From: Matt Mackall <mpm@selenic.com>
To: Andrew Morton <akpm@osdl.org>
Cc: linux-kernel@vger.kernel.org
Subject: [PATCH 10/22] /dev/random: entropy reserve logic for starvation preve
Date: Thu, 25 Mar 2004 17:57:44 -0600 [thread overview]
Message-ID: <11.524465763@selenic.com> (raw)
In-Reply-To: <10.524465763@selenic.com>
/dev/random entropy reserve logic for starvation prevention
Additional parameter to allow keeping an entropy reserve in the input
pool. Groundwork for /dev/urandom vs /dev/random starvation prevention.
tiny-mpm/drivers/char/random.c | 30 +++++++++++++++++-------------
1 files changed, 17 insertions(+), 13 deletions(-)
diff -puN drivers/char/random.c~debit-entropy drivers/char/random.c
--- tiny/drivers/char/random.c~debit-entropy 2004-03-20 13:38:26.000000000 -0600
+++ tiny-mpm/drivers/char/random.c 2004-03-20 13:38:26.000000000 -0600
@@ -1264,7 +1264,7 @@ static void MD5Transform(__u32 buf[HASH_
#define SEC_XFER_SIZE (TMP_BUF_SIZE*4)
static ssize_t extract_entropy(struct entropy_store *r, void * buf,
- size_t nbytes, int min, int flags);
+ size_t nbytes, int min, int rsvd, int flags);
/*
* This utility inline function is responsible for transfering entropy
@@ -1283,7 +1283,7 @@ static inline void xfer_secondary_pool(s
bytes * 8, nbytes * 8, r->entropy_count);
bytes=extract_entropy(input_pool, tmp, bytes,
- random_read_wakeup_thresh / 8,
+ random_read_wakeup_thresh / 8, 0,
EXTRACT_ENTROPY_LIMIT);
add_entropy_words(r, tmp, bytes);
credit_entropy_store(r, bytes*8);
@@ -1297,13 +1297,15 @@ static inline void xfer_secondary_pool(s
* number of bytes that are actually obtained. If the EXTRACT_ENTROPY_USER
* flag is given, then the buf pointer is assumed to be in user space.
*
- * If we have less than min bytes of entropy available, exit without
- * transferring any. This helps avoid racing when reseeding.
+ * The min parameter specifies the minimum amount we can pull before
+ * failing to avoid races that defeat catastrophic reseeding while the
+ * reserved parameter indicates how much entropy we must leave in the
+ * pool after each pull to avoid starving other readers.
*
* Note: extract_entropy() assumes that .poolwords is a multiple of 16 words.
*/
static ssize_t extract_entropy(struct entropy_store *r, void * buf,
- size_t nbytes, int min, int flags)
+ size_t nbytes, int min, int reserved, int flags)
{
ssize_t ret, i;
__u32 tmp[TMP_BUF_SIZE];
@@ -1323,17 +1325,19 @@ static ssize_t extract_entropy(struct en
DEBUG_ENT("trying to extract %d bits from %s\n", nbytes * 8, r->name);
- if (r->entropy_count / 8 < min) {
+ /* Can we pull enough? */
+ if (r->entropy_count / 8 < min + reserved) {
nbytes = 0;
} else {
+ /* If limited, never pull more than available */
if (flags & EXTRACT_ENTROPY_LIMIT &&
- nbytes >= r->entropy_count / 8)
- nbytes = r->entropy_count / 8;
+ nbytes + reserved >= r->entropy_count / 8)
+ nbytes = r->entropy_count/8 - reserved;
- if (r->entropy_count / 8 >= nbytes)
+ if(r->entropy_count / 8 >= nbytes + reserved)
r->entropy_count -= nbytes*8;
else
- r->entropy_count = 0;
+ r->entropy_count = reserved;
if (r->entropy_count < random_write_wakeup_thresh)
wake_up_interruptible(&random_write_wait);
@@ -1421,7 +1425,7 @@ static ssize_t extract_entropy(struct en
void get_random_bytes(void *buf, int nbytes)
{
BUG_ON(!blocking_pool);
- extract_entropy(blocking_pool, buf, nbytes, 0, 0);
+ extract_entropy(blocking_pool, buf, nbytes, 0, 0, 0);
