Linux userland API discussions
 help / color / mirror / Atom feed
* [RFC PATCH 12/14] usb: Add USB subsystem notifications [ver #3]
From: David Howells @ 2020-01-15 13:32 UTC (permalink / raw)
  To: torvalds-de/tnXTf+JLsfHDXvbKv3WD2FQJk+8+b
  Cc: dhowells-H+wXaHxf7aLQT0dZR+AlfA, Greg Kroah-Hartman,
	Casey Schaufler, Stephen Smalley,
	nicolas.dichtel-pdR9zngts4EAvxtiuMwx3w,
	raven-PKsaG3nR2I+sTnJN9+BGXg, Christian Brauner
In-Reply-To: <157909503552.20155.3030058841911628518.stgit-S6HVgzuS8uM4Awkfq6JHfwNdhmdF6hFW@public.gmane.org>

Add a USB subsystem notification mechanism whereby notifications about
hardware events such as device connection, disconnection, reset and I/O
errors, can be reported to a monitoring process asynchronously.

Firstly, an event queue needs to be created:

	pipe2(fds, O_NOTIFICATION_PIPE);
	ioctl(fds[1], IOC_WATCH_QUEUE_SET_SIZE, 256);

then a notification can be set up to report USB notifications via that
queue:

	struct watch_notification_filter filter = {
		.nr_filters = 1,
		.filters = {
			[0] = {
				.type = WATCH_TYPE_USB_NOTIFY,
				.subtype_filter[0] = UINT_MAX;
			},
		},
	};
	ioctl(fds[1], IOC_WATCH_QUEUE_SET_FILTER, &filter);
	notify_devices(fds[1], 12);

After that, messages will be placed into the queue when events occur on a
USB device or bus.  Messages are of the following format:

	struct usb_notification {
		struct watch_notification watch;
		__u32	error;
		__u32	reserved;
		__u8	name_len;
		__u8	name[0];
	} *n;

Where:

	n->watch.type will be WATCH_TYPE_USB_NOTIFY

	n->watch.subtype will be the type of notification, such as
	NOTIFY_USB_DEVICE_ADD.

	n->watch.info & WATCH_INFO_LENGTH will indicate the length of the
	message.

	n->watch.info & WATCH_INFO_ID will be the second argument to
	device_notify(), shifted.

	n->error and n->reserved are intended to convey information such as
	error codes, but are currently not used

	n->name_len and n->name convey the USB device name as an
	unterminated string.  This may be truncated - it is currently
	limited to a maximum 63 chars.

Note that it is permissible for messages to be of variable length - or, at
least, the length may be dependent on the subtype.

Signed-off-by: David Howells <dhowells-H+wXaHxf7aLQT0dZR+AlfA@public.gmane.org>
cc: Greg Kroah-Hartman <gregkh-hQyY1W1yCW8ekmWlsbkhG0B+6BGkLq7r@public.gmane.org>
cc: linux-usb-u79uwXL29TY76Z2rM5mHXA@public.gmane.org
---

 Documentation/watch_queue.rst    |    9 +++++++
 drivers/usb/core/Kconfig         |    9 +++++++
 drivers/usb/core/devio.c         |   47 ++++++++++++++++++++++++++++++++++++++
 drivers/usb/core/hub.c           |    4 +++
 include/linux/usb.h              |   18 +++++++++++++++
 include/uapi/linux/watch_queue.h |   28 ++++++++++++++++++++++-
 samples/watch_queue/watch_test.c |   29 +++++++++++++++++++++++
 7 files changed, 142 insertions(+), 2 deletions(-)

diff --git a/Documentation/watch_queue.rst b/Documentation/watch_queue.rst
index f2299f631ae8..5321a9cb1ab2 100644
--- a/Documentation/watch_queue.rst
+++ b/Documentation/watch_queue.rst
@@ -12,6 +12,8 @@ opened by userspace.  This can be used in conjunction with::
 
     * Block layer event notifications
 
+    * USB subsystem event notifications
+
 
 The notifications buffers can be enabled by:
 
@@ -262,6 +264,13 @@ Any particular buffer can be fed from multiple sources.  Sources include:
     or temporary link loss.  Watches of this type are set on the global device
     watch list.
 
+  * WATCH_TYPE_USB_NOTIFY
+
+    Notifications of this type indicate USB subsystem events, such as
+    attachment, removal, reset and I/O errors.  Separate events are generated
+    for buses and devices.  Watchpoints of this type are set on the global
+    device watch list.
+
 
 Event Filtering
 ===============
diff --git a/drivers/usb/core/Kconfig b/drivers/usb/core/Kconfig
index ecaacc8ed311..57e7b649e48b 100644
--- a/drivers/usb/core/Kconfig
+++ b/drivers/usb/core/Kconfig
@@ -102,3 +102,12 @@ config USB_AUTOSUSPEND_DELAY
 	  The default value Linux has always had is 2 seconds.  Change
 	  this value if you want a different delay and cannot modify
 	  the command line or module parameter.
+
+config USB_NOTIFICATIONS
+	bool "Provide USB hardware event notifications"
+	depends on USB && DEVICE_NOTIFICATIONS
+	help
+	  This option provides support for getting hardware event notifications
+	  on USB devices and interfaces.  This makes use of the
+	  /dev/watch_queue misc device to handle the notification buffer.
+	  device_notify(2) is used to set/remove watches.
diff --git a/drivers/usb/core/devio.c b/drivers/usb/core/devio.c
index 12bb5722b420..3436a2bb6e98 100644
--- a/drivers/usb/core/devio.c
+++ b/drivers/usb/core/devio.c
@@ -41,6 +41,7 @@
 #include <linux/dma-mapping.h>
 #include <asm/byteorder.h>
 #include <linux/moduleparam.h>
+#include <linux/watch_queue.h>
 
 #include "usb.h"
 
@@ -2747,13 +2748,59 @@ static void usbdev_remove(struct usb_device *udev)
 	mutex_unlock(&usbfs_mutex);
 }
 
+#ifdef CONFIG_USB_NOTIFICATIONS
+static noinline void post_usb_notification(const char *devname,
+					   enum usb_notification_type subtype,
+					   u32 error)
+{
+	unsigned int name_len, n_len;
+	u64 id = 0; /* We can put a device ID here for separate dev watches */
+
+	struct {
+		struct usb_notification n;
+		char more_name[USB_NOTIFICATION_MAX_NAME_LEN -
+			       (sizeof(struct usb_notification) -
+				offsetof(struct usb_notification, name))];
+	} n;
+
+	name_len = strlen(devname);
+	name_len = min_t(size_t, name_len, USB_NOTIFICATION_MAX_NAME_LEN);
+	n_len = offsetof(struct usb_notification, name) + name_len;
+
+	memset(&n, 0, sizeof(n));
+	memcpy(n.n.name, devname, n_len);
+
+	n.n.watch.type		= WATCH_TYPE_USB_NOTIFY;
+	n.n.watch.subtype	= subtype;
+	n.n.watch.info		= n_len;
+	n.n.error		= error;
+	n.n.name_len		= name_len;
+
+	post_device_notification(&n.n.watch, id);
+}
+
+void post_usb_device_notification(const struct usb_device *udev,
+				  enum usb_notification_type subtype, u32 error)
+{
+	post_usb_notification(dev_name(&udev->dev), subtype, error);
+}
+
+void post_usb_bus_notification(const struct usb_bus *ubus,
+			       enum usb_notification_type subtype, u32 error)
+{
+	post_usb_notification(ubus->bus_name, subtype, error);
+}
+#endif
+
 static int usbdev_notify(struct notifier_block *self,
 			       unsigned long action, void *dev)
 {
 	switch (action) {
 	case USB_DEVICE_ADD:
+		post_usb_device_notification(dev, NOTIFY_USB_DEVICE_ADD, 0);
 		break;
 	case USB_DEVICE_REMOVE:
+		post_usb_device_notification(dev, NOTIFY_USB_DEVICE_REMOVE, 0);
 		usbdev_remove(dev);
 		break;
 	}
diff --git a/drivers/usb/core/hub.c b/drivers/usb/core/hub.c
index f229ad6952c0..eaf28eed51b0 100644
--- a/drivers/usb/core/hub.c
+++ b/drivers/usb/core/hub.c
@@ -30,6 +30,7 @@
 #include <linux/random.h>
 #include <linux/pm_qos.h>
 #include <linux/kobject.h>
+#include <linux/watch_queue.h>
 
 #include <linux/uaccess.h>
 #include <asm/byteorder.h>
@@ -4606,6 +4607,9 @@ hub_port_init(struct usb_hub *hub, struct usb_device *udev, int port1,
 				(udev->config) ? "reset" : "new", speed,
 				devnum, driver_name);
 
+	if (udev->config)
+		post_usb_device_notification(udev, NOTIFY_USB_DEVICE_RESET, 0);
+
 	/* Set up TT records, if needed  */
 	if (hdev->tt) {
 		udev->tt = hdev->tt;
diff --git a/include/linux/usb.h b/include/linux/usb.h
index e656e7b4b1e4..93fa0666f95a 100644
--- a/include/linux/usb.h
+++ b/include/linux/usb.h
@@ -26,6 +26,7 @@
 struct usb_device;
 struct usb_driver;
 struct wusb_dev;
+enum usb_notification_type;
 
 /*-------------------------------------------------------------------------*/
 
@@ -2015,6 +2016,23 @@ extern void usb_led_activity(enum usb_led_event ev);
 static inline void usb_led_activity(enum usb_led_event ev) {}
 #endif
 
