct crng_state),
- GFP_KERNEL | __GFP_NOFAIL, i);
- spin_lock_init(&crng->lock);
- crng_initialize(crng);
- pool[i] = crng;
- }
- /* pairs with READ_ONCE() in select_crng() */
- if (cmpxchg_release(&crng_node_pool, NULL, pool) != NULL) {
- for_each_node(i)
- kfree(pool[i]);
- kfree(pool);
- }
-}
-
-static DECLARE_WORK(numa_crng_init_work, do_numa_crng_init);
-
-static void numa_crng_init(void)
-{
- schedule_work(&numa_crng_init_work);
-}
-
-static struct crng_state *select_crng(void)
-{
- struct crng_state **pool;
- int nid = numa_node_id();
-
- /* pairs with cmpxchg_release() in do_numa_crng_init() */
- pool = READ_ONCE(crng_node_pool);
- if (pool && pool[nid])
- return pool[nid];
-
- return &primary_crng;
-}
-#else
-static void numa_crng_init(void) {}
-
-static struct crng_state *select_crng(void)
-{
- return &primary_crng;
-}
-#endif
+/* Used by crng_reseed() to extract a new seed from the input pool. */
+static bool drain_entropy(void *buf, size_t nbytes);
/*
- * crng_slow_load() is called by add_device_randomness, which has two
- * attributes. (1) We can't trust the buffer passed to it is
- * guaranteed to be unpredictable (so it might not have any entropy at
- * all), and (2) it doesn't have the performance constraints of
- * crng_fast_load().
- *
- * So, we simply hash the contents in with the current key. Finally,
- * we do *not* advance crng_init_cnt since buffer we may get may be
- * something like a fixed DMI table (for example), which might very
- * well be unique to the machine, but is otherwise unvarying.
+ * This extracts a new crng key from the input pool, but only if there is a
+ * sufficient amount of entropy available, in order to mitigate bruteforcing
+ * of newly added bits.
*/
-static void crng_slow_load(const void *cp, size_t len)
-{
- unsigned long flags;
- struct blake2s_state hash;
-
- blake2s_init(&hash, sizeof(base_crng.key));
-
- if (!spin_trylock_irqsave(&base_crng.lock, flags))
- return;
- if (crng_init != 0) {
- spin_unlock_irqrestore(&base_crng.lock, flags);
- return;
- }
-
- blake2s_update(&hash, base_crng.key, sizeof(base_crng.key));
- blake2s_update(&hash, cp, len);
- blake2s_final(&hash, base_crng.key);
-
- spin_unlock_irqrestore(&base_crng.lock, flags);
-}
-
static void crng_reseed(void)
{
unsigned long flags;
@@ -552,13 +485,11 @@ static void crng_reseed(void)
}
/*
- * The general form here is based on a "fast key erasure RNG" from
- * <https://blog.cr.yp.to/20170723-random.html>. It generates a ChaCha
- * block using the provided key, and then immediately overwites that
- * key with half the block. It returns the resultant ChaCha state to the
- * user, along with the second half of the block containing 32 bytes of
- * random data that may be used; random_data_len may not be greater than
- * 32.
+ * This generates a ChaCha block using the provided key, and then
+ * immediately overwites that key with half the block. It returns
+ * the resultant ChaCha state to the user, along with the second
+ * half of the block containing 32 bytes of random data that may
+ * be used; random_data_len may not be greater than 32.
*/
static void crng_fast_key_erasure(u8 key[CHACHA20_KEY_SIZE],
u32 chacha_state[CHACHA20_BLOCK_SIZE / sizeof(u32)],
@@ -645,6 +576,126 @@ static void crng_make_state(u32 chacha_s
local_irq_restore(flags);
}
+/*
+ * This function is for crng_init == 0 only.
+ *
+ * crng_fast_load() can be called by code in the interrupt service
+ * path. So we can't afford to dilly-dally. Returns the number of
+ * bytes processed from cp.
+ */
+static size_t crng_fast_load(const void *cp, size_t len)
+{
+ static int crng_init_cnt = 0;
+ unsigned long flags;
+ const u8 *src = (const u8 *)cp;
+ size_t ret = 0;
+
+ if (!spin_trylock_irqsave(&base_crng.lock, flags))
+ return 0;
+ if (crng_init != 0) {
+ spin_unlock_irqrestore(&base_crng.lock, flags);
+ return 0;
+ }
+ while (len > 0 && crng_init_cnt < CRNG_INIT_CNT_THRESH) {
+ base_crng.key[crng_init_cnt % sizeof(base_crng.key)] ^= *src;
+ src++; crng_init_cnt++; len--; ret++;
+ }
+ if (crng_init_cnt >= CRNG_INIT_CNT_THRESH) {
+ ++base_crng.generation;
+ crng_init = 1;
+ }
+ spin_unlock_irqrestore(&base_crng.lock, flags);
+ if (crng_init == 1)
+ pr_notice("fast init done\n");
+ return ret;
+}
+
+/*
+ * This function is for crng_init == 0 only.
+ *
+ * crng_slow_load() is called by add_device_randomness, which has two
+ * attributes. (1) We can't trust the buffer passed to it is
+ * guaranteed to be unpredictable (so it might not have any entropy at
+ * all), and (2) it doesn't have the performance constraints of
+ * crng_fast_load().
+ *
+ * So, we simply hash the contents in with the current key. Finally,
+ * we do *not* advance crng_init_cnt since buffer we may get may be
+ * something like a fixed DMI table (for example), which might very
+ * well be unique to the machine, but is otherwise unvarying.
+ */
+static void crng_slow_load(const void *cp, size_t len)
+{
+ unsigned long flags;
+ struct blake2s_state hash;
+
+ blake2s_init(&hash, sizeof(base_crng.key));
+
+ if (!spin_trylock_irqsave(&base_crng.lock, flags))
+ return;
+ if (crng_init != 0) {
+ spin_unlock_irqrestore(&base_crng.lock, flags);
+ return;
+ }
+
+ blake2s_update(&hash, base_crng.key, sizeof(base_crng.key));
+ blake2s_update(&hash, cp, len);
+ blake2s_final(&hash, base_crng.key);
+
+ spin_unlock_irqrestore(&base_crng.lock, flags);
+}
+
+static void _get_random_bytes(void *buf, size_t nbytes)
+{
+ u32 chacha_state[CHACHA20_BLOCK_SIZE / sizeof(u32)];
+ u8 tmp[CHACHA20_BLOCK_SIZE];
+ size_t len;
+
+ if (!nbytes)
+ return;
+
+ len = min_t(size_t, 32, nbytes);
+ crng_make_state(chacha_state, buf, len);
+ nbytes -= len;
+ buf += len;
+
+ while (nbytes) {
+ if (nbytes < CHACHA20_BLOCK_SIZE) {
+ chacha20_block(chacha_state, tmp);
+ memcpy(buf, tmp, nbytes);
+ memzero_explicit(tmp, sizeof(tmp));
+ break;
+ }
+
+ chacha20_block(chacha_state, buf);
+ if (unlikely(chacha_state[12] == 0))
+ ++chacha_state[13];
+ nbytes -= CHACHA20_BLOCK_SIZE;
+ buf += CHACHA20_BLOCK_SIZE;
+ }
+
+ memzero_explicit(chacha_state, sizeof(chacha_state));
+}
+
+/*
+ * This function is the exported kernel interface. It returns some
+ * number of good random numbers, suitable for key generation, seeding
+ * TCP sequence numbers, etc. It does not rely on the hardware random
+ * number generator. For random bytes direct from the hardware RNG
+ * (when available), use get_random_bytes_arch(). In order to ensure
+ * that the randomness provided by this function is okay, the function
+ * wait_for_random_bytes() should be called and return 0 at least once
+ * at any point prior.
+ */
+void get_random_bytes(void *buf, size_t nbytes)
+{
+ static void *previous;
+
+ warn_unseeded_randomness(&previous);
+ _get_random_bytes(buf, nbytes);
+}
+EXPORT_SYMBOL(get_random_bytes);
+
static ssize_t get_random_bytes_user(void __user *buf, size_t nbytes)
{
bool large_request = nbytes > 256;
@@ -692,6 +743,265 @@ static ssize_t get_random_bytes_user(voi
return ret;
}
+/*
+ * Batched entropy returns random integers. The quality of the random
+ * number is good as /dev/urandom. In order to ensure that the randomness
+ * provided by this function is okay, the function wait_for_random_bytes()
+ * should be called and return 0 at least once at any point prior.
