From: "Jason A. Donenfeld" <Jason@zx2c4.com>
To: linux-kernel@vger.kernel.org
Cc: "Jason A. Donenfeld" <Jason@zx2c4.com>,
Dominik Brodowski <linux@dominikbrodowski.net>,
Theodore Ts'o <tytso@mit.edu>
Subject: [PATCH] random: mix build-time latent entropy into pool at init
Date: Thu, 31 Mar 2022 11:07:06 -0400 [thread overview]
Message-ID: <20220331150706.124075-1-Jason@zx2c4.com> (raw)
Prior, the "input_pool_data" array needed no real initialization, and so
it was easy to mark it with __latent_entropy to populate it during
compile-time. In switching to using a hash function, this required us to
specifically initialize it to some specific state, which means we
dropped the __latent_entropy attribute. An unfortunate side effect was
this meant the pool was no longer seeded using compile-time random data.
In order to bring this back, we declare an array in rand_initialize()
with __latent_entropy and call mix_pool_bytes() on that at init, which
accomplishes the same thing as before.
Fixes: 6e8ec2552c7d ("random: use computational hash for entropy extraction")
Cc: Dominik Brodowski <linux@dominikbrodowski.net>
Cc: Theodore Ts'o <tytso@mit.edu>
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
---
drivers/char/random.c | 5 +++++
1 file changed, 5 insertions(+)
diff --git a/drivers/char/random.c b/drivers/char/random.c
index 40107f8b9e9e..3a245686809c 100644
--- a/drivers/char/random.c
+++ b/drivers/char/random.c
@@ -975,6 +975,11 @@ int __init rand_initialize(void)
bool arch_init = true;
unsigned long rv;
+#if defined(LATENT_ENTROPY_PLUGIN)
+ static u8 init_latent_entropy[BLAKE2S_BLOCK_SIZE] __latent_entropy;
+ _mix_pool_bytes(init_latent_entropy, sizeof(init_latent_entropy));
+#endif
+
for (i = 0; i < BLAKE2S_BLOCK_SIZE; i += sizeof(rv)) {
if (!arch_get_random_seed_long_early(&rv) &&
!arch_get_random_long_early(&rv)) {
--
2.35.1
next reply other threads:[~2022-03-31 15:07 UTC|newest]
Thread overview: 8+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-03-31 15:07 Jason A. Donenfeld [this message]
2022-03-31 15:26 ` [PATCH v2] random: mix build-time latent entropy into pool at init Jason A. Donenfeld
2022-03-31 16:02 ` Michael Brooks
2022-03-31 18:21 ` Theodore Ts'o
2022-03-31 17:55 ` Theodore Ts'o
2022-04-02 4:44 ` Sandy Harris
2022-04-02 13:48 ` Jason A. Donenfeld
2022-04-04 23:27 ` Eric Biggers
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20220331150706.124075-1-Jason@zx2c4.com \
--to=jason@zx2c4.com \
--cc=linux-kernel@vger.kernel.org \
--cc=linux@dominikbrodowski.net \
--cc=tytso@mit.edu \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.