+/*
+ * Notification functions.
+ */
+#ifdef CONFIG_USB_NOTIFICATIONS
+extern void post_usb_device_notification(const struct usb_device *udev,
+					 enum usb_notification_type subtype,
+					 u32 error);
+extern void post_usb_bus_notification(const struct usb_bus *ubus,
+				      enum usb_notification_type subtype,
+				      u32 error);
+#else
+static inline void post_usb_device_notification(const struct usb_device *udev,
+						unsigned int subtype, u32 error) {}
+static inline void post_usb_bus_notification(const struct usb_bus *ubus,
+					     unsigned int subtype, u32 error) {}
+#endif
+
 #endif  /* __KERNEL__ */
 
 #endif
diff --git a/include/uapi/linux/watch_queue.h b/include/uapi/linux/watch_queue.h
index 557771413242..ad1ae229674a 100644
--- a/include/uapi/linux/watch_queue.h
+++ b/include/uapi/linux/watch_queue.h
@@ -15,7 +15,8 @@ enum watch_notification_type {
 	WATCH_TYPE_META		= 0,	/* Special record */
 	WATCH_TYPE_KEY_NOTIFY	= 1,	/* Key change event notification */
 	WATCH_TYPE_BLOCK_NOTIFY	= 2,	/* Block layer event notification */
-	WATCH_TYPE__NR		= 3
+	WATCH_TYPE_USB_NOTIFY	= 3,	/* USB subsystem event notification */
+	WATCH_TYPE__NR		= 4
 };
 
 enum watch_meta_notification_subtype {
@@ -129,4 +130,29 @@ struct block_notification {
 	__u64	sector;			/* Affected sector */
 };
 
+/*
+ * Type of USB layer notification.
+ */
+enum usb_notification_type {
+	NOTIFY_USB_DEVICE_ADD		= 0, /* USB device added */
+	NOTIFY_USB_DEVICE_REMOVE	= 1, /* USB device removed */
+	NOTIFY_USB_DEVICE_RESET		= 2, /* USB device reset */
+	NOTIFY_USB_DEVICE_ERROR		= 3, /* USB device error */
+};
+
+/*
+ * USB subsystem notification record.
+ * - watch.type = WATCH_TYPE_USB_NOTIFY
+ * - watch.subtype = enum usb_notification_type
+ */
+struct usb_notification {
+	struct watch_notification watch; /* WATCH_TYPE_USB_NOTIFY */
+	__u32	error;
+	__u32	reserved;
+	__u8	name_len;		/* Length of device name */
+	__u8	name[0];		/* Device name (padded to __u64, truncated at 63 chars) */
+};
+
+#define USB_NOTIFICATION_MAX_NAME_LEN 63
+
 #endif /* _UAPI_LINUX_WATCH_QUEUE_H */
diff --git a/samples/watch_queue/watch_test.c b/samples/watch_queue/watch_test.c
index f5260fb792d1..e4d47dfcc5d7 100644
--- a/samples/watch_queue/watch_test.c
+++ b/samples/watch_queue/watch_test.c
@@ -84,6 +84,26 @@ static void saw_block_change(struct watch_notification *n, size_t len)
 	       (unsigned long long)b->sector);
 }
 
+static const char *usb_subtypes[256] = {
+	[NOTIFY_USB_DEVICE_ADD]		= "dev-add",
+	[NOTIFY_USB_DEVICE_REMOVE]	= "dev-remove",
+	[NOTIFY_USB_DEVICE_RESET]	= "dev-reset",
+	[NOTIFY_USB_DEVICE_ERROR]	= "dev-error",
+};
+
+static void saw_usb_event(struct watch_notification *n, size_t len)
+{
+	struct usb_notification *u = (struct usb_notification *)n;
+
+	if (len < sizeof(struct usb_notification))
+		return;
+
+	printf("USB %*.*s %s e=%x r=%x\n",
+	       u->name_len, u->name_len, u->name,
+	       usb_subtypes[n->subtype],
+	       u->error, u->reserved);
+}
+
 /*
  * Consume and display events.
  */
@@ -160,6 +180,9 @@ static void consumer(int fd)
 			case WATCH_TYPE_BLOCK_NOTIFY:
 				saw_block_change(&n.n, len);
 				break;
+			case WATCH_TYPE_USB_NOTIFY:
+				saw_usb_event(&n.n, len);
+				break;
 			default:
 				printf("other type\n");
 				break;
@@ -171,7 +194,7 @@ static void consumer(int fd)
 }
 
 static struct watch_notification_filter filter = {
-	.nr_filters	= 2,
+	.nr_filters	= 3,
 	.filters = {
 		[0]	= {
 			.type			= WATCH_TYPE_KEY_NOTIFY,
@@ -181,6 +204,10 @@ static struct watch_notification_filter filter = {
 			.type			= WATCH_TYPE_BLOCK_NOTIFY,
 			.subtype_filter[0]	= UINT_MAX,
 		},
+		[2]	= {
+			.type			= WATCH_TYPE_USB_NOTIFY,
+			.subtype_filter[0]	= UINT_MAX,
+		},
 	},
 };
 

^ permalink raw reply related

* [RFC PATCH 13/14] selinux: Implement the watch_key security hook [ver #3]
From: David Howells @ 2020-01-15 13:32 UTC (permalink / raw)
  To: torvalds-de/tnXTf+JLsfHDXvbKv3WD2FQJk+8+b
  Cc: dhowells-H+wXaHxf7aLQT0dZR+AlfA, Greg Kroah-Hartman,
	Casey Schaufler, Stephen Smalley,
	nicolas.dichtel-pdR9zngts4EAvxtiuMwx3w,
	raven-PKsaG3nR2I+sTnJN9+BGXg, Christian Brauner
In-Reply-To: <157909503552.20155.3030058841911628518.stgit-S6HVgzuS8uM4Awkfq6JHfwNdhmdF6hFW@public.gmane.org>

Implement the watch_key security hook to make sure that a key grants the
caller View permission in order to set a watch on a key.

For the moment, the watch_devices security hook is left unimplemented as
it's not obvious what the object should be since the queue is global and
didn't previously exist.

Signed-off-by: David Howells <dhowells-H+wXaHxf7aLQT0dZR+AlfA@public.gmane.org>
Acked-by: Stephen Smalley <sds-+05T5uksL2qpZYMLLGbcSA@public.gmane.org>
---

 security/selinux/hooks.c |   14 ++++++++++++++
 1 file changed, 14 insertions(+)

diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c
index 116b4d644f68..d838d1b58d88 100644
--- a/security/selinux/hooks.c
+++ b/security/selinux/hooks.c
@@ -6587,6 +6587,17 @@ static int selinux_key_getsecurity(struct key *key, char **_buffer)
 	*_buffer = context;
 	return rc;
 }
+
+#ifdef CONFIG_KEY_NOTIFICATIONS
+static int selinux_watch_key(struct key *key)
+{
+	struct key_security_struct *ksec = key->security;
+	u32 sid = current_sid();
+
+	return avc_has_perm(&selinux_state,
+			    sid, ksec->sid, SECCLASS_KEY, KEY_NEED_VIEW, NULL);
+}
+#endif
 #endif
 
 #ifdef CONFIG_SECURITY_INFINIBAND
@@ -7081,6 +7092,9 @@ static struct security_hook_list selinux_hooks[] __lsm_ro_after_init = {
 	LSM_HOOK_INIT(key_free, selinux_key_free),
 	LSM_HOOK_INIT(key_permission, selinux_key_permission),
 	LSM_HOOK_INIT(key_getsecurity, selinux_key_getsecurity),
+#ifdef CONFIG_KEY_NOTIFICATIONS
+	LSM_HOOK_INIT(watch_key, selinux_watch_key),
+#endif
 #endif
 
 #ifdef CONFIG_AUDIT

^ permalink raw reply related

* [RFC PATCH 14/14] smack: Implement the watch_key and post_notification hooks [ver #3]
From: David Howells @ 2020-01-15 13:32 UTC (permalink / raw)
  To: torvalds
  Cc: dhowells, Greg Kroah-Hartman, Casey Schaufler, Stephen Smalley,
	nicolas.dichtel, raven, Christian Brauner
In-Reply-To: <157909503552.20155.3030058841911628518.stgit@warthog.procyon.org.uk>

Implement the watch_key security hook in Smack to make sure that a key
grants the caller Read permission in order to set a watch on a key.

Also implement the post_notification security hook to make sure that the
notification source is granted Write permission by the watch queue.

For the moment, the watch_devices security hook is left unimplemented as
it's not obvious what the object should be since the queue is global and
didn't previously exist.