+ */
+struct batched_entropy {
+ union {
+ /*
+ * We make this 1.5x a ChaCha block, so that we get the
+ * remaining 32 bytes from fast key erasure, plus one full
+ * block from the detached ChaCha state. We can increase
+ * the size of this later if needed so long as we keep the
+ * formula of (integer_blocks + 0.5) * CHACHA20_BLOCK_SIZE.
+ */
+ u64 entropy_u64[CHACHA20_BLOCK_SIZE * 3 / (2 * sizeof(u64))];
+ u32 entropy_u32[CHACHA20_BLOCK_SIZE * 3 / (2 * sizeof(u32))];
+ };
+ unsigned long generation;
+ unsigned int position;
+};
+
+
+static DEFINE_PER_CPU(struct batched_entropy, batched_entropy_u64) = {
+ .position = UINT_MAX
+};
+
+u64 get_random_u64(void)
+{
+ u64 ret;
+ unsigned long flags;
+ struct batched_entropy *batch;
+ static void *previous;
+ unsigned long next_gen;
+
+ warn_unseeded_randomness(&previous);
+
+ local_irq_save(flags);
+ batch = raw_cpu_ptr(&batched_entropy_u64);
+
+ next_gen = READ_ONCE(base_crng.generation);
+ if (batch->position >= ARRAY_SIZE(batch->entropy_u64) ||
+ next_gen != batch->generation) {
+ _get_random_bytes(batch->entropy_u64, sizeof(batch->entropy_u64));
+ batch->position = 0;
+ batch->generation = next_gen;
+ }
+
+ ret = batch->entropy_u64[batch->position];
+ batch->entropy_u64[batch->position] = 0;
+ ++batch->position;
+ local_irq_restore(flags);
+ return ret;
+}
+EXPORT_SYMBOL(get_random_u64);
+
+static DEFINE_PER_CPU(struct batched_entropy, batched_entropy_u32) = {
+ .position = UINT_MAX
+};
+
+u32 get_random_u32(void)
+{
+ u32 ret;
+ unsigned long flags;
+ struct batched_entropy *batch;
+ static void *previous;
+ unsigned long next_gen;
+
+ warn_unseeded_randomness(&previous);
+
+ local_irq_save(flags);
+ batch = raw_cpu_ptr(&batched_entropy_u32);
+
+ next_gen = READ_ONCE(base_crng.generation);
+ if (batch->position >= ARRAY_SIZE(batch->entropy_u32) ||
+ next_gen != batch->generation) {
+ _get_random_bytes(batch->entropy_u32, sizeof(batch->entropy_u32));
+ batch->position = 0;
+ batch->generation = next_gen;
+ }
+
+ ret = batch->entropy_u32[batch->position];
+ batch->entropy_u32[batch->position] = 0;
+ ++batch->position;
+ local_irq_restore(flags);
+ return ret;
+}
+EXPORT_SYMBOL(get_random_u32);
+
+/**
+ * randomize_page - Generate a random, page aligned address
+ * @start: The smallest acceptable address the caller will take.
+ * @range: The size of the area, starting at @start, within which the
+ * random address must fall.
+ *
+ * If @start + @range would overflow, @range is capped.
+ *
+ * NOTE: Historical use of randomize_range, which this replaces, presumed that
+ * @start was already page aligned. We now align it regardless.
+ *
+ * Return: A page aligned address within [start, start + range). On error,
+ * @start is returned.
+ */
+unsigned long randomize_page(unsigned long start, unsigned long range)
+{
+ if (!PAGE_ALIGNED(start)) {
+ range -= PAGE_ALIGN(start) - start;
+ start = PAGE_ALIGN(start);
+ }
+
+ if (start > ULONG_MAX - range)
+ range = ULONG_MAX - start;
+
+ range >>= PAGE_SHIFT;
+
+ if (range == 0)
+ return start;
+
+ return start + (get_random_long() % range << PAGE_SHIFT);
+}
+
+/*
+ * This function will use the architecture-specific hardware random
+ * number generator if it is available. It is not recommended for
+ * use. Use get_random_bytes() instead. It returns the number of
+ * bytes filled in.
+ */
+size_t __must_check get_random_bytes_arch(void *buf, size_t nbytes)
+{
+ size_t left = nbytes;
+ u8 *p = buf;
+
+ while (left) {
+ unsigned long v;
+ size_t chunk = min_t(size_t, left, sizeof(unsigned long));
+
+ if (!arch_get_random_long(&v))
+ break;
+
+ memcpy(p, &v, chunk);
+ p += chunk;
+ left -= chunk;
+ }
+
+ return nbytes - left;
+}
+EXPORT_SYMBOL(get_random_bytes_arch);
+
+enum {
+ POOL_BITS = BLAKE2S_HASH_SIZE * 8,
+ POOL_MIN_BITS = POOL_BITS /* No point in settling for less. */
+};
+
+/*
+ * Static global variables
+ */
+static DECLARE_WAIT_QUEUE_HEAD(random_write_wait);
+
+/**********************************************************************
+ *
+ * OS independent entropy store. Here are the functions which handle
+ * storing entropy in an entropy pool.
+ *
+ **********************************************************************/
+
+static struct {
+ struct blake2s_state hash;
+ spinlock_t lock;
+ unsigned int entropy_count;
+} input_pool = {
+ .hash.h = { BLAKE2S_IV0 ^ (0x01010000 | BLAKE2S_HASH_SIZE),
+ BLAKE2S_IV1, BLAKE2S_IV2, BLAKE2S_IV3, BLAKE2S_IV4,
+ BLAKE2S_IV5, BLAKE2S_IV6, BLAKE2S_IV7 },
+ .hash.outlen = BLAKE2S_HASH_SIZE,
+ .lock = __SPIN_LOCK_UNLOCKED(input_pool.lock),
+};
+
+static void extract_entropy(void *buf, size_t nbytes);
+static bool drain_entropy(void *buf, size_t nbytes);
+
+static void crng_reseed(void);
+
+/*
+ * This function adds bytes into the entropy "pool". It does not
+ * update the entropy estimate. The caller should call
+ * credit_entropy_bits if this is appropriate.
+ */
+static void _mix_pool_bytes(const void *in, size_t nbytes)
+{
+ blake2s_update(&input_pool.hash, in, nbytes);
+}
+
+static void mix_pool_bytes(const void *in, size_t nbytes)
+{
+ unsigned long flags;
+
+ spin_lock_irqsave(&input_pool.lock, flags);
+ _mix_pool_bytes(in, nbytes);
+ spin_unlock_irqrestore(&input_pool.lock, flags);
+}
+
+struct fast_pool {
+ union {
+ u32 pool32[4];
+ u64 pool64[2];
+ };
+ unsigned long last;
+ u16 reg_idx;
+ u8 count;
+};
+
+/*
+ * This is a fast mixing routine used by the interrupt randomness
+ * collector. It's hardcoded for an 128 bit pool and assumes that any
+ * locks that might be needed are taken by the caller.
