random: split primary/secondary crng init paths
Currently crng_initialize() is used for both the primary CRNG and secondary CRNGs. While we wish to share common logic, we need to do a number of additional things for the primary CRNG, and this would be easier to deal with were these handled in separate functions. This patch splits crng_initialize() into crng_initialize_primary() and crng_initialize_secondary(), with common logic factored out into a crng_init_try_arch() helper. There should be no functional change as a result of this patch. Signed-off-by: Mark Rutland <mark.rutland@arm.com> Cc: Mark Brown <broonie@kernel.org> Cc: Theodore Ts'o <tytso@mit.edu> Link: https://lore.kernel.org/r/20200210130015.17664-2-mark.rutland@arm.com Signed-off-by: Theodore Ts'o <tytso@mit.edu>
This commit is contained in:
Mark Rutland
Theodore Ts'o
parent
f8788d86ab
commit
5cbe0f13b5
1 changed files with 22 additions and 12 deletions
|
|
@ -781,27 +781,37 @@ static int __init parse_trust_cpu(char *arg)
|
||||||
}
|
}
|
||||||
early_param("random.trust_cpu", parse_trust_cpu);
|
early_param("random.trust_cpu", parse_trust_cpu);
|
||||||
|
|
||||||
static void crng_initialize(struct crng_state *crng)
|
static bool crng_init_try_arch(struct crng_state *crng)
|
||||||
{
|
{
|
||||||
int i;
|
int i;
|
||||||
int arch_init = 1;
|
bool arch_init = true;
|
||||||
unsigned long rv;
|
unsigned long rv;
|
||||||
|
|
||||||
memcpy(&crng->state[0], "expand 32-byte k", 16);
|
|
||||||
if (crng == &primary_crng)
|
|
||||||
_extract_entropy(&input_pool, &crng->state[4],
|
|
||||||
sizeof(__u32) * 12, 0);
|
|
||||||
else
|
|
||||||
_get_random_bytes(&crng->state[4], sizeof(__u32) * 12);
|
|
||||||
for (i = 4; i < 16; i++) {
|
for (i = 4; i < 16; i++) {
|
||||||
if (!arch_get_random_seed_long(&rv) &&
|
if (!arch_get_random_seed_long(&rv) &&
|
||||||
!arch_get_random_long(&rv)) {
|
!arch_get_random_long(&rv)) {
|
||||||
rv = random_get_entropy();
|
rv = random_get_entropy();
|
||||||
arch_init = 0;
|
arch_init = false;
|
||||||
}
|
}
|
||||||
crng->state[i] ^= rv;
|
crng->state[i] ^= rv;
|
||||||
}
|
}
|
||||||
if (trust_cpu && arch_init && crng == &primary_crng) {
|
|
||||||
|
return arch_init;
|
||||||
|
}
|
||||||
|
|
||||||
|
static void crng_initialize_secondary(struct crng_state *crng)
|
||||||
|
{
|
||||||
|
memcpy(&crng->state[0], "expand 32-byte k", 16);
|
||||||
|
_get_random_bytes(&crng->state[4], sizeof(__u32) * 12);
|
||||||
|
crng_init_try_arch(crng);
|
||||||
|
crng->init_time = jiffies - CRNG_RESEED_INTERVAL - 1;
|
||||||
|
}
|
||||||
|
|
||||||
|
static void __init crng_initialize_primary(struct crng_state *crng)
|
||||||
|
{
|
||||||
|
memcpy(&crng->state[0], "expand 32-byte k", 16);
|
||||||
|
_extract_entropy(&input_pool, &crng->state[4], sizeof(__u32) * 12, 0);
|
||||||
|
if (crng_init_try_arch(crng) && trust_cpu) {
|
||||||
invalidate_batched_entropy();
|
invalidate_batched_entropy();
|
||||||
numa_crng_init();
|
numa_crng_init();
|
||||||
crng_init = 2;
|
crng_init = 2;
|
||||||
|
|
@ -822,7 +832,7 @@ static void do_numa_crng_init(struct work_struct *work)
|
||||||
crng = kmalloc_node(sizeof(struct crng_state),
|
crng = kmalloc_node(sizeof(struct crng_state),
|
||||||
GFP_KERNEL | __GFP_NOFAIL, i);
|
GFP_KERNEL | __GFP_NOFAIL, i);
|
||||||
spin_lock_init(&crng->lock);
|
spin_lock_init(&crng->lock);
|
||||||
crng_initialize(crng);
|
crng_initialize_secondary(crng);
|
||||||
pool[i] = crng;
|
pool[i] = crng;
|
||||||
}
|
}
|
||||||
mb();
|
mb();
|
||||||
|
|
@ -1771,7 +1781,7 @@ static void __init init_std_data(struct entropy_store *r)
|
||||||
int __init rand_initialize(void)
|
int __init rand_initialize(void)
|
||||||
{
|
{
|
||||||
init_std_data(&input_pool);
|
init_std_data(&input_pool);
|
||||||
crng_initialize(&primary_crng);
|
crng_initialize_primary(&primary_crng);
|
||||||
crng_global_init_time = jiffies;
|
crng_global_init_time = jiffies;
|
||||||
if (ratelimit_disable) {
|
if (ratelimit_disable) {
|
||||||
urandom_warning.interval = 0;
|
urandom_warning.interval = 0;
|
||||||
|
|
|
||||||
Loading…
Add table
Reference in a new issue