Signed-off-by: David Howells <dhowells@redhat.com>
Acked-by: Casey Schaufler <casey@schaufler-ca.com>
---

 include/linux/lsm_audit.h  |    1 +
 security/smack/smack_lsm.c |   82 +++++++++++++++++++++++++++++++++++++++++++-
 2 files changed, 82 insertions(+), 1 deletion(-)

diff --git a/include/linux/lsm_audit.h b/include/linux/lsm_audit.h
index 915330abf6e5..734d67889826 100644
--- a/include/linux/lsm_audit.h
+++ b/include/linux/lsm_audit.h
@@ -74,6 +74,7 @@ struct common_audit_data {
 #define LSM_AUDIT_DATA_FILE	12
 #define LSM_AUDIT_DATA_IBPKEY	13
 #define LSM_AUDIT_DATA_IBENDPORT 14
+#define LSM_AUDIT_DATA_NOTIFICATION 15
 	union 	{
 		struct path path;
 		struct dentry *dentry;
diff --git a/security/smack/smack_lsm.c b/security/smack/smack_lsm.c
index ecea41ce919b..71b6f37d49c1 100644
--- a/security/smack/smack_lsm.c
+++ b/security/smack/smack_lsm.c
@@ -4273,7 +4273,7 @@ static int smack_key_permission(key_ref_t key_ref,
 	if (tkp == NULL)
 		return -EACCES;
 
-	if (smack_privileged_cred(CAP_MAC_OVERRIDE, cred))
+	if (smack_privileged(CAP_MAC_OVERRIDE))
 		return 0;
 
 #ifdef CONFIG_AUDIT
@@ -4319,8 +4319,81 @@ static int smack_key_getsecurity(struct key *key, char **_buffer)
 	return length;
 }
 
+
+#ifdef CONFIG_KEY_NOTIFICATIONS
+/**
+ * smack_watch_key - Smack access to watch a key for notifications.
+ * @key: The key to be watched
+ *
+ * Return 0 if the @watch->cred has permission to read from the key object and
+ * an error otherwise.
+ */
+static int smack_watch_key(struct key *key)
+{
+	struct smk_audit_info ad;
+	struct smack_known *tkp = smk_of_current();
+	int rc;
+
+	if (key == NULL)
+		return -EINVAL;
+	/*
+	 * If the key hasn't been initialized give it access so that
+	 * it may do so.
+	 */
+	if (key->security == NULL)
+		return 0;
+	/*
+	 * This should not occur
+	 */
+	if (tkp == NULL)
+		return -EACCES;
+
+	if (smack_privileged_cred(CAP_MAC_OVERRIDE, current_cred()))
+		return 0;
+
+#ifdef CONFIG_AUDIT
+	smk_ad_init(&ad, __func__, LSM_AUDIT_DATA_KEY);
+	ad.a.u.key_struct.key = key->serial;
+	ad.a.u.key_struct.key_desc = key->description;
+#endif
+	rc = smk_access(tkp, key->security, MAY_READ, &ad);
+	rc = smk_bu_note("key watch", tkp, key->security, MAY_READ, rc);
+	return rc;
+}
+#endif /* CONFIG_KEY_NOTIFICATIONS */
 #endif /* CONFIG_KEYS */
 
+#ifdef CONFIG_WATCH_QUEUE
+/**
+ * smack_post_notification - Smack access to post a notification to a queue
+ * @w_cred: The credentials of the watcher.
+ * @cred: The credentials of the event source (may be NULL).
+ * @n: The notification message to be posted.
+ */
+static int smack_post_notification(const struct cred *w_cred,
+				   const struct cred *cred,
+				   struct watch_notification *n)
+{
+	struct smk_audit_info ad;
+	struct smack_known *subj, *obj;
+	int rc;
+
+	/* Always let maintenance notifications through. */
+	if (n->type == WATCH_TYPE_META)
+		return 0;
+
+	if (!cred)
+		return 0;
+	subj = smk_of_task(smack_cred(cred));
+	obj = smk_of_task(smack_cred(w_cred));
+
+	smk_ad_init(&ad, __func__, LSM_AUDIT_DATA_NOTIFICATION);
+	rc = smk_access(subj, obj, MAY_WRITE, &ad);
+	rc = smk_bu_note("notification", subj, obj, MAY_WRITE, rc);
+	return rc;
+}
+#endif /* CONFIG_WATCH_QUEUE */
+
 /*
  * Smack Audit hooks
  *
@@ -4709,8 +4782,15 @@ static struct security_hook_list smack_hooks[] __lsm_ro_after_init = {
 	LSM_HOOK_INIT(key_free, smack_key_free),
 	LSM_HOOK_INIT(key_permission, smack_key_permission),
 	LSM_HOOK_INIT(key_getsecurity, smack_key_getsecurity),
+#ifdef CONFIG_KEY_NOTIFICATIONS
+	LSM_HOOK_INIT(watch_key, smack_watch_key),
+#endif
 #endif /* CONFIG_KEYS */
 
+#ifdef CONFIG_WATCH_QUEUE
+	LSM_HOOK_INIT(post_notification, smack_post_notification),
+#endif
+
  /* Audit hooks */
 #ifdef CONFIG_AUDIT
 	LSM_HOOK_INIT(audit_rule_init, smack_audit_rule_init),

^ permalink raw reply related

* Re: [PATCH RFC 0/1] mount: universally disallow mounting over symlinks
From: Aleksa Sarai @ 2020-01-15 13:57 UTC (permalink / raw)
  To: Al Viro
  Cc: Linus Torvalds, David Howells, Eric Biederman, stable,
	Christian Brauner, Serge Hallyn, dev, Linux Containers, Linux API,
	linux-fsdevel, Linux Kernel Mailing List, Ian Kent
In-Reply-To: <20200114045733.GW8904@ZenIV.linux.org.uk>

[-- Attachment #1: Type: text/plain, Size: 461 bytes --]

On 2020-01-14, Al Viro <viro@zeniv.linux.org.uk> wrote:
> 1) do you see any problems on your testcases with the current #fixes?
> That's commit 7a955b7363b8 as branch tip.

I just finished testing the few cases I reported earlier and they both
appear to be fixed with the current #work.namei branch. And I don't have
any troubles booting whatsoever.

-- 
Aleksa Sarai
Senior Software Engineer (Containers)
SUSE Linux GmbH
<https://www.cyphar.com/>

[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 228 bytes --]

^ permalink raw reply

* Re: [PATCH RFC 0/1] mount: universally disallow mounting over symlinks
From: Al Viro @ 2020-01-15 14:25 UTC (permalink / raw)
  To: Aleksa Sarai
  Cc: Linus Torvalds, David Howells, Eric Biederman, stable,
	Christian Brauner, Serge Hallyn, dev, Linux Containers, Linux API,
	linux-fsdevel, Linux Kernel Mailing List, Ian Kent
In-Reply-To: <20200114200150.ryld4npoblns2ybe@yavin>

On Wed, Jan 15, 2020 at 07:01:50AM +1100, Aleksa Sarai wrote:

> Yes, there were two patches I sent a while ago[1]. I can re-send them if
> you like. The second patch switches open_how->mode to a u64, but I'm
> still on the fence about whether that makes sense to do...

IMO plain __u64 is better than games with __aligned_u64 - all sizes are
fixed, so...

> [1]: https://lore.kernel.org/lkml/20191219105533.12508-1-cyphar@cyphar.com/

Do you want that series folded into "open: introduce openat2(2) syscall"
and "selftests: add openat2(2) selftests" or would you rather have them
appended at the end of the series.  Personally I'd go for "fold them in"
if it had been about my code, but it's really up to you.

^ permalink raw reply

* Re: [PATCH RFC 0/1] mount: universally disallow mounting over symlinks
From: Aleksa Sarai @ 2020-01-15 14:29 UTC (permalink / raw)
  To: Al Viro
  Cc: Linus Torvalds, David Howells, Eric Biederman, stable,
	Christian Brauner, Serge Hallyn, dev, Linux Containers, Linux API,
	linux-fsdevel, Linux Kernel Mailing List, Ian Kent
In-Reply-To: <20200115142517.GI8904@ZenIV.linux.org.uk>

[-- Attachment #1: Type: text/plain, Size: 1028 bytes --]

On 2020-01-15, Al Viro <viro@zeniv.linux.org.uk> wrote:
> On Wed, Jan 15, 2020 at 07:01:50AM +1100, Aleksa Sarai wrote:
> 
> > Yes, there were two patches I sent a while ago[1]. I can re-send them if
> > you like. The second patch switches open_how->mode to a u64, but I'm
> > still on the fence about whether that makes sense to do...
> 
> IMO plain __u64 is better than games with __aligned_u64 - all sizes are
> fixed, so...
> 
> > [1]: https://lore.kernel.org/lkml/20191219105533.12508-1-cyphar@cyphar.com/
> 
> Do you want that series folded into "open: introduce openat2(2) syscall"
> and "selftests: add openat2(2) selftests" or would you rather have them
> appended at the end of the series.  Personally I'd go for "fold them in"
> if it had been about my code, but it's really up to you.

"fold them in" would probably be better to avoid making the mainline
history confusing afterwards. Thanks.

-- 
Aleksa Sarai
Senior Software Engineer (Containers)
SUSE Linux GmbH
<https://www.cyphar.com/>

[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 228 bytes --]

^ permalink raw reply

* Re: [PATCH RFC 0/1] mount: universally disallow mounting over symlinks
From: Aleksa Sarai @ 2020-01-15 14:34 UTC (permalink / raw)
  To: Al Viro
  Cc: Linus Torvalds, David Howells, Eric Biederman, stable,
	Christian Brauner, Serge Hallyn, dev, Linux Containers, Linux API,
	linux-fsdevel, Linux Kernel Mailing List, Ian Kent
In-Reply-To: <20200115142906.saagd2lse7i7njux@yavin>

[-- Attachment #1: Type: text/plain, Size: 1205 bytes --]

On 2020-01-16, Aleksa Sarai <cyphar@cyphar.com> wrote:
> On 2020-01-15, Al Viro <viro@zeniv.linux.org.uk> wrote:
> > On Wed, Jan 15, 2020 at 07:01:50AM +1100, Aleksa Sarai wrote:
> > 
> > > Yes, there were two patches I sent a while ago[1]. I can re-send them if
> > > you like. The second patch switches open_how->mode to a u64, but I'm
> > > still on the fence about whether that makes sense to do...
> > 
> > IMO plain __u64 is better than games with __aligned_u64 - all sizes are
> > fixed, so...
> > 
> > > [1]: https://lore.kernel.org/lkml/20191219105533.12508-1-cyphar@cyphar.com/
> > 
> > Do you want that series folded into "open: introduce openat2(2) syscall"
> > and "selftests: add openat2(2) selftests" or would you rather have them
> > appended at the end of the series.  Personally I'd go for "fold them in"
> > if it had been about my code, but it's really up to you.
> 
> "fold them in" would probably be better to avoid making the mainline
> history confusing afterwards. Thanks.