+ */
+static void fast_mix(u32 pool[4])
+{
+ u32 a = pool[0], b = pool[1];
+ u32 c = pool[2], d = pool[3];
+
+ a += b; c += d;
+ b = rol32(b, 6); d = rol32(d, 27);
+ d ^= a; b ^= c;
+
+ a += b; c += d;
+ b = rol32(b, 16); d = rol32(d, 14);
+ d ^= a; b ^= c;
+
+ a += b; c += d;
+ b = rol32(b, 6); d = rol32(d, 27);
+ d ^= a; b ^= c;
+
+ a += b; c += d;
+ b = rol32(b, 16); d = rol32(d, 14);
+ d ^= a; b ^= c;
+
+ pool[0] = a; pool[1] = b;
+ pool[2] = c; pool[3] = d;
+}
+
+static void credit_entropy_bits(size_t nbits)
+{
+ unsigned int entropy_count, orig, add;
+
+ if (!nbits)
+ return;
+
+ add = min_t(size_t, nbits, POOL_BITS);
+
+ do {
+ orig = READ_ONCE(input_pool.entropy_count);
+ entropy_count = min_t(unsigned int, POOL_BITS, orig + add);
+ } while (cmpxchg(&input_pool.entropy_count, orig, entropy_count) != orig);
+
+ if (crng_init < 2 && entropy_count >= POOL_MIN_BITS)
+ crng_reseed();
+}
+
/*********************************************************************
*
* Entropy input management
@@ -959,80 +1269,6 @@ static bool drain_entropy(void *buf, siz
return true;
}
-#define warn_unseeded_randomness(previous) \
- _warn_unseeded_randomness(__func__, (void *)_RET_IP_, (previous))
-
-static void _warn_unseeded_randomness(const char *func_name, void *caller, void **previous)
-{
-#ifdef CONFIG_WARN_ALL_UNSEEDED_RANDOM
- const bool print_once = false;
-#else
- static bool print_once __read_mostly;
-#endif
-
- if (print_once || crng_ready() ||
- (previous && (caller == READ_ONCE(*previous))))
- return;
- WRITE_ONCE(*previous, caller);
-#ifndef CONFIG_WARN_ALL_UNSEEDED_RANDOM
- print_once = true;
-#endif
- if (__ratelimit(&unseeded_warning))
- pr_notice("random: %s called from %pS with crng_init=%d\n",
- func_name, caller, crng_init);
-}
-
-/*
- * This function is the exported kernel interface. It returns some
- * number of good random numbers, suitable for key generation, seeding
- * TCP sequence numbers, etc. It does not rely on the hardware random
- * number generator. For random bytes direct from the hardware RNG
- * (when available), use get_random_bytes_arch(). In order to ensure
- * that the randomness provided by this function is okay, the function
- * wait_for_random_bytes() should be called and return 0 at least once
- * at any point prior.
- */
-static void _get_random_bytes(void *buf, size_t nbytes)
-{
- u32 chacha_state[CHACHA20_BLOCK_SIZE / sizeof(u32)];
- u8 tmp[CHACHA20_BLOCK_SIZE];
- size_t len;
-
- if (!nbytes)
- return;
-
- len = min_t(size_t, 32, nbytes);
- crng_make_state(chacha_state, buf, len);
- nbytes -= len;
- buf += len;
-
- while (nbytes) {
- if (nbytes < CHACHA20_BLOCK_SIZE) {
- chacha20_block(chacha_state, tmp);
- memcpy(buf, tmp, nbytes);
- memzero_explicit(tmp, sizeof(tmp));
- break;
- }
-
- chacha20_block(chacha_state, buf);
- if (unlikely(chacha_state[12] == 0))
- ++chacha_state[13];
- nbytes -= CHACHA20_BLOCK_SIZE;
- buf += CHACHA20_BLOCK_SIZE;
- }
-
- memzero_explicit(chacha_state, sizeof(chacha_state));
-}
-
-void get_random_bytes(void *buf, size_t nbytes)
-{
- static void *previous;
-
- warn_unseeded_randomness(&previous);
- _get_random_bytes(buf, nbytes);
-}
-EXPORT_SYMBOL(get_random_bytes);
-
/*
* Each time the timer fires, we expect that we got an unpredictable
* jump in the cycle counter. Even if the timer is running on another
@@ -1082,134 +1318,6 @@ static void try_to_generate_entropy(void
mix_pool_bytes(&stack.now, sizeof(stack.now));
}
-/*
- * Wait for the urandom pool to be seeded and thus guaranteed to supply
- * cryptographically secure random numbers. This applies to: the /dev/urandom
- * device, the get_random_bytes function, and the get_random_{u32,u64,int,long}
- * family of functions. Using any of these functions without first calling
- * this function forfeits the guarantee of security.
- *
- * Returns: 0 if the urandom pool has been seeded.
- * -ERESTARTSYS if the function was interrupted by a signal.
- */
-int wait_for_random_bytes(void)
-{
- if (likely(crng_ready()))
- return 0;
-
- do {
- int ret;
- ret = wait_event_interruptible_timeout(crng_init_wait, crng_ready(), HZ);
- if (ret)
- return ret > 0 ? 0 : ret;
-
- try_to_generate_entropy();
- } while (!crng_ready());
-
- return 0;
-}
-EXPORT_SYMBOL(wait_for_random_bytes);
-
-/*
- * Returns whether or not the urandom pool has been seeded and thus guaranteed
- * to supply cryptographically secure random numbers. This applies to: the
- * /dev/urandom device, the get_random_bytes function, and the get_random_{u32,
- * ,u64,int,long} family of functions.
- *
- * Returns: true if the urandom pool has been seeded.
- * false if the urandom pool has not been seeded.
- */
-bool rng_is_initialized(void)
-{
- return crng_ready();
-}
-EXPORT_SYMBOL(rng_is_initialized);
-
-/*
- * Add a callback function that will be invoked when the nonblocking
- * pool is initialised.
- *
- * returns: 0 if callback is successfully added
- * -EALREADY if pool is already initialised (callback not called)
- * -ENOENT if module for callback is not alive
- */
-int add_random_ready_callback(struct random_ready_callback *rdy)
-{
- struct module *owner;
- unsigned long flags;
- int err = -EALREADY;
-
- if (crng_ready())
- return err;
-
- owner = rdy->owner;
- if (!try_module_get(owner))
- return -ENOENT;
-
- spin_lock_irqsave(&random_ready_list_lock, flags);
- if (crng_ready())
- goto out;
-
- owner = NULL;
-
- list_add(&rdy->list, &random_ready_list);
- err = 0;
-
-out:
- spin_unlock_irqrestore(&random_ready_list_lock, flags);
-
- module_put(owner);
-
- return err;
-}
-EXPORT_SYMBOL(add_random_ready_callback);
-
-/*
- * Delete a previously registered readiness callback function.
- */
-void del_random_ready_callback(struct random_ready_callback *rdy)
-{
- unsigned long flags;
- struct module *owner = NULL;
-
- spin_lock_irqsave(&random_ready_list_lock, flags);
- if (!list_empty(&rdy->list)) {
- list_del_init(&rdy->list);
- owner = rdy->owner;
- }
- spin_unlock_irqrestore(&random_ready_list_lock, flags);
-
- module_put(owner);
-}
-EXPORT_SYMBOL(del_random_ready_callback);
-
-/*
- * This function will use the architecture-specific hardware random
- * number generator if it is available. It is not recommended for
- * use. Use get_random_bytes() instead. It returns the number of
- * bytes filled in.
- */
-size_t __must_check get_random_bytes_arch(void *buf, size_t nbytes)
-{
- size_t left = nbytes;
- u8 *p = buf;
-
- while (left) {
- unsigned long v;
- size_t chunk = min_t(size_t, left, sizeof(unsigned long));
-
- if (!arch_get_random_long(&v))
- break;
-
- memcpy(p, &v, chunk);
- p += chunk;
- left -= chunk;
- }
-
- return nbytes - left;
-}
-EXPORT_SYMBOL(get_random_bytes_arch);
-
static bool trust_cpu __ro_after_init = IS_ENABLED(CONFIG_RANDOM_TRUST_CPU);
static int __init parse_trust_cpu(char *arg)
{
@@ -1560,126 +1668,6 @@ struct ctl_table random_table[] = {
};
#endif /* CONFIG_SYSCTL */
-struct batched_entropy {
- union {
- /*
- * We make this 1.5x a ChaCha block, so that we get the
- * remaining 32 bytes from fast key erasure, plus one full
- * block from the detached ChaCha state. We can increase
- * the size of this later if needed so long as we keep the
- * formula of (integer_blocks + 0.5) * CHACHA20_BLOCK_SIZE.
- */
- u64 entropy_u64[CHACHA20_BLOCK_SIZE * 3 / (2 * sizeof(u64))];
- u32 entropy_u32[CHACHA20_BLOCK_SIZE * 3 / (2 * sizeof(u32))];
- };
- unsigned long generation;
- unsigned int position;
-};
-
-/*
- * Get a random word for internal kernel use only. The quality of the random
- * number is good as /dev/urandom. In order to ensure that the randomness
- * provided by this function is okay, the function wait_for_random_bytes()
- * should be called and return 0 at least once at any point prior.