}
EXPORT_SYMBOL(get_random_bytes);
@@ -1536,7 +1540,7 @@ random_read(struct file * file, char * b
DEBUG_ENT("reading %d bits\n", n*8);
- n = extract_entropy(blocking_pool, buf, n, 0,
+ n = extract_entropy(blocking_pool, buf, n, 0, 0,
EXTRACT_ENTROPY_USER |
EXTRACT_ENTROPY_LIMIT);
@@ -1589,7 +1593,7 @@ static ssize_t
urandom_read(struct file * file, char * buf,
size_t nbytes, loff_t *ppos)
{
- return extract_entropy(blocking_pool, buf, nbytes, 0,
+ return extract_entropy(blocking_pool, buf, nbytes, 0, 0,
EXTRACT_ENTROPY_USER);
}
_
next prev parent reply other threads:[~2004-03-26 0:01 UTC|newest]
Thread overview: 33+ messages / expand[flat|nested] mbox.gz Atom feed top
2004-03-25 23:57 [PATCH 0/22] /dev/random: Assorted fixes and cleanups Matt Mackall
2004-03-25 23:57 ` [PATCH 1/22] /dev/random: Simplify entropy debugging Matt Mackall
2004-03-25 23:57 ` [PATCH 2/22] /dev/random: Cleanup sleep logic Matt Mackall
2004-03-25 23:57 ` [PATCH 3/22] /dev/random: remove broken resizing sysctl Matt Mackall
2004-03-25 23:57 ` [PATCH 4/22] /dev/random: remove outdated RNDGETPOOL ioctl Matt Mackall
2004-03-25 23:57 ` [PATCH 5/22] /dev/random: pool struct cleanup and rename Matt Mackall
2004-03-25 23:57 ` [PATCH 6/22] /dev/random: simplify pool initialization Matt Mackall
2004-03-25 23:57 ` [PATCH 7/22] /dev/random: simplify reseed logic Matt Mackall
2004-03-25 23:57 ` [PATCH 8/22] /dev/random: BUG on premature random users Matt Mackall
2004-03-25 23:57 ` [PATCH 9/22] /dev/random: more robust catastrophic reseed logic Matt Mackall
2004-03-25 23:57 ` Matt Mackall [this message]
2004-03-25 23:57 ` [PATCH 11/22] /dev/random: flag pools that need entropy reserve Matt Mackall
2004-03-25 23:57 ` [PATCH 12/22] /dev/random: add pool for /dev/urandom to prevent starv Matt Mackall
2004-03-25 23:57 ` [PATCH 13/22] /dev/random: kill extract_timer_state Matt Mackall
2004-03-25 23:57 ` [PATCH 14/22] /dev/random: kill unused md5 copy Matt Mackall
2004-03-25 23:57 ` [PATCH 15/22] /dev/random: kill unrolled SHA code Matt Mackall
2004-03-25 23:57 ` [PATCH 16/22] /dev/random: kill 2.2 cruft Matt Mackall
2004-03-25 23:57 ` [PATCH 17/22] /dev/random: minor shrinkage Matt Mackall
2004-03-25 23:57 ` [PATCH 18/22] /dev/random: bitop cleanup Matt Mackall
2004-03-25 23:57 ` [PATCH 19/22] /dev/random: use sched_clock for timing data Matt Mackall
2004-03-25 23:57 ` [PATCH 20/22] /dev/random: cleanup rol bitop Matt Mackall
2004-03-25 23:57 ` [PATCH 21/22] /dev/random: kill batching of entropy mixing Matt Mackall
2004-03-25 23:57 ` [PATCH 22/22] /dev/random: update credits Matt Mackall
2004-03-27 13:52 ` [PATCH 21/22] /dev/random: kill batching of entropy mixing Jamie Lokier
2004-03-27 15:17 ` Matt Mackall
2004-03-26 1:43 ` [PATCH 15/22] /dev/random: kill unrolled SHA code Jeff Garzik
2004-03-26 3:59 ` Matt Mackall
2004-03-27 13:49 ` Jamie Lokier
2004-03-26 0:15 ` [PATCH 4/22] /dev/random: remove outdated RNDGETPOOL ioctl Andrew Morton
2004-03-26 0:15 ` [PATCH 3/22] /dev/random: remove broken resizing sysctl Andrew Morton
2004-03-26 3:53 ` Matt Mackall
2004-03-26 0:14 ` [PATCH 2/22] /dev/random: Cleanup sleep logic Andrew Morton
2004-03-26 3:49 ` Matt Mackall
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=11.524465763@selenic.com \
--to=mpm@selenic.com \
--cc=akpm@osdl.org \
--cc=linux-kernel@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.