Also (if you prefer) I can send a v3 which uses u64s rather than
aligned_u64s.

-- 
Aleksa Sarai
Senior Software Engineer (Containers)
SUSE Linux GmbH
<https://www.cyphar.com/>

[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 228 bytes --]

^ permalink raw reply

* Re: [PATCH RFC 0/1] mount: universally disallow mounting over symlinks
From: Al Viro @ 2020-01-15 14:48 UTC (permalink / raw)
  To: Aleksa Sarai
  Cc: Linus Torvalds, David Howells, Eric Biederman, stable,
	Christian Brauner, Serge Hallyn,
	dev-IGmTWi+3HBZvNhPySn5qfx2eb7JE58TQ, Linux Containers, Linux API,
	linux-fsdevel, Linux Kernel Mailing List, Ian Kent
In-Reply-To: <20200115143459.l4wurqyetkmptsdm@yavin>

On Thu, Jan 16, 2020 at 01:34:59AM +1100, Aleksa Sarai wrote:
> On 2020-01-16, Aleksa Sarai <cyphar-gVpy/LI/lHzQT0dZR+AlfA@public.gmane.org> wrote:
> > On 2020-01-15, Al Viro <viro-RmSDqhL/yNMiFSDQTTA3OLVCufUGDwFn@public.gmane.org> wrote:
> > > On Wed, Jan 15, 2020 at 07:01:50AM +1100, Aleksa Sarai wrote:
> > > 
> > > > Yes, there were two patches I sent a while ago[1]. I can re-send them if
> > > > you like. The second patch switches open_how->mode to a u64, but I'm
> > > > still on the fence about whether that makes sense to do...
> > > 
> > > IMO plain __u64 is better than games with __aligned_u64 - all sizes are
> > > fixed, so...
> > > 
> > > > [1]: https://lore.kernel.org/lkml/20191219105533.12508-1-cyphar-gVpy/LI/lHzQT0dZR+AlfA@public.gmane.org/
> > > 
> > > Do you want that series folded into "open: introduce openat2(2) syscall"
> > > and "selftests: add openat2(2) selftests" or would you rather have them
> > > appended at the end of the series.  Personally I'd go for "fold them in"
> > > if it had been about my code, but it's really up to you.
> > 
> > "fold them in" would probably be better to avoid making the mainline
> > history confusing afterwards. Thanks.
> 
> Also (if you prefer) I can send a v3 which uses u64s rather than
> aligned_u64s.

<mode "lazy bastard">
Could you fold and resend the results of folding (i.e. replacements
for two commits in question)?
</mode>

The hard part is, of course, in updating commit messages ;-)

^ permalink raw reply

* Re: [RFC PATCH 00/14] pipe: Keyrings, Block and USB notifications [ver #3]
From: Linus Torvalds @ 2020-01-15 20:10 UTC (permalink / raw)
  To: David Howells
  Cc: Greg Kroah-Hartman, Casey Schaufler, Stephen Smalley,
	Nicolas Dichtel, Ian Kent, Christian Brauner, keyrings, linux-usb,
	linux-block, LSM List, linux-fsdevel, Linux API,
	Linux Kernel Mailing List
In-Reply-To: <157909503552.20155.3030058841911628518.stgit@warthog.procyon.org.uk>

So I no longer hate the implementation, but I do want to see the
actual user space users come out of the woodwork and try this out for
their use cases.

I'd hate to see a new event queue interface that people then can't
really use due to it not fulfilling their needs, or can't use for some
other reason.

We've had a fair number of kernel interfaces that ended up not being
used all that much, but had one or two minor users and ended up being
nasty long-term maintenance issues.. I don't want this to become yet
another such one.

                 Linus

^ permalink raw reply

* Re: [RFC PATCH 00/14] pipe: Keyrings, Block and USB notifications [ver #3]
From: David Howells @ 2020-01-15 21:07 UTC (permalink / raw)
  To: Linus Torvalds, Greg Kroah-Hartman
  Cc: dhowells, Casey Schaufler, Stephen Smalley, Nicolas Dichtel,
	Ian Kent, Christian Brauner, keyrings, linux-usb, linux-block,
	LSM List, linux-fsdevel, Linux API, Linux Kernel Mailing List
In-Reply-To: <CAHk-=wjrrOgznCy3yUmcmQY1z_7vXVr6GbvKiy8cLvWbxpmzcw@mail.gmail.com>

Linus Torvalds <torvalds@linux-foundation.org> wrote:

> So I no longer hate the implementation, but I do want to see the
> actual user space users come out of the woodwork and try this out for
> their use cases.

I'll see if I can get someone to help fix this:

	https://bugzilla.redhat.com/show_bug.cgi?id=1551648

for the KEYRING kerberos cache using notifications.  Note that the primary
thrust of this BZ is with KCM cache, but it affects KEYRING as well.

Also, I'll poke Greg, since he was interested in using it for USB
notifications.

David

^ permalink raw reply

* Re: [PATCH] mm/compaction: Disable compact_unevictable_allowed on RT
From: Vlastimil Babka @ 2020-01-15 22:04 UTC (permalink / raw)
  To: Sebastian Andrzej Siewior, linux-mm-Bw31MaZKKs3YtjvyW6yDsg
  Cc: Thomas Gleixner, Andrew Morton, Luis Chamberlain, Kees Cook,
	Iurii Zaikin, Mel Gorman, Linux API
In-Reply-To: <20200115161035.893221-1-bigeasy-hfZtesqFncYOwBW4kG4KsQ@public.gmane.org>

On 1/15/2020 5:10 PM, Sebastian Andrzej Siewior wrote:
> Since commit
>     5bbe3547aa3ba ("mm: allow compaction of unevictable pages")
> 
> it is allowed to examine mlocked pages and compact them by default.
> On -RT even minor pagefaults are problematic because it may take a few
> 100us to resolve them and until then the task is blocked.

Fine, this makes sense on RT I guess. There might be some trade-off for
high-order allocation latencies though. We could perhaps migrate such mlocked
pages to pages allocated without __GFP_MOVABLE during the mlock() to at least
somewhat prevent them being scattered all over the zones. For MCL_FUTURE,
allocate them as unmovable from the beginning. But that can wait until issues
are reported.
I assume you have similar solution for NUMA balancing and whatever else can
cause minor faults?

> Make compact_unevictable_allowed = 0 default and remove it from /proc on
> RT.

Removing it is maybe going too far in terms of RT kernel differences confusing
users? Change the default sure, perhaps making it read-only, but removing?

> Link: https://lore.kernel.org/linux-mm/20190710144138.qyn4tuttdq6h7kqx-hfZtesqFncYOwBW4kG4KsQ@public.gmane.org/

In any case the sysctl Documentation/ should be updated? And perhaps also the
mlock manpage as you noted in the older thread above?

Thanks,
Vlastimil

> Signed-off-by: Sebastian Andrzej Siewior <bigeasy-hfZtesqFncYOwBW4kG4KsQ@public.gmane.org>
> ---
>  kernel/sysctl.c | 3 ++-
>  mm/compaction.c | 4 ++++
>  2 files changed, 6 insertions(+), 1 deletion(-)
> 
> diff --git a/kernel/sysctl.c b/kernel/sysctl.c
> index 70665934d53e2..d08bd51a0fbc3 100644
> --- a/kernel/sysctl.c
> +++ b/kernel/sysctl.c
> @@ -1488,6 +1488,7 @@ static struct ctl_table vm_table[] = {
>  		.extra1		= &min_extfrag_threshold,
>  		.extra2		= &max_extfrag_threshold,
>  	},
> +#ifndef CONFIG_PREEMPT_RT
>  	{
>  		.procname	= "compact_unevictable_allowed",
>  		.data		= &sysctl_compact_unevictable_allowed,
> @@ -1497,7 +1498,7 @@ static struct ctl_table vm_table[] = {
>  		.extra1		= SYSCTL_ZERO,
>  		.extra2		= SYSCTL_ONE,
>  	},
> -
> +#endif
>  #endif /* CONFIG_COMPACTION */
>  	{
>  		.procname	= "min_free_kbytes",
> diff --git a/mm/compaction.c b/mm/compaction.c
> index 672d3c78c6abf..b2c804c35ae56 100644
> --- a/mm/compaction.c
> +++ b/mm/compaction.c
> @@ -1590,7 +1590,11 @@ typedef enum {
>   * Allow userspace to control policy on scanning the unevictable LRU for
>   * compactable pages.
>   */
> +#ifdef CONFIG_PREEMPT_RT
> +#define sysctl_compact_unevictable_allowed 0
> +#else
>  int sysctl_compact_unevictable_allowed __read_mostly = 1;
> +#endif
>  
>  static inline void
>  update_fast_start_pfn(struct compact_control *cc, unsigned long pfn)
> 

^ permalink raw reply

* clone3 on ARC (was Re: [PATCH v3 2/2] arch: wire-up clone3() syscall)
From: Vineet Gupta @ 2020-01-15 22:41 UTC (permalink / raw)
  To: Christian Brauner, Arnd Bergmann
  Cc: Al Viro, Linux Kernel Mailing List, Linus Torvalds, Jann Horn,
	Kees Cook, Florian Weimer, Oleg Nesterov, David Howells,
	Andrew Morton, Adrian Reber, Linux API, linux-arch,
	the arch/x86 maintainers, arcml
In-Reply-To: <20190604212930.jaaztvkent32b7d3@brauner.io>

On 6/4/19 2:29 PM, Christian Brauner wrote:
> On Tue, Jun 04, 2019 at 08:40:01PM +0200, Arnd Bergmann wrote:
>> On Tue, Jun 4, 2019 at 6:09 PM Christian Brauner <christian@brauner.io> wrote:
>>>
>>> Wire up the clone3() call on all arches that don't require hand-rolled
>>> assembly.
>>>
>>> Some of the arches look like they need special assembly massaging and it is
>>> probably smarter if the appropriate arch maintainers would do the actual
>>> wiring. Arches that are wired-up are:
>>> - x86{_32,64}
>>> - arm{64}
>>> - xtensa
>>
>> The ones you did look good to me. I would hope that we can do all other
>> architectures the same way, even if they have special assembly wrappers
>> for the old clone(). The most interesting cases appear to be ia64, alpha,
>> m68k and sparc, so it would be good if their maintainers could take a
>> look.
> 
> Yes, agreed. They can sort this out even after this lands.
> 
>>
>> What do you use for testing? Would it be possible to override the
>> internal clone() function in glibc with an LD_PRELOAD library
>> to quickly test one of the other architectures for regressions?
> 
> I have a test program that is rather horrendously ugly and I compiled
> kernels for x86 and the arms and tested in qemu. The program basically
> looks like [1].