- */
-static DEFINE_PER_CPU(struct batched_entropy, batched_entropy_u64) = {
- .position = UINT_MAX
-};
-
-u64 get_random_u64(void)
-{
- u64 ret;
- unsigned long flags;
- struct batched_entropy *batch;
- static void *previous;
- unsigned long next_gen;
-
- warn_unseeded_randomness(&previous);
-
- local_irq_save(flags);
- batch = raw_cpu_ptr(&batched_entropy_u64);
-
- next_gen = READ_ONCE(base_crng.generation);
- if (batch->position >= ARRAY_SIZE(batch->entropy_u64) ||
- next_gen != batch->generation) {
- _get_random_bytes(batch->entropy_u64, sizeof(batch->entropy_u64));
- batch->position = 0;
- batch->generation = next_gen;
- }
-
- ret = batch->entropy_u64[batch->position];
- batch->entropy_u64[batch->position] = 0;
- ++batch->position;
- local_irq_restore(flags);
- return ret;
-}
-EXPORT_SYMBOL(get_random_u64);
-
-static DEFINE_PER_CPU(struct batched_entropy, batched_entropy_u32) = {
- .position = UINT_MAX
-};
-
-u32 get_random_u32(void)
-{
- u32 ret;
- unsigned long flags;
- struct batched_entropy *batch;
- static void *previous;
- unsigned long next_gen;
-
- warn_unseeded_randomness(&previous);
-
- local_irq_save(flags);
- batch = raw_cpu_ptr(&batched_entropy_u32);
-
- next_gen = READ_ONCE(base_crng.generation);
- if (batch->position >= ARRAY_SIZE(batch->entropy_u32) ||
- next_gen != batch->generation) {
- _get_random_bytes(batch->entropy_u32, sizeof(batch->entropy_u32));
- batch->position = 0;
- batch->generation = next_gen;
- }
-
- ret = batch->entropy_u32[batch->position];
- batch->entropy_u32[batch->position] = 0;
- ++batch->position;
- local_irq_restore(flags);
- return ret;
-}
-EXPORT_SYMBOL(get_random_u32);
-
-/**
- * randomize_page - Generate a random, page aligned address
- * @start: The smallest acceptable address the caller will take.
- * @range: The size of the area, starting at @start, within which the
- * random address must fall.
- *
- * If @start + @range would overflow, @range is capped.
- *
- * NOTE: Historical use of randomize_range, which this replaces, presumed that
- * @start was already page aligned. We now align it regardless.
- *
- * Return: A page aligned address within [start, start + range). On error,
- * @start is returned.
- */
-unsigned long randomize_page(unsigned long start, unsigned long range)
-{
- if (!PAGE_ALIGNED(start)) {
- range -= PAGE_ALIGN(start) - start;
- start = PAGE_ALIGN(start);
- }
-
- if (start > ULONG_MAX - range)
- range = ULONG_MAX - start;
-
- range >>= PAGE_SHIFT;
-
- if (range == 0)
- return start;
-
- return start + (get_random_long() % range << PAGE_SHIFT);
-}
-
/* Interface for in-kernel drivers of true hardware RNGs.
* Those devices may produce endless random bits and will be throttled
* when our pool is full.
next prev parent reply other threads:[~2022-06-23 17:03 UTC|newest]
Thread overview: 270+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-06-23 16:39 [PATCH 4.9 000/264] 4.9.320-rc1 review Greg Kroah-Hartman
2022-06-23 16:39 ` [PATCH 4.9 001/264] 9p: missing chunk of "fs/9p: Dont update file type when updating file attributes" Greg Kroah-Hartman
2022-06-23 16:39 ` [PATCH 4.9 002/264] random: remove stale maybe_reseed_primary_crng Greg Kroah-Hartman
2022-06-23 16:39 ` [PATCH 4.9 003/264] random: remove stale urandom_init_wait Greg Kroah-Hartman
2022-06-23 16:39 ` [PATCH 4.9 004/264] random: remove variable limit Greg Kroah-Hartman
2022-06-23 16:39 ` [PATCH 4.9 005/264] random: fix comment for unused random_min_urandom_seed Greg Kroah-Hartman
2022-06-23 16:39 ` [PATCH 4.9 006/264] random: convert get_random_int/long into get_random_u32/u64 Greg Kroah-Hartman
2022-06-23 16:40 ` [PATCH 4.9 007/264] random: move random_min_urandom_seed into CONFIG_SYSCTL ifdef block Greg Kroah-Hartman
2022-06-23 16:40 ` [PATCH 4.9 008/264] random: invalidate batched entropy after crng init Greg Kroah-Hartman
2022-06-23 16:40 ` [PATCH 4.9 009/264] random: silence compiler warnings and fix race Greg Kroah-Hartman
2022-06-23 16:40 ` [PATCH 4.9 010/264] random: add wait_for_random_bytes() API Greg Kroah-Hartman
2022-06-23 16:40 ` [PATCH 4.9 011/264] random: add get_random_{bytes,u32,u64,int,long,once}_wait family Greg Kroah-Hartman
2022-06-23 16:40 ` [PATCH 4.9 012/264] random: warn when kernel uses unseeded randomness Greg Kroah-Hartman
2022-06-23 16:40 ` [PATCH 4.9 013/264] random: do not ignore early device randomness Greg Kroah-Hartman
2022-06-23 16:40 ` [PATCH 4.9 014/264] random: suppress spammy warnings about unseeded randomness Greg Kroah-Hartman
2022-06-23 16:40 ` [PATCH 4.9 015/264] random: reorder READ_ONCE() in get_random_uXX Greg Kroah-Hartman
2022-06-23 16:40 ` [PATCH 4.9 016/264] random: fix warning message on ia64 and parisc Greg Kroah-Hartman
2022-06-23 16:40 ` [PATCH 4.9 017/264] random: use a different mixing algorithm for add_device_randomness() Greg Kroah-Hartman
2022-06-23 16:40 ` [PATCH 4.9 018/264] random: set up the NUMA crng instances after the CRNG is fully initialized Greg Kroah-Hartman
2022-06-23 16:40 ` [PATCH 4.9 019/264] random: fix possible sleeping allocation from irq context Greg Kroah-Hartman
2022-06-23 16:40 ` [PATCH 4.9 020/264] random: rate limit unseeded randomness warnings Greg Kroah-Hartman
2022-06-23 16:40 ` [PATCH 4.9 021/264] random: add a spinlock_t to struct batched_entropy Greg Kroah-Hartman
2022-06-23 16:40 ` [PATCH 4.9 022/264] char/random: silence a lockdep splat with printk() Greg Kroah-Hartman
2022-06-23 16:40 ` [PATCH 4.9 023/264] Revert "char/random: silence a lockdep splat with printk()" Greg Kroah-Hartman
2022-06-23 16:40 ` [PATCH 4.9 024/264] random: always use batched entropy for get_random_u{32,64} Greg Kroah-Hartman
2022-06-23 16:40 ` [PATCH 4.9 025/264] random: fix data race on crng_node_pool Greg Kroah-Hartman
2022-06-23 16:40 ` [PATCH 4.9 026/264] crypto: chacha20 - Fix keystream alignment for chacha20_block() Greg Kroah-Hartman
2022-06-23 16:40 ` [PATCH 4.9 027/264] random: always fill buffer in get_random_bytes_wait Greg Kroah-Hartman
2022-06-23 16:40 ` [PATCH 4.9 028/264] random: optimize add_interrupt_randomness Greg Kroah-Hartman
2022-06-23 16:40 ` [PATCH 4.9 029/264] drivers/char/random.c: remove unused dont_count_entropy Greg Kroah-Hartman
2022-06-23 16:40 ` [PATCH 4.9 030/264] random: Fix whitespace pre random-bytes work Greg Kroah-Hartman
2022-06-23 16:40 ` [PATCH 4.9 031/264] random: Return nbytes filled from hw RNG Greg Kroah-Hartman
2022-06-23 16:40 ` [PATCH 4.9 032/264] random: add a config option to trust the CPUs hwrng Greg Kroah-Hartman
2022-06-23 16:40 ` [PATCH 4.9 033/264] random: remove preempt disabled region Greg Kroah-Hartman
2022-06-23 16:40 ` [PATCH 4.9 034/264] random: Make crng state queryable Greg Kroah-Hartman
2022-06-23 16:40 ` [PATCH 4.9 035/264] random: make CPU trust a boot parameter Greg Kroah-Hartman
2022-06-23 16:40 ` [PATCH 4.9 036/264] drivers/char/random.c: constify poolinfo_table Greg Kroah-Hartman
2022-06-23 16:40 ` [PATCH 4.9 037/264] drivers/char/random.c: remove unused stuct poolinfo::poolbits Greg Kroah-Hartman
2022-06-23 16:40 ` [PATCH 4.9 038/264] drivers/char/random.c: make primary_crng static Greg Kroah-Hartman
2022-06-23 16:40 ` [PATCH 4.9 039/264] random: only read from /dev/random after its pool has received 128 bits Greg Kroah-Hartman
2022-06-23 16:40 ` [PATCH 4.9 040/264] random: move rand_initialize() earlier Greg Kroah-Hartman
2022-06-23 16:40 ` [PATCH 4.9 041/264] random: document get_random_int() family Greg Kroah-Hartman
2022-06-23 16:40 ` [PATCH 4.9 042/264] latent_entropy: avoid build error when plugin cflags are not set Greg Kroah-Hartman
2022-06-23 16:40 ` [PATCH 4.9 043/264] random: fix soft lockup when trying to read from an uninitialized blocking pool Greg Kroah-Hartman
2022-06-23 16:40 ` [PATCH 4.9 044/264] random: Support freezable kthreads in add_hwgenerator_randomness() Greg Kroah-Hartman
2022-06-23 16:40 ` [PATCH 4.9 045/264] fdt: add support for rng-seed Greg Kroah-Hartman
2022-06-23 16:40 ` [PATCH 4.9 046/264] random: Use wait_event_freezable() in add_hwgenerator_randomness() Greg Kroah-Hartman
2022-06-23 16:40 ` [PATCH 4.9 047/264] char/random: Add a newline at the end of the file Greg Kroah-Hartman
2022-06-23 16:40 ` [PATCH 4.9 048/264] Revert "hwrng: core - Freeze khwrng thread during suspend" Greg Kroah-Hartman
2022-06-23 16:40 ` [PATCH 4.9 049/264] crypto: Deduplicate le32_to_cpu_array() and cpu_to_le32_array() Greg Kroah-Hartman
2022-06-23 16:40 ` [PATCH 4.9 050/264] crypto: blake2s - generic C library implementation and selftest Greg Kroah-Hartman
2022-06-23 16:40 ` [PATCH 4.9 051/264] lib/crypto: blake2s: move hmac construction into wireguard Greg Kroah-Hartman
2022-06-23 16:40 ` [PATCH 4.9 052/264] lib/crypto: sha1: re-roll loops to reduce code size Greg Kroah-Hartman
2022-06-23 16:40 ` [PATCH 4.9 053/264] random: Dont wake crng_init_wait when crng_init == 1 Greg Kroah-Hartman
2022-06-23 16:40 ` [PATCH 4.9 054/264] random: Add a urandom_read_nowait() for random APIs that dont warn Greg Kroah-Hartman
2022-06-23 16:40 ` [PATCH 4.9 055/264] random: add GRND_INSECURE to return best-effort non-cryptographic bytes Greg Kroah-Hartman
2022-06-23 16:40 ` [PATCH 4.9 056/264] random: ignore GRND_RANDOM in getentropy(2) Greg Kroah-Hartman
2022-06-23 16:40 ` [PATCH 4.9 057/264] random: make /dev/random be almost like /dev/urandom Greg Kroah-Hartman
2022-06-23 16:40 ` [PATCH 4.9 058/264] random: fix crash on multiple early calls to add_bootloader_randomness() Greg Kroah-Hartman
2022-06-23 16:40 ` [PATCH 4.9 059/264] random: remove the blocking pool Greg Kroah-Hartman
2022-06-23 16:40 ` [PATCH 4.9 060/264] random: delete code to pull data into pools Greg Kroah-Hartman
2022-06-23 16:40 ` [PATCH 4.9 061/264] random: remove kernel.random.read_wakeup_threshold Greg Kroah-Hartman
2022-06-23 16:40 ` [PATCH 4.9 062/264] random: remove unnecessary unlikely() Greg Kroah-Hartman
2022-06-23 16:40 ` [PATCH 4.9 063/264] random: convert to ENTROPY_BITS for better code readability Greg Kroah-Hartman
2022-06-23 16:40 ` [PATCH 4.9 064/264] random: Add and use pr_fmt() Greg Kroah-Hartman
2022-06-23 16:40 ` [PATCH 4.9 065/264] random: fix typo in add_timer_randomness() Greg Kroah-Hartman
2022-06-23 16:40 ` [PATCH 4.9 066/264] random: remove some dead code of poolinfo Greg Kroah-Hartman
2022-06-23 16:41 ` [PATCH 4.9 067/264] random: split primary/secondary crng init paths Greg Kroah-Hartman
2022-06-23 16:41 ` [PATCH 4.9 068/264] random: avoid warnings for !CONFIG_NUMA builds Greg Kroah-Hartman
2022-06-23 16:41 ` [PATCH 4.9 069/264] x86: Remove arch_has_random, arch_has_random_seed Greg Kroah-Hartman
2022-06-23 16:41 ` [PATCH 4.9 070/264] powerpc: " Greg Kroah-Hartman
2022-06-23 16:41 ` [PATCH 4.9 071/264] linux/random.h: " Greg Kroah-Hartman
2022-06-23 16:41 ` [PATCH 4.9 072/264] linux/random.h: Use false with bool Greg Kroah-Hartman
2022-06-23 16:41 ` [PATCH 4.9 073/264] linux/random.h: Mark CONFIG_ARCH_RANDOM functions __must_check Greg Kroah-Hartman
2022-06-23 16:41 ` [PATCH 4.9 074/264] powerpc: Use bool in archrandom.h Greg Kroah-Hartman
2022-06-23 16:41 ` [PATCH 4.9 075/264] random: add arch_get_random_*long_early() Greg Kroah-Hartman
2022-06-23 16:41 ` [PATCH 4.9 076/264] random: avoid arch_get_random_seed_long() when collecting IRQ randomness Greg Kroah-Hartman
2022-06-23 16:41 ` [PATCH 4.9 077/264] random: remove dead code left over from blocking pool Greg Kroah-Hartman
2022-06-23 16:41 ` [PATCH 4.9 078/264] MAINTAINERS: co-maintain random.c Greg Kroah-Hartman
2022-06-23 16:41 ` [PATCH 4.9 079/264] crypto: blake2s - include <linux/bug.h> instead of <asm/bug.h> Greg Kroah-Hartman
2022-06-23 16:41 ` [PATCH 4.9 080/264] crypto: blake2s - adjust include guard naming Greg Kroah-Hartman
2022-06-23 16:41 ` [PATCH 4.9 081/264] random: document add_hwgenerator_randomness() with other input functions Greg Kroah-Hartman
2022-06-23 16:41 ` [PATCH 4.9 082/264] random: remove unused irq_flags argument from add_interrupt_randomness() Greg Kroah-Hartman
2022-06-23 16:41 ` [PATCH 4.9 083/264] random: use BLAKE2s instead of SHA1 in extraction Greg Kroah-Hartman
2022-06-23 16:41 ` [PATCH 4.9 084/264] random: do not sign extend bytes for rotation when mixing Greg Kroah-Hartman
2022-06-23 16:41 ` [PATCH 4.9 085/264] random: do not re-init if crng_reseed completes before primary init Greg Kroah-Hartman
2022-06-23 16:41 ` [PATCH 4.9 086/264] random: mix bootloader randomness into pool Greg Kroah-Hartman
2022-06-23 16:41 ` [PATCH 4.9 087/264] random: harmonize "crng init done" messages Greg Kroah-Hartman
2022-06-23 16:41 ` [PATCH 4.9 088/264] random: use IS_ENABLED(CONFIG_NUMA) instead of ifdefs Greg Kroah-Hartman
2022-06-23 16:41 ` [PATCH 4.9 089/264] random: initialize ChaCha20 constants with correct endianness Greg Kroah-Hartman
2022-06-23 16:41 ` [PATCH 4.9 090/264] random: early initialization of ChaCha constants Greg Kroah-Hartman
2022-06-23 16:41 ` [PATCH 4.9 091/264] random: avoid superfluous call to RDRAND in CRNG extraction Greg Kroah-Hartman