I just got around to fixing this for ARC (patch to follow after we sort out the
testing) and was trying to use the test case below for a qucik and dirty smoke
test (so existing toolchain lacking with headers lacking NR_clone3 or struct
clone_args etc). I did hack those up, but then spotted below

uapi/linux/sched.h

|    struct clone_args {
|	__aligned_u64 flags;
|	__aligned_u64 pidfd;
|	__aligned_u64 child_tid;
|	__aligned_u64 parent_tid;
..
..

Are all clone3 arg fields supposed to be 64-bit wide, even things like @child_tid,
@tls .... which are traditionally ARCH word wide ?


> 
> Christian
> 
> [1]:
> #define _GNU_SOURCE
> #include <err.h>
> #include <errno.h>
> #include <fcntl.h>
> #include <linux/sched.h>
> #include <linux/types.h>
> #include <sched.h>
> #include <signal.h>
> #include <stdint.h>
> #include <stdio.h>
> #include <stdlib.h>
> #include <sys/mount.h>
> #include <sys/socket.h>
> #include <sys/stat.h>
> #include <sys/syscall.h>
> #include <sys/sysmacros.h>
> #include <sys/types.h>
> #include <sys/un.h>
> #include <sys/wait.h>
> #include <unistd.h>
> 
> static pid_t raw_clone(struct clone_args *args)
> {
> 	return syscall(__NR_clone3, args, sizeof(struct clone_args));
> }
> 
> static pid_t raw_clone_legacy(int *pidfd, unsigned int flags)
> {
> 	return syscall(__NR_clone, flags, 0, pidfd, 0, 0);
> }
> 
> static int wait_for_pid(pid_t pid)
> {
> 	int status, ret;
> 
> again:
> 	ret = waitpid(pid, &status, 0);
> 	if (ret == -1) {
> 		if (errno == EINTR)
> 			goto again;
> 
> 		return -1;
> 	}
> 
> 	if (ret != pid)
> 		goto again;
> 
> 	if (!WIFEXITED(status) || WEXITSTATUS(status) != 0)
> 		return -1;
> 
> 	return 0;
> }
> 
> #define ptr_to_u64(ptr) ((__u64)((uintptr_t)(ptr)))
> #define u64_to_ptr(n) ((uintptr_t)((__u64)(n)))
> 
> int main(int argc, char *argv[])
> {
> 	int pidfd = -1;
> 	pid_t parent_tid = -1, pid = -1;
> 	struct clone_args args = {0};
> 	args.parent_tid = ptr_to_u64(&parent_tid);
> 	args.pidfd = ptr_to_u64(&pidfd);
> 	args.flags = CLONE_PIDFD | CLONE_PARENT_SETTID;
> 	args.exit_signal = SIGCHLD;
> 
> 	pid = raw_clone(&args);
> 	if (pid < 0) {
> 		fprintf(stderr, "%s - Failed to create new process\n",
> 			strerror(errno));
> 		exit(EXIT_FAILURE);
> 	}
> 
> 	if (pid == 0) {
> 		printf("I am the child with pid %d\n", getpid());
> 		exit(EXIT_SUCCESS);
> 	}
> 
> 	printf("raw_clone: I am the parent. My child's pid is   %d\n", pid);
> 	printf("raw_clone: I am the parent. My child's pidfd is %d\n",
> 	       *(int *)args.pidfd);
> 	printf("raw_clone: I am the parent. My child's paren_tid value is %d\n",
> 	       *(pid_t *)args.parent_tid);
> 
> 	if (wait_for_pid(pid))
> 		exit(EXIT_FAILURE);
> 
> 	if (pid != *(pid_t *)args.parent_tid)
> 		exit(EXIT_FAILURE);
> 
> 	close(pidfd);
> 
> 	printf("\n\n");
> 	pidfd = -1;
> 	pid = raw_clone_legacy(&pidfd, CLONE_PIDFD | SIGCHLD);
> 	if (pid < 0) {
> 		fprintf(stderr, "%s - Failed to create new process\n",
> 			strerror(errno));
> 		exit(EXIT_FAILURE);
> 	}
> 
> 	if (pid == 0) {
> 		printf("I am the child with pid %d\n", getpid());
> 		exit(EXIT_SUCCESS);
> 	}
> 
> 	printf("raw_clone_legacy: I am the parent. My child's pid is   %d\n",
> 	       pid);
> 	printf("raw_clone_legacy: I am the parent. My child's pidfd is %d\n",
> 	       pidfd);
> 
> 	if (wait_for_pid(pid))
> 		exit(EXIT_FAILURE);
> 
> 	if (pid != *(pid_t *)args.parent_tid)
> 		exit(EXIT_FAILURE);
> 
> 	return 0;
> }
> 


^ permalink raw reply

* Re: [PATCH v28 01/12] Linux Random Number Generator
From: Randy Dunlap @ 2020-01-16  0:11 UTC (permalink / raw)
  To: Stephan Müller, Arnd Bergmann
  Cc: Greg Kroah-Hartman, linux-crypto, LKML, linux-api,
	Eric W. Biederman, Alexander E. Patrakov, Ahmed S. Darwish,
	Theodore Y. Ts'o, Willy Tarreau, Matthew Garrett, Vito Caputo,
	Andreas Dilger, Jan Kara, Ray Strode, William Jon McCann, zhangjs,
	Andy Lutomirski, Florian Weimer, Lennart Poettering,
	Nicolai Stange, "Peter, Matthias" <matth>
In-Reply-To: <2211028.KG5F5qfgHC@positron.chronox.de>

Hi,

On 1/15/20 2:31 AM, Stephan Müller wrote:

> CC: "Eric W. Biederman" <ebiederm@xmission.com>
> CC: "Alexander E. Patrakov" <patrakov@gmail.com>
> CC: "Ahmed S. Darwish" <darwish.07@gmail.com>
> CC: "Theodore Y. Ts'o" <tytso@mit.edu>
> CC: Willy Tarreau <w@1wt.eu>
> CC: Matthew Garrett <mjg59@srcf.ucam.org>
> CC: Vito Caputo <vcaputo@pengaru.com>
> CC: Andreas Dilger <adilger.kernel@dilger.ca>
> CC: Jan Kara <jack@suse.cz>
> CC: Ray Strode <rstrode@redhat.com>
> CC: William Jon McCann <mccann@jhu.edu>
> CC: zhangjs <zachary@baishancloud.com>
> CC: Andy Lutomirski <luto@kernel.org>
> CC: Florian Weimer <fweimer@redhat.com>
> CC: Lennart Poettering <mzxreary@0pointer.de>
> CC: Nicolai Stange <nstange@suse.de>
> Mathematical aspects Reviewed-by: "Peter, Matthias" <matthias.peter@bsi.bund.de>
> Reviewed-by: Marcelo Henrique Cerri <marcelo.cerri@canonical.com>
> Reviewed-by: Roman Drahtmueller <draht@schaltsekun.de>
> Tested-by: Roman Drahtmüller <draht@schaltsekun.de>
> Tested-by: Marcelo Henrique Cerri <marcelo.cerri@canonical.com>
> Tested-by: Neil Horman <nhorman@redhat.com>
> Signed-off-by: Stephan Mueller <smueller@chronox.de>
> ---
>  MAINTAINERS                         |   7 +
>  drivers/char/Kconfig                |   2 +
>  drivers/char/Makefile               |   9 +-
>  drivers/char/lrng/Kconfig           |  67 +++
>  drivers/char/lrng/Makefile          |   9 +
>  drivers/char/lrng/lrng_archrandom.c |  94 ++++
>  drivers/char/lrng/lrng_aux.c        | 148 +++++++
>  drivers/char/lrng/lrng_chacha20.c   | 265 ++++++++++++
>  drivers/char/lrng/lrng_chacha20.h   |  25 ++
>  drivers/char/lrng/lrng_drng.c       | 400 +++++++++++++++++
>  drivers/char/lrng/lrng_interfaces.c | 638 ++++++++++++++++++++++++++++
>  drivers/char/lrng/lrng_internal.h   | 296 +++++++++++++
>  drivers/char/lrng/lrng_lfsr.h       | 152 +++++++
>  drivers/char/lrng/lrng_pool.c       | 588 +++++++++++++++++++++++++
>  drivers/char/lrng/lrng_sw_noise.c   | 102 +++++
>  drivers/char/lrng/lrng_sw_noise.h   |  57 +++
>  include/linux/lrng.h                |  63 +++
>  17 files changed, 2921 insertions(+), 1 deletion(-)
>  create mode 100644 drivers/char/lrng/Kconfig
>  create mode 100644 drivers/char/lrng/Makefile
>  create mode 100644 drivers/char/lrng/lrng_archrandom.c
>  create mode 100644 drivers/char/lrng/lrng_aux.c
>  create mode 100644 drivers/char/lrng/lrng_chacha20.c
>  create mode 100644 drivers/char/lrng/lrng_chacha20.h
>  create mode 100644 drivers/char/lrng/lrng_drng.c
>  create mode 100644 drivers/char/lrng/lrng_interfaces.c
>  create mode 100644 drivers/char/lrng/lrng_internal.h
>  create mode 100644 drivers/char/lrng/lrng_lfsr.h
>  create mode 100644 drivers/char/lrng/lrng_pool.c
>  create mode 100644 drivers/char/lrng/lrng_sw_noise.c
>  create mode 100644 drivers/char/lrng/lrng_sw_noise.h
>  create mode 100644 include/linux/lrng.h
> 