2022-06-23 16:41 ` [PATCH 4.9 092/264] random: dont reset crng_init_cnt on urandom_read() Greg Kroah-Hartman
2022-06-23 16:41 ` [PATCH 4.9 093/264] random: fix typo in comments Greg Kroah-Hartman
2022-06-23 16:41 ` [PATCH 4.9 094/264] random: cleanup poolinfo abstraction Greg Kroah-Hartman
2022-06-23 16:41 ` [PATCH 4.9 095/264] crypto: chacha20 - Fix chacha20_block() keystream alignment (again) Greg Kroah-Hartman
2022-06-23 16:41 ` [PATCH 4.9 096/264] random: cleanup integer types Greg Kroah-Hartman
2022-06-23 16:41 ` [PATCH 4.9 097/264] random: remove incomplete last_data logic Greg Kroah-Hartman
2022-06-23 16:41 ` [PATCH 4.9 098/264] random: remove unused extract_entropy() reserved argument Greg Kroah-Hartman
2022-06-23 16:41 ` [PATCH 4.9 099/264] random: try to actively add entropy rather than passively wait for it Greg Kroah-Hartman
2022-06-23 16:41 ` [PATCH 4.9 100/264] random: rather than entropy_store abstraction, use global Greg Kroah-Hartman
2022-06-23 16:41 ` [PATCH 4.9 101/264] random: remove unused OUTPUT_POOL constants Greg Kroah-Hartman
2022-06-23 16:41 ` [PATCH 4.9 102/264] random: de-duplicate INPUT_POOL constants Greg Kroah-Hartman
2022-06-23 16:41 ` [PATCH 4.9 103/264] random: prepend remaining pool constants with POOL_ Greg Kroah-Hartman
2022-06-23 16:41 ` [PATCH 4.9 104/264] random: cleanup fractional entropy shift constants Greg Kroah-Hartman
2022-06-23 16:41 ` [PATCH 4.9 105/264] random: access input_pool_data directly rather than through pointer Greg Kroah-Hartman
2022-06-23 16:41 ` [PATCH 4.9 106/264] random: simplify arithmetic function flow in account() Greg Kroah-Hartman
2022-06-23 16:41 ` [PATCH 4.9 107/264] random: continually use hwgenerator randomness Greg Kroah-Hartman
2022-06-23 16:41 ` [PATCH 4.9 108/264] random: access primary_pool directly rather than through pointer Greg Kroah-Hartman
2022-06-23 16:41 ` [PATCH 4.9 109/264] random: only call crng_finalize_init() for primary_crng Greg Kroah-Hartman
2022-06-23 16:41 ` [PATCH 4.9 110/264] random: use computational hash for entropy extraction Greg Kroah-Hartman
2022-06-23 16:41 ` [PATCH 4.9 111/264] random: simplify entropy debiting Greg Kroah-Hartman
2022-06-23 16:41 ` [PATCH 4.9 112/264] random: use linear min-entropy accumulation crediting Greg Kroah-Hartman
2022-06-23 16:41 ` [PATCH 4.9 113/264] random: always wake up entropy writers after extraction Greg Kroah-Hartman
2022-06-23 16:41 ` [PATCH 4.9 114/264] random: make credit_entropy_bits() always safe Greg Kroah-Hartman
2022-06-23 16:41 ` [PATCH 4.9 115/264] random: remove use_input_pool parameter from crng_reseed() Greg Kroah-Hartman
2022-06-23 16:41 ` [PATCH 4.9 116/264] random: remove batched entropy locking Greg Kroah-Hartman
2022-06-23 16:41 ` [PATCH 4.9 117/264] random: fix locking in crng_fast_load() Greg Kroah-Hartman
2022-06-23 16:41 ` [PATCH 4.9 118/264] random: use RDSEED instead of RDRAND in entropy extraction Greg Kroah-Hartman
2022-06-23 16:41 ` [PATCH 4.9 119/264] random: inline leaves of rand_initialize() Greg Kroah-Hartman
2022-06-23 16:41 ` [PATCH 4.9 120/264] random: ensure early RDSEED goes through mixer on init Greg Kroah-Hartman
2022-06-23 16:41 ` [PATCH 4.9 121/264] random: do not xor RDRAND when writing into /dev/random Greg Kroah-Hartman
2022-06-23 16:41 ` [PATCH 4.9 122/264] random: absorb fast pool into input pool after fast load Greg Kroah-Hartman
2022-06-23 16:41 ` [PATCH 4.9 123/264] random: use hash function for crng_slow_load() Greg Kroah-Hartman
2022-06-23 16:41 ` [PATCH 4.9 124/264] random: remove outdated INT_MAX >> 6 check in urandom_read() Greg Kroah-Hartman
2022-06-23 16:41 ` [PATCH 4.9 125/264] random: zero buffer after reading entropy from userspace Greg Kroah-Hartman
2022-06-23 16:41 ` [PATCH 4.9 126/264] random: tie batched entropy generation to base_crng generation Greg Kroah-Hartman
2022-06-23 16:42 ` [PATCH 4.9 127/264] random: remove ifdefd out interrupt bench Greg Kroah-Hartman
2022-06-23 16:42 ` [PATCH 4.9 128/264] random: remove unused tracepoints Greg Kroah-Hartman
2022-06-23 16:42 ` [PATCH 4.9 129/264] random: add proper SPDX header Greg Kroah-Hartman
2022-06-23 16:42 ` [PATCH 4.9 130/264] random: deobfuscate irq u32/u64 contributions Greg Kroah-Hartman
2022-06-23 16:42 ` [PATCH 4.9 131/264] random: introduce drain_entropy() helper to declutter crng_reseed() Greg Kroah-Hartman
2022-06-23 16:42 ` [PATCH 4.9 132/264] random: remove useless header comment Greg Kroah-Hartman
2022-06-23 16:42 ` [PATCH 4.9 133/264] random: remove whitespace and reorder includes Greg Kroah-Hartman
2022-06-23 16:42 ` Greg Kroah-Hartman [this message]
2022-06-23 16:42 ` [PATCH 4.9 135/264] random: group entropy extraction functions Greg Kroah-Hartman
2022-06-23 16:42 ` [PATCH 4.9 136/264] random: group entropy collection functions Greg Kroah-Hartman
2022-06-23 16:42 ` [PATCH 4.9 137/264] random: group userspace read/write functions Greg Kroah-Hartman
2022-06-23 16:42 ` [PATCH 4.9 138/264] random: group sysctl functions Greg Kroah-Hartman
2022-06-23 16:42 ` [PATCH 4.9 139/264] random: rewrite header introductory comment Greg Kroah-Hartman
2022-06-23 16:42 ` [PATCH 4.9 140/264] workqueue: make workqueue available early during boot Greg Kroah-Hartman
2022-06-23 16:42 ` [PATCH 4.9 141/264] random: defer fast pool mixing to worker Greg Kroah-Hartman
2022-06-23 16:42 ` [PATCH 4.9 142/264] random: do not take pool spinlock at boot Greg Kroah-Hartman
2022-06-23 16:42 ` [PATCH 4.9 143/264] random: unify early init crng load accounting Greg Kroah-Hartman
2022-06-23 16:42 ` [PATCH 4.9 144/264] random: check for crng_init == 0 in add_device_randomness() Greg Kroah-Hartman
2022-06-23 16:42 ` [PATCH 4.9 145/264] hwrng: core - do not use multiple blank lines Greg Kroah-Hartman
2022-06-23 16:42 ` [PATCH 4.9 146/264] hwrng: core - rewrite better comparison to NULL Greg Kroah-Hartman
2022-06-23 16:42 ` [PATCH 4.9 147/264] hwrng: core - Rewrite the header Greg Kroah-Hartman
2022-06-23 16:42 ` [PATCH 4.9 148/264] hwrng: core - Move hwrng miscdev minor number to include/linux/miscdevice.h Greg Kroah-Hartman
2022-06-23 16:42 ` [PATCH 4.9 149/264] hwrng: core - remove unused PFX macro Greg Kroah-Hartman
2022-06-23 16:42 ` [PATCH 4.9 150/264] hwrng: use rng source with best quality Greg Kroah-Hartman
2022-06-23 16:42 ` [PATCH 4.9 151/264] hwrng: remember rng chosen by user Greg Kroah-Hartman
2022-06-23 16:42 ` [PATCH 4.9 152/264] random: pull add_hwgenerator_randomness() declaration into random.h Greg Kroah-Hartman