> diff --git a/drivers/char/lrng/Kconfig b/drivers/char/lrng/Kconfig
> new file mode 100644
> index 000000000000..56f13efd3592
> --- /dev/null
> +++ b/drivers/char/lrng/Kconfig
> @@ -0,0 +1,67 @@
> +# SPDX-License-Identifier: GPL-2.0
> +#
> +# Linux Random Number Generator configuration
> +#
> +
> +menuconfig LRNG
> +	bool "Linux Random Number Generator"

This should probably depend on CRYPTO and/or some other CRYPTO_xxx symbols.
Or (worst case) select them.  :(

This message (when CONFIG_CRYPTO is disabled and no crypto facilities are enabled)
should be avoidable when the correct Kconfig entries are used:

../drivers/char/lrng/lrng_drbg.c:38:2: error: #error "Unknown DRBG in use"
 #error "Unknown DRBG in use"


> +	help
> +	  The Linux Random Number Generator (LRNG) is the replacement
> +	  of the existing /dev/random provided with drivers/char/random.c.
> +	  It generates entropy from different noise sources and
> +	  delivers significant entropy during boot.
> +
> +if LRNG
> +
> +choice
> +	prompt "LRNG Entropy Pool Size"
> +	default LRNG_POOL_SIZE_4096
> +	help
> +	  Select the size of the LRNG entropy pool. The size of the
> +	  entropy pool is relevant for the amount of entropy that
> +	  the LRNG can maintain as a maximum. The larger the size
> +	  of the entropy pool is the more entropy can be maintained
> +	  but the less often older entropic values are overwritten
> +	  with new entropy.
> +
> +	config LRNG_POOL_SIZE_512
> +		bool "512 bits"
> +
> +	config LRNG_POOL_SIZE_1024
> +		bool "1024 bits"
> +
> +	config LRNG_POOL_SIZE_2048
> +		bool "2048 bits"
> +
> +	config LRNG_POOL_SIZE_4096
> +		bool "4096 bits (default)"
> +
> +	config LRNG_POOL_SIZE_8192
> +		bool "8192 bits"
> +
> +	config LRNG_POOL_SIZE_16384
> +		bool "16384 bits"
> +
> +	config LRNG_POOL_SIZE_32768
> +		bool "32768 bits"
> +
> +	config LRNG_POOL_SIZE_65536
> +		bool "65536 bits"
> +
> +	config LRNG_POOL_SIZE_131072
> +		bool "131072 bits"
> +endchoice
> +
> +config LRNG_POOL_SIZE
> +	int
> +	default 0 if LRNG_POOL_SIZE_512
> +	default 1 if LRNG_POOL_SIZE_1024
> +	default 2 if LRNG_POOL_SIZE_2048
> +	default 3 if LRNG_POOL_SIZE_4096
> +	default 4 if LRNG_POOL_SIZE_8192
> +	default 5 if LRNG_POOL_SIZE_16384
> +	default 6 if LRNG_POOL_SIZE_32768
> +	default 7 if LRNG_POOL_SIZE_65536
> +	default 8 if LRNG_POOL_SIZE_131072
> +
> +endif # LRNG

> diff --git a/drivers/char/lrng/lrng_archrandom.c b/drivers/char/lrng/lrng_archrandom.c
> new file mode 100644
> index 000000000000..eeba708d025f
> --- /dev/null
> +++ b/drivers/char/lrng/lrng_archrandom.c
> @@ -0,0 +1,94 @@
> +// SPDX-License-Identifier: GPL-2.0 OR BSD-2-Clause
> +/*
> + * LRNG Fast Noise Source: CPU-based noise source
> + *
> + * Copyright (C) 2016 - 2020, Stephan Mueller <smueller@chronox.de>
> + */
> +
> +#define pr_fmt(fmt) KBUILD_MODNAME ": " fmt
> +
> +#include <linux/random.h>
> +
> +#include "lrng_internal.h"
> +
> +/*
> + * Estimated entropy of data is a 32th of LRNG_DRNG_SECURITY_STRENGTH_BITS.
> + * As we have no ability to review the implementation of those noise sources,
> + * it is prudent to have a conservative estimate here.
> + */
> +#define LRNG_ARCHRANDOM_DEFAULT_STRENGTH (LRNG_DRNG_SECURITY_STRENGTH_BITS>>5)
> +#define LRNG_ARCHRANDOM_TRUST_CPU_STRENGTH LRNG_DRNG_SECURITY_STRENGTH_BITS
> +#ifdef CONFIG_RANDOM_TRUST_CPU
> +static u32 archrandom = LRNG_ARCHRANDOM_TRUST_CPU_STRENGTH;
> +#else
> +static u32 archrandom = LRNG_ARCHRANDOM_DEFAULT_STRENGTH;
> +#endif
> +module_param(archrandom, uint, 0644);
> +MODULE_PARM_DESC(archrandom, "Entropy in bits of 256 data bits from CPU noise "
> +			     "source (e.g. RDRAND)");

Please put the string on one line like several other MODULE_PARM_DESC() are done:

+MODULE_PARM_DESC(archrandom,
+		"Entropy in bits of 256 data bits from CPU noise source (e.g. RDRAND)");


With CONFIG_CRYPTO disabled, these warnings happen:

WARNING: unmet direct dependencies detected for CRYPTO_DRBG_MENU
  Depends on [n]: CRYPTO [=n]
  Selected by [m]:
  - LRNG_DRBG [=m] && LRNG [=y] && LRNG_DRNG_SWITCH [=y]

WARNING: unmet direct dependencies detected for CRYPTO_RNG
  Depends on [n]: CRYPTO [=n]
  Selected by [m]:
  - LRNG_KCAPI [=m] && LRNG [=y] && LRNG_DRNG_SWITCH [=y]

../drivers/char/lrng/lrng_drbg.c: In function ‘lrng_hash_name’:
../drivers/char/lrng/lrng_drbg.c:225:1: warning: control reaches end of non-void function [-Wreturn-type]
 }
 ^
../drivers/char/lrng/lrng_drbg.c: In function ‘lrng_drbg_name’:
../drivers/char/lrng/lrng_drbg.c:220:1: warning: control reaches end of non-void function [-Wreturn-type]
 }
 ^

and build errors happen also, which can be prevented with Kconfig fixes.

-- 
~Randy
Reported-by: Randy Dunlap <rdunlap@infradead.org>

^ permalink raw reply

* Re: [PATCH v28 06/12] LRNG - add SP800-90A DRBG extension
From: Randy Dunlap @ 2020-01-16  0:14 UTC (permalink / raw)
  To: Stephan Müller, Arnd Bergmann
  Cc: Greg Kroah-Hartman, linux-crypto, LKML, linux-api,
	Eric W. Biederman, Alexander E. Patrakov, Ahmed S. Darwish,
	Theodore Y. Ts'o, Willy Tarreau, Matthew Garrett, Vito Caputo,
	Andreas Dilger, Jan Kara, Ray Strode, William Jon McCann, zhangjs,
	Andy Lutomirski, Florian Weimer, Lennart Poettering,
	Nicolai Stange, "Peter, Matthias" <matth>
In-Reply-To: <12396284.QuoJzrrf7p@positron.chronox.de>

On 1/15/20 2:33 AM, Stephan Müller wrote:

> 
> CC: "Eric W. Biederman" <ebiederm@xmission.com>
> CC: "Alexander E. Patrakov" <patrakov@gmail.com>
> CC: "Ahmed S. Darwish" <darwish.07@gmail.com>
> CC: "Theodore Y. Ts'o" <tytso@mit.edu>
> CC: Willy Tarreau <w@1wt.eu>
> CC: Matthew Garrett <mjg59@srcf.ucam.org>
> CC: Vito Caputo <vcaputo@pengaru.com>
> CC: Andreas Dilger <adilger.kernel@dilger.ca>
> CC: Jan Kara <jack@suse.cz>
> CC: Ray Strode <rstrode@redhat.com>
> CC: William Jon McCann <mccann@jhu.edu>
> CC: zhangjs <zachary@baishancloud.com>
> CC: Andy Lutomirski <luto@kernel.org>
> CC: Florian Weimer <fweimer@redhat.com>
> CC: Lennart Poettering <mzxreary@0pointer.de>
> CC: Nicolai Stange <nstange@suse.de>
> Reviewed-by: Roman Drahtmueller <draht@schaltsekun.de>
> Tested-by: Roman Drahtmüller <draht@schaltsekun.de>
> Tested-by: Marcelo Henrique Cerri <marcelo.cerri@canonical.com>
> Tested-by: Neil Horman <nhorman@redhat.com>
> Signed-off-by: Stephan Mueller <smueller@chronox.de>
> ---
>  drivers/char/lrng/Kconfig     |  11 ++
>  drivers/char/lrng/Makefile    |   1 +
>  drivers/char/lrng/lrng_drbg.c | 260 ++++++++++++++++++++++++++++++++++
>  3 files changed, 272 insertions(+)
>  create mode 100644 drivers/char/lrng/lrng_drbg.c
> 
> diff --git a/drivers/char/lrng/Kconfig b/drivers/char/lrng/Kconfig
> index cb701bb0b8b6..15fb623d9d1f 100644
> --- a/drivers/char/lrng/Kconfig
> +++ b/drivers/char/lrng/Kconfig
> @@ -71,4 +71,15 @@ menuconfig LRNG_DRNG_SWITCH
>  	  accessible via the external interfaces. With this configuration
>  	  option other DRNGs can be selected and loaded at runtime.
>  
> +if LRNG_DRNG_SWITCH
> +config LRNG_DRBG
> +	tristate "SP800-90A support for the LRNG"
> +	select CRYPTO_DRBG_MENU
> +	select CRYPTO_CMAC if CRYPTO_DRBG_CTR

Don't select these if CRYPTO is not already set/enabled.
It causes Kconfig warnings and possible build errors.