2022-06-23 16:42 ` [PATCH 4.9 153/264] random: clear fast pool, crng, and batches in cpuhp bring up Greg Kroah-Hartman
2022-06-23 16:42 ` [PATCH 4.9 154/264] random: round-robin registers as ulong, not u32 Greg Kroah-Hartman
2022-06-23 16:42 ` [PATCH 4.9 155/264] random: only wake up writers after zap if threshold was passed Greg Kroah-Hartman
2022-06-23 16:42 ` [PATCH 4.9 156/264] random: cleanup UUID handling Greg Kroah-Hartman
2022-06-23 16:42 ` [PATCH 4.9 157/264] random: unify cycles_t and jiffies usage and types Greg Kroah-Hartman
2022-06-23 16:42 ` [PATCH 4.9 158/264] random: do crng pre-init loading in worker rather than irq Greg Kroah-Hartman
2022-06-23 16:42 ` [PATCH 4.9 159/264] random: give sysctl_random_min_urandom_seed a more sensible value Greg Kroah-Hartman
2022-06-23 16:42 ` [PATCH 4.9 160/264] random: dont let 644 read-only sysctls be written to Greg Kroah-Hartman
2022-06-23 16:42 ` [PATCH 4.9 161/264] random: replace custom notifier chain with standard one Greg Kroah-Hartman
2022-06-23 16:42 ` [PATCH 4.9 162/264] random: use SipHash as interrupt entropy accumulator Greg Kroah-Hartman
2022-06-23 16:42 ` [PATCH 4.9 163/264] random: make consistent usage of crng_ready() Greg Kroah-Hartman
2022-06-23 16:42 ` [PATCH 4.9 164/264] random: reseed more often immediately after booting Greg Kroah-Hartman
2022-06-23 16:42 ` [PATCH 4.9 165/264] random: check for signal and try earlier when generating entropy Greg Kroah-Hartman
2022-06-23 16:42 ` [PATCH 4.9 166/264] random: skip fast_init if hwrng provides large chunk of entropy Greg Kroah-Hartman
2022-06-23 16:42 ` [PATCH 4.9 167/264] random: treat bootloader trust toggle the same way as cpu trust toggle Greg Kroah-Hartman
2022-06-23 16:42 ` [PATCH 4.9 168/264] random: re-add removed comment about get_random_{u32,u64} reseeding Greg Kroah-Hartman
2022-06-23 16:42 ` [PATCH 4.9 169/264] random: mix build-time latent entropy into pool at init Greg Kroah-Hartman
2022-06-23 16:42 ` [PATCH 4.9 170/264] random: do not split fast init input in add_hwgenerator_randomness() Greg Kroah-Hartman
2022-06-23 16:42 ` [PATCH 4.9 171/264] random: do not allow user to keep crng key around on stack Greg Kroah-Hartman
2022-06-23 16:42 ` [PATCH 4.9 172/264] random: check for signal_pending() outside of need_resched() check Greg Kroah-Hartman
2022-06-23 16:42 ` [PATCH 4.9 173/264] random: check for signals every PAGE_SIZE chunk of /dev/[u]random Greg Kroah-Hartman
2022-06-23 16:42 ` [PATCH 4.9 174/264] random: make random_get_entropy() return an unsigned long Greg Kroah-Hartman
2022-06-23 16:42 ` [PATCH 4.9 175/264] random: document crng_fast_key_erasure() destination possibility Greg Kroah-Hartman
2022-06-23 16:42 ` [PATCH 4.9 176/264] random: fix sysctl documentation nits Greg Kroah-Hartman
2022-06-23 16:42 ` [PATCH 4.9 177/264] init: call time_init() before rand_initialize() Greg Kroah-Hartman
2022-06-23 16:42 ` [PATCH 4.9 178/264] ia64: define get_cycles macro for arch-override Greg Kroah-Hartman
2022-06-23 16:42 ` [PATCH 4.9 179/264] s390: " Greg Kroah-Hartman
2022-06-23 16:42 ` [PATCH 4.9 180/264] parisc: " Greg Kroah-Hartman
2022-06-23 16:42 ` [PATCH 4.9 181/264] alpha: " Greg Kroah-Hartman
2022-06-23 16:42 ` [PATCH 4.9 182/264] powerpc: " Greg Kroah-Hartman
2022-06-23 16:42 ` [PATCH 4.9 183/264] timekeeping: Add raw clock fallback for random_get_entropy() Greg Kroah-Hartman
2022-06-23 16:42 ` [PATCH 4.9 184/264] m68k: use fallback for random_get_entropy() instead of zero Greg Kroah-Hartman
2022-06-23 16:42 ` [PATCH 4.9 185/264] mips: use fallback for random_get_entropy() instead of just c0 random Greg Kroah-Hartman
2022-06-23 16:42 ` [PATCH 4.9 186/264] arm: use fallback for random_get_entropy() instead of zero Greg Kroah-Hartman
2022-06-23 16:43 ` [PATCH 4.9 187/264] nios2: " Greg Kroah-Hartman
2022-06-23 16:43 ` [PATCH 4.9 188/264] x86/tsc: Use " Greg Kroah-Hartman
2022-06-23 16:43 ` [PATCH 4.9 189/264] um: use " Greg Kroah-Hartman
2022-06-23 16:43 ` [PATCH 4.9 190/264] sparc: " Greg Kroah-Hartman
2022-06-23 16:43 ` [PATCH 4.9 191/264] xtensa: " Greg Kroah-Hartman
2022-06-23 16:43 ` [PATCH 4.9 192/264] uapi: rename ext2_swab() to swab() and share globally in swab.h Greg Kroah-Hartman
2022-06-23 16:43 ` [PATCH 4.9 193/264] random: insist on random_get_entropy() existing in order to simplify Greg Kroah-Hartman
2022-06-23 16:43 ` [PATCH 4.9 194/264] random: do not use batches when !crng_ready() Greg Kroah-Hartman
2022-06-23 16:43 ` [PATCH 4.9 195/264] random: do not pretend to handle premature next security model Greg Kroah-Hartman
2022-06-23 16:43 ` [PATCH 4.9 196/264] random: order timer entropy functions below interrupt functions Greg Kroah-Hartman
2022-06-23 16:43 ` [PATCH 4.9 197/264] random: do not use input pool from hard IRQs Greg Kroah-Hartman
2022-06-23 16:43 ` [PATCH 4.9 198/264] random: help compiler out with fast_mix() by using simpler arguments Greg Kroah-Hartman
2022-06-23 16:43 ` [PATCH 4.9 199/264] siphash: use one source of truth for siphash permutations Greg Kroah-Hartman
2022-06-23 16:43 ` [PATCH 4.9 200/264] random: use symbolic constants for crng_init states Greg Kroah-Hartman
2022-06-23 16:43 ` [PATCH 4.9 201/264] random: avoid initializing twice in credit race Greg Kroah-Hartman
2022-06-23 16:43 ` [PATCH 4.9 202/264] random: remove ratelimiting for in-kernel unseeded randomness Greg Kroah-Hartman
2022-06-23 16:43 ` [PATCH 4.9 203/264] random: use proper jiffies comparison macro Greg Kroah-Hartman
2022-06-23 16:43 ` [PATCH 4.9 204/264] random: handle latent entropy and command line from random_init() Greg Kroah-Hartman
2022-06-23 16:43 ` [PATCH 4.9 205/264] random: credit architectural init the exact amount Greg Kroah-Hartman
2022-06-23 16:43 ` [PATCH 4.9 206/264] random: use static branch for crng_ready() Greg Kroah-Hartman
2022-06-23 16:43 ` [PATCH 4.9 207/264] random: remove extern from functions in header Greg Kroah-Hartman
2022-06-23 16:43 ` [PATCH 4.9 208/264] random: use proper return types on get_random_{int,long}_wait() Greg Kroah-Hartman
2022-06-23 16:43 ` [PATCH 4.9 209/264] random: move initialization functions out of hot pages Greg Kroah-Hartman
2022-06-23 16:43 ` [PATCH 4.9 210/264] random: move randomize_page() into mm where it belongs Greg Kroah-Hartman
2022-06-23 16:43 ` [PATCH 4.9 211/264] random: convert to using fops->write_iter() Greg Kroah-Hartman
2022-06-23 16:43 ` [PATCH 4.9 212/264] random: wire up fops->splice_{read,write}_iter() Greg Kroah-Hartman
2022-06-23 16:43 ` [PATCH 4.9 213/264] random: check for signals after page of pool writes Greg Kroah-Hartman
2022-06-23 16:43 ` [PATCH 4.9 214/264] Revert "random: use static branch for crng_ready()" Greg Kroah-Hartman
2022-06-23 16:43 ` [PATCH 4.9 215/264] crypto: drbg - add FIPS 140-2 CTRNG for noise source Greg Kroah-Hartman
2022-06-23 16:43 ` [PATCH 4.9 216/264] crypto: drbg - always seeded with SP800-90B compliant " Greg Kroah-Hartman
2022-06-23 16:43 ` [PATCH 4.9 217/264] crypto: drbg - prepare for more fine-grained tracking of seeding state Greg Kroah-Hartman
2022-06-23 16:43 ` [PATCH 4.9 218/264] crypto: drbg - track whether DRBG was seeded with !rng_is_initialized() Greg Kroah-Hartman
2022-06-23 16:43 ` [PATCH 4.9 219/264] crypto: drbg - move dynamic ->reseed_threshold adjustments to __drbg_seed() Greg Kroah-Hartman
2022-06-23 16:43 ` [PATCH 4.9 220/264] crypto: drbg - always try to free Jitter RNG instance Greg Kroah-Hartman
2022-06-23 16:43 ` [PATCH 4.9 221/264] crypto: drbg - make reseeding from get_random_bytes() synchronous Greg Kroah-Hartman
2022-06-23 16:43 ` [PATCH 4.9 222/264] random: avoid checking crng_ready() twice in random_init() Greg Kroah-Hartman
2022-06-23 16:43 ` [PATCH 4.9 223/264] random: mark bootloader randomness code as __init Greg Kroah-Hartman
2022-06-23 16:43 ` [PATCH 4.9 224/264] random: account for arch randomness in bits Greg Kroah-Hartman
2022-06-23 16:43 ` [PATCH 4.9 225/264] ASoC: cs42l52: Fix TLV scales for mixer controls Greg Kroah-Hartman
2022-06-23 16:43 ` [PATCH 4.9 226/264] ASoC: cs53l30: Correct number of volume levels on SX controls Greg Kroah-Hartman
2022-06-23 16:43 ` [PATCH 4.9 227/264] ASoC: cs42l52: Correct TLV for Bypass Volume Greg Kroah-Hartman
2022-06-23 16:43 ` [PATCH 4.9 228/264] ASoC: cs42l56: Correct typo in minimum level for SX volume controls Greg Kroah-Hartman
2022-06-23 16:43 ` [PATCH 4.9 229/264] ata: libata-core: fix NULL pointer deref in ata_host_alloc_pinfo() Greg Kroah-Hartman
2022-06-23 16:43 ` [PATCH 4.9 230/264] ASoC: wm8962: Fix suspend while playing music Greg Kroah-Hartman
2022-06-23 16:43 ` [PATCH 4.9 231/264] scsi: vmw_pvscsi: Expand vcpuHint to 16 bits Greg Kroah-Hartman
2022-06-23 16:43 ` [PATCH 4.9 232/264] scsi: lpfc: Fix port stuck in bypassed state after LIP in PT2PT topology Greg Kroah-Hartman
2022-06-23 16:43 ` [PATCH 4.9 233/264] virtio-mmio: fix missing put_device() when vm_cmdline_parent registration failed Greg Kroah-Hartman
2022-06-23 16:43 ` [PATCH 4.9 234/264] nfc: nfcmrvl: Fix memory leak in nfcmrvl_play_deferred Greg Kroah-Hartman
2022-06-23 16:43 ` [PATCH 4.9 235/264] ipv6: Fix signed integer overflow in l2tp_ip6_sendmsg Greg Kroah-Hartman
2022-06-23 16:43 ` [PATCH 4.9 236/264] net: ethernet: mtk_eth_soc: fix misuse of mem alloc interface netdev[napi]_alloc_frag Greg Kroah-Hartman
2022-06-23 16:43 ` [PATCH 4.9 237/264] random: credit cpu and bootloader seeds by default Greg Kroah-Hartman
2022-06-23 16:43 ` [PATCH 4.9 238/264] pNFS: Dont keep retrying if the server replied NFS4ERR_LAYOUTUNAVAILABLE Greg Kroah-Hartman
2022-06-23 16:43 ` [PATCH 4.9 239/264] misc: atmel-ssc: Fix IRQ check in ssc_probe Greg Kroah-Hartman
2022-06-23 16:43 ` [PATCH 4.9 240/264] irqchip/gic/realview: Fix refcount leak in realview_gic_of_init Greg Kroah-Hartman
2022-06-23 16:43 ` [PATCH 4.9 241/264] irqchip/gic-v3: Iterate over possible CPUs by for_each_possible_cpu() Greg Kroah-Hartman
2022-06-23 16:43 ` [PATCH 4.9 242/264] comedi: vmk80xx: fix expression for tx buffer size Greg Kroah-Hartman
2022-06-23 16:43 ` [PATCH 4.9 243/264] USB: serial: option: add support for Cinterion MV31 with new baseline Greg Kroah-Hartman
2022-06-23 16:43 ` [PATCH 4.9 244/264] USB: serial: io_ti: add Agilent E5805A support Greg Kroah-Hartman
2022-06-23 16:43 ` [PATCH 4.9 245/264] usb: gadget: lpc32xx_udc: Fix refcount leak in lpc32xx_udc_probe Greg Kroah-Hartman
2022-06-23 16:43 ` [PATCH 4.9 246/264] serial: 8250: Store to lsr_save_flags after lsr read Greg Kroah-Hartman
2022-06-23 16:44 ` [PATCH 4.9 247/264] ext4: fix bug_on ext4_mb_use_inode_pa Greg Kroah-Hartman
2022-06-23 16:44 ` [PATCH 4.9 248/264] ext4: make variable "count" signed Greg Kroah-Hartman
2022-06-23 16:44 ` [PATCH 4.9 249/264] ext4: add reserved GDT blocks check Greg Kroah-Hartman
2022-06-23 16:44 ` [PATCH 4.9 250/264] l2tp: dont use inet_shutdown on ppp session destroy Greg Kroah-Hartman
2022-06-23 16:44 ` [PATCH 4.9 251/264] l2tp: fix race in pppol2tp_release with session object destroy Greg Kroah-Hartman
2022-06-23 16:44 ` [PATCH 4.9 252/264] s390/mm: use non-quiescing sske for KVM switch to keyed guest Greg Kroah-Hartman
2022-06-23 16:44 ` [PATCH 4.9 253/264] xprtrdma: fix incorrect header size calculations Greg Kroah-Hartman
2022-06-23 16:44 ` [PATCH 4.9 254/264] swiotlb: fix info leak with DMA_FROM_DEVICE Greg Kroah-Hartman
2022-06-23 16:44 ` [PATCH 4.9 255/264] Reinstate some of "swiotlb: rework "fix info leak with DMA_FROM_DEVICE"" Greg Kroah-Hartman
2022-06-23 16:44 ` [PATCH 4.9 256/264] fuse: fix pipe buffer lifetime for direct_io Greg Kroah-Hartman
2022-06-23 16:44 ` [PATCH 4.9 257/264] tcp: change source port randomizarion at connect() time Greg Kroah-Hartman
2022-06-23 16:44 ` [PATCH 4.9 258/264] tcp: add some entropy in __inet_hash_connect() Greg Kroah-Hartman
2022-06-23 16:44 ` [PATCH 4.9 259/264] secure_seq: use the 64 bits of the siphash for port offset calculation Greg Kroah-Hartman
2022-06-23 16:44 ` [PATCH 4.9 260/264] tcp: use different parts of the port_offset for index and offset Greg Kroah-Hartman
2022-06-23 16:44 ` [PATCH 4.9 261/264] tcp: add small random increments to the source port Greg Kroah-Hartman
2022-06-23 16:44 ` [PATCH 4.9 262/264] tcp: dynamically allocate the perturb table used by source ports Greg Kroah-Hartman
2022-06-23 16:44 ` [PATCH 4.9 263/264] tcp: increase source port perturb table to 2^16 Greg Kroah-Hartman
2022-06-23 16:44 ` [PATCH 4.9 264/264] tcp: drop the hash_32() part from the index calculation Greg Kroah-Hartman
2022-06-23 19:30 ` [PATCH 4.9 000/264] 4.9.320-rc1 review Florian Fainelli
2022-06-23 20:11 ` Pavel Machek
2022-06-24 0:54 ` Shuah Khan
2022-06-24 23:33 ` Guenter Roeck
2022-06-25 13:53 ` Naresh Kamboju
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20220623164347.857604522@linuxfoundation.org \
--to=gregkh@linuxfoundation.org \
--cc=Jason@zx2c4.com \
--cc=ebiggers@google.com \
--cc=linux-kernel@vger.kernel.org \
--cc=linux@dominikbrodowski.net \
--cc=stable@vger.kernel.org \
--cc=tytso@mit.edu \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).