> +	help
> +	  Enable the SP800-90A DRBG support for the LRNG. Once the
> +	  module is loaded, output from /dev/random, /dev/urandom,
> +	  getrandom(2), or get_random_bytes is provided by a DRBG.
> +endif # LRNG_DRNG_SWITCH
> +
>  endif # LRNG

> diff --git a/drivers/char/lrng/lrng_drbg.c b/drivers/char/lrng/lrng_drbg.c
> new file mode 100644
> index 000000000000..8bf2badb1fe0
> --- /dev/null
> +++ b/drivers/char/lrng/lrng_drbg.c
> @@ -0,0 +1,260 @@
> +// SPDX-License-Identifier: GPL-2.0 OR BSD-2-Clause
> +/*
> + * Backend for the LRNG providing the cryptographic primitives using the
> + * kernel crypto API and its DRBG.
> + *
> + * Copyright (C) 2016 - 2020, Stephan Mueller <smueller@chronox.de>
> + */
> +
> +#define pr_fmt(fmt) KBUILD_MODNAME ": " fmt
> +
> +#include <crypto/drbg.h>
> +#include <linux/init.h>
> +#include <linux/module.h>
> +#include <linux/lrng.h>
> +
> +/*
> + * Define a DRBG plus a hash / MAC used to extract data from the entropy pool.
> + * For LRNG_HASH_NAME you can use a hash or a MAC (HMAC or CMAC) of your choice
> + * (Note, you should use the suggested selections below -- using SHA-1 or MD5
> + * is not wise). The idea is that the used cipher primitive can be selected to
> + * be the same as used for the DRBG. I.e. the LRNG only uses one cipher
> + * primitive using the same cipher implementation with the options offered in
> + * the following. This means, if the CTR DRBG is selected and AES-NI is present,
> + * both the CTR DRBG and the selected cmac(aes) use AES-NI.
> + *
> + * The security strengths of the DRBGs are all 256 bits according to
> + * SP800-57 section 5.6.1.
> + *
> + * This definition is allowed to be changed.
> + */
> +#ifdef CONFIG_CRYPTO_DRBG_CTR
> +static unsigned int lrng_drbg_type = 0;
> +#elif defined CONFIG_CRYPTO_DRBG_HMAC
> +static unsigned int lrng_drbg_type = 1;
> +#elif defined CONFIG_CRYPTO_DRBG_HASH
> +static unsigned int lrng_drbg_type = 2;
> +#else
> +#error "Unknown DRBG in use"
> +#endif
> +
> +/* The parameter must be r/o in sysfs as otherwise races appear. */
> +module_param(lrng_drbg_type, uint, 0444);
> +MODULE_PARM_DESC(lrng_drbg_type, "DRBG type used for LRNG (0->CTR_DRBG, "
> +				 "1->HMAC_DRBG, 2->Hash_DRBG)");

One line for the string, please, not split.

-- 
~Randy
Reported-by: Randy Dunlap <rdunlap@infradead.org>

^ permalink raw reply

* Re: [PATCH v28 07/12] LRNG - add kernel crypto API PRNG extension
From: Randy Dunlap @ 2020-01-16  0:15 UTC (permalink / raw)
  To: Stephan Müller, Arnd Bergmann
  Cc: Greg Kroah-Hartman, linux-crypto, LKML, linux-api,
	Eric W. Biederman, Alexander E. Patrakov, Ahmed S. Darwish,
	Theodore Y. Ts'o, Willy Tarreau, Matthew Garrett, Vito Caputo,
	Andreas Dilger, Jan Kara, Ray Strode, William Jon McCann, zhangjs,
	Andy Lutomirski, Florian Weimer, Lennart Poettering,
	Nicolai Stange, "Peter, Matthias" <matth>
In-Reply-To: <526421170.FD02tCEzJt@positron.chronox.de>

On 1/15/20 2:34 AM, Stephan Müller wrote:
> 
> CC: "Eric W. Biederman" <ebiederm@xmission.com>
> CC: "Alexander E. Patrakov" <patrakov@gmail.com>
> CC: "Ahmed S. Darwish" <darwish.07@gmail.com>
> CC: "Theodore Y. Ts'o" <tytso@mit.edu>
> CC: Willy Tarreau <w@1wt.eu>
> CC: Matthew Garrett <mjg59@srcf.ucam.org>
> CC: Vito Caputo <vcaputo@pengaru.com>
> CC: Andreas Dilger <adilger.kernel@dilger.ca>
> CC: Jan Kara <jack@suse.cz>
> CC: Ray Strode <rstrode@redhat.com>
> CC: William Jon McCann <mccann@jhu.edu>
> CC: zhangjs <zachary@baishancloud.com>
> CC: Andy Lutomirski <luto@kernel.org>
> CC: Florian Weimer <fweimer@redhat.com>
> CC: Lennart Poettering <mzxreary@0pointer.de>
> CC: Nicolai Stange <nstange@suse.de>
> Reviewed-by: Marcelo Henrique Cerri <marcelo.cerri@canonical.com>
> Reviewed-by: Roman Drahtmueller <draht@schaltsekun.de>
> Tested-by: Roman Drahtmüller <draht@schaltsekun.de>
> Tested-by: Marcelo Henrique Cerri <marcelo.cerri@canonical.com>
> Tested-by: Neil Horman <nhorman@redhat.com>
> Signed-off-by: Stephan Mueller <smueller@chronox.de>
> ---
>  drivers/char/lrng/Kconfig      |  10 +
>  drivers/char/lrng/Makefile     |   1 +
>  drivers/char/lrng/lrng_kcapi.c | 327 +++++++++++++++++++++++++++++++++
>  3 files changed, 338 insertions(+)
>  create mode 100644 drivers/char/lrng/lrng_kcapi.c
> 
> diff --git a/drivers/char/lrng/Kconfig b/drivers/char/lrng/Kconfig
> index 15fb623d9d1f..0d070a3897dd 100644
> --- a/drivers/char/lrng/Kconfig
> +++ b/drivers/char/lrng/Kconfig
> @@ -80,6 +80,16 @@ config LRNG_DRBG
>  	  Enable the SP800-90A DRBG support for the LRNG. Once the
>  	  module is loaded, output from /dev/random, /dev/urandom,
>  	  getrandom(2), or get_random_bytes is provided by a DRBG.
> +
> +config LRNG_KCAPI
> +	tristate "Kernel Crypto API support for the LRNG"
> +	select CRYPTO_RNG

Don't select CRYPTO_RNG unless you know that CRYPTO is set/enabled.

> +	help
> +	  Enable the support for generic pseudo-random number
> +	  generators offered by the kernel crypto API with the
> +	  LRNG. Once the module is loaded, output from /dev/random,
> +	  /dev/urandom, getrandom(2), or get_random_bytes is
> +	  provided by the selected kernel crypto API RNG.
>  endif # LRNG_DRNG_SWITCH
>  
>  endif # LRNG


-- 
~Randy
Reported-by: Randy Dunlap <rdunlap@infradead.org>

^ permalink raw reply

* Re: [PATCH v28 09/12] LRNG - add Jitter RNG fast noise source
From: Randy Dunlap @ 2020-01-16  0:17 UTC (permalink / raw)
  To: Stephan Müller, Arnd Bergmann
  Cc: Greg Kroah-Hartman, linux-crypto, LKML, linux-api,
	Eric W. Biederman, Alexander E. Patrakov, Ahmed S. Darwish,
	Theodore Y. Ts'o, Willy Tarreau, Matthew Garrett, Vito Caputo,
	Andreas Dilger, Jan Kara, Ray Strode, William Jon McCann, zhangjs,
	Andy Lutomirski, Florian Weimer, Lennart Poettering,
	Nicolai Stange, "Peter, Matthias" <matth>
In-Reply-To: <2704719.5neY5jeiZ3@positron.chronox.de>

On 1/15/20 2:34 AM, Stephan Müller wrote:

> 
> CC: "Eric W. Biederman" <ebiederm@xmission.com>
> CC: "Alexander E. Patrakov" <patrakov@gmail.com>
> CC: "Ahmed S. Darwish" <darwish.07@gmail.com>
> CC: "Theodore Y. Ts'o" <tytso@mit.edu>
> CC: Willy Tarreau <w@1wt.eu>
> CC: Matthew Garrett <mjg59@srcf.ucam.org>
> CC: Vito Caputo <vcaputo@pengaru.com>
> CC: Andreas Dilger <adilger.kernel@dilger.ca>
> CC: Jan Kara <jack@suse.cz>
> CC: Ray Strode <rstrode@redhat.com>
> CC: William Jon McCann <mccann@jhu.edu>
> CC: zhangjs <zachary@baishancloud.com>
> CC: Andy Lutomirski <luto@kernel.org>
> CC: Florian Weimer <fweimer@redhat.com>
> CC: Lennart Poettering <mzxreary@0pointer.de>
> CC: Nicolai Stange <nstange@suse.de>
> Reviewed-by: Marcelo Henrique Cerri <marcelo.cerri@canonical.com>
> Reviewed-by: Roman Drahtmueller <draht@schaltsekun.de>
> Tested-by: Roman Drahtmüller <draht@schaltsekun.de>
> Tested-by: Marcelo Henrique Cerri <marcelo.cerri@canonical.com>
> Tested-by: Neil Horman <nhorman@redhat.com>
> Signed-off-by: Stephan Mueller <smueller@chronox.de>
> ---
>  drivers/char/lrng/Kconfig     | 11 +++++
>  drivers/char/lrng/Makefile    |  1 +
>  drivers/char/lrng/lrng_jent.c | 89 +++++++++++++++++++++++++++++++++++
>  3 files changed, 101 insertions(+)
>  create mode 100644 drivers/char/lrng/lrng_jent.c
> 
> diff --git a/drivers/char/lrng/Kconfig b/drivers/char/lrng/Kconfig
> index 0d070a3897dd..10b7cbdb8c8e 100644
> --- a/drivers/char/lrng/Kconfig
> +++ b/drivers/char/lrng/Kconfig
> @@ -92,4 +92,15 @@ config LRNG_KCAPI
>  	  provided by the selected kernel crypto API RNG.
>  endif # LRNG_DRNG_SWITCH
>  
> +config LRNG_JENT
> +	bool "Enable Jitter RNG as LRNG Seed Source"
> +	select CRYPTO_JITTERENTROPY

Don't select unless CRYPTO is already set/enabled.

> +	help
> +	  The Linux RNG may use the Jitter RNG as noise source. Enabling
> +	  this option enables the use of the Jitter RNG. Its default
> +	  entropy level is 16 bits of entropy per 256 data bits delivered
> +	  by the Jitter RNG. This entropy level can be changed at boot
> +	  time or at runtime with the lrng_base.jitterrng configuration
> +	  variable.
> +
>  endif # LRNG

> diff --git a/drivers/char/lrng/lrng_jent.c b/drivers/char/lrng/lrng_jent.c
> new file mode 100644
> index 000000000000..ff0bbe2680c4
> --- /dev/null
> +++ b/drivers/char/lrng/lrng_jent.c
> @@ -0,0 +1,89 @@
> +// SPDX-License-Identifier: GPL-2.0 OR BSD-2-Clause
> +/*
> + * LRNG Fast Noise Source: Jitter RNG
> + *
> + * Copyright (C) 2016 - 2020, Stephan Mueller <smueller@chronox.de>
> + */
> +
> +#define pr_fmt(fmt) KBUILD_MODNAME ": " fmt
> +
> +#include <linux/types.h>
> +#include <crypto/internal/jitterentropy.h>
> +
> +#include "lrng_internal.h"
> +
> +/*
> + * Estimated entropy of data is a 16th of LRNG_DRNG_SECURITY_STRENGTH_BITS.
> + * Albeit a full entropy assessment is provided for the noise source indicating
> + * that it provides high entropy rates and considering that it deactivates
> + * when it detects insufficient hardware, the chosen under estimation of
> + * entropy is considered to be acceptable to all reviewers.
> + */
> +static u32 jitterrng = LRNG_DRNG_SECURITY_STRENGTH_BITS>>4;
> +module_param(jitterrng, uint, 0644);
> +MODULE_PARM_DESC(jitterrng, "Entropy in bits of 256 data bits from Jitter "
> +			    "RNG noise source");

One line for the string, please, not split to 2 lines.

-- 
~Randy
Reported-by: Randy Dunlap <rdunlap@infradead.org>

^ permalink raw reply

* Re: [PATCH v28 11/12] LRNG - add interface for gathering of raw entropy
From: Randy Dunlap @ 2020-01-16  0:18 UTC (permalink / raw)
  To: Stephan Müller, Arnd Bergmann
  Cc: Greg Kroah-Hartman, linux-crypto, LKML, linux-api,
	Eric W. Biederman, Alexander E. Patrakov, Ahmed S. Darwish,
	Theodore Y. Ts'o, Willy Tarreau, Matthew Garrett, Vito Caputo,
	Andreas Dilger, Jan Kara, Ray Strode, William Jon McCann, zhangjs,
	Andy Lutomirski, Florian Weimer, Lennart Poettering,
	Nicolai Stange, "Peter, Matthias" <matth>
In-Reply-To: <2048458.ADJAtTWDj8@positron.chronox.de>

On 1/15/20 2:35 AM, Stephan Müller wrote:

> 
> CC: "Eric W. Biederman" <ebiederm@xmission.com>
> CC: "Alexander E. Patrakov" <patrakov@gmail.com>
> CC: "Ahmed S. Darwish" <darwish.07@gmail.com>
> CC: "Theodore Y. Ts'o" <tytso@mit.edu>
> CC: Willy Tarreau <w@1wt.eu>
> CC: Matthew Garrett <mjg59@srcf.ucam.org>
> CC: Vito Caputo <vcaputo@pengaru.com>
> CC: Andreas Dilger <adilger.kernel@dilger.ca>
> CC: Jan Kara <jack@suse.cz>
> CC: Ray Strode <rstrode@redhat.com>
> CC: William Jon McCann <mccann@jhu.edu>
> CC: zhangjs <zachary@baishancloud.com>
> CC: Andy Lutomirski <luto@kernel.org>
> CC: Florian Weimer <fweimer@redhat.com>
> CC: Lennart Poettering <mzxreary@0pointer.de>
> CC: Nicolai Stange <nstange@suse.de>
> Reviewed-by: Roman Drahtmueller <draht@schaltsekun.de>
> Tested-by: Roman Drahtmüller <draht@schaltsekun.de>
> Tested-by: Marcelo Henrique Cerri <marcelo.cerri@canonical.com>
> Tested-by: Neil Horman <nhorman@redhat.com>
> Signed-off-by: Stephan Mueller <smueller@chronox.de>
> ---
>  drivers/char/lrng/Kconfig        |  16 ++
>  drivers/char/lrng/Makefile       |   1 +
>  drivers/char/lrng/lrng_testing.c | 271 +++++++++++++++++++++++++++++++
>  3 files changed, 288 insertions(+)
>  create mode 100644 drivers/char/lrng/lrng_testing.c
> 

> diff --git a/drivers/char/lrng/lrng_testing.c b/drivers/char/lrng/lrng_testing.c
> new file mode 100644
> index 000000000000..0e287eccd622
> --- /dev/null
> +++ b/drivers/char/lrng/lrng_testing.c
> @@ -0,0 +1,271 @@
> +// SPDX-License-Identifier: GPL-2.0 OR BSD-2-Clause
> +/*
> + * Linux Random Number Generator (LRNG) Raw entropy collection tool
> + *
> + * Copyright (C) 2019 - 2020, Stephan Mueller <smueller@chronox.de>
> + */
> +
> +#define pr_fmt(fmt) KBUILD_MODNAME ": " fmt
> +
> +#include <linux/atomic.h>
> +#include <linux/bug.h>
> +#include <linux/debugfs.h>
> +#include <linux/module.h>
> +#include <linux/sched.h>
> +#include <linux/sched/signal.h>
> +#include <linux/slab.h>
> +#include <linux/string.h>
> +#include <linux/types.h>
> +#include <linux/uaccess.h>
> +#include <linux/workqueue.h>
> +#include <asm/errno.h>
> +
> +#include "lrng_internal.h"
> +
> +#define LRNG_TESTING_RINGBUFFER_SIZE	1024
> +#define LRNG_TESTING_RINGBUFFER_MASK	(LRNG_TESTING_RINGBUFFER_SIZE - 1)
> +
> +static u32 lrng_testing_rb[LRNG_TESTING_RINGBUFFER_SIZE];
> +static u32 lrng_rb_reader = 0;
> +static u32 lrng_rb_writer = 0;
> +static atomic_t lrng_testing_enabled = ATOMIC_INIT(0);
> +
> +static DECLARE_WAIT_QUEUE_HEAD(lrng_raw_read_wait);
> +static DEFINE_SPINLOCK(lrng_raw_lock);
> +
> +/*
> + * 0 ==> No boot test, gathering of runtime data allowed
> + * 1 ==> Boot test enabled and ready for collecting data, gathering runtime
> + *	 data is disabled
> + * 2 ==> Boot test completed and disabled, gathering of runtime data is
> + *	 disabled
> + */
> +static u32 boot_test = 0;
> +module_param(boot_test, uint, 0644);
> +MODULE_PARM_DESC(boot_test, "Enable gathering boot time entropy of the first"
> +			    " entropy events");

One line for the string, please.


-- 
~Randy
Reported-by: Randy Dunlap <rdunlap@infradead.org>

^ permalink raw reply

* Re: [PATCH v6 0/2] add performance reporting support to FPGA DFL drivers
From: Wu Hao @ 2020-01-16  2:53 UTC (permalink / raw)
  To: Greg KH
  Cc: Moritz Fischer, Will Deacon, mark.rutland-5wv7dgnIgG8,
	linux-fpga-u79uwXL29TY76Z2rM5mHXA,
	linux-kernel-u79uwXL29TY76Z2rM5mHXA,
	linux-api-u79uwXL29TY76Z2rM5mHXA, atull-DgEjT+Ai2ygdnm+yROfE0A,
	yilun.xu-ral2JQCrhuEAvxtiuMwx3w
In-Reply-To: <20200115081400.GA2978927-U8xfFu+wG4EAvxtiuMwx3w@public.gmane.org>

On Wed, Jan 15, 2020 at 09:14:00AM +0100, Greg KH wrote:
> On Tue, Jan 14, 2020 at 09:10:40PM -0800, Moritz Fischer wrote:
> > Hi Greg,
> > 
> > On Tue, Jan 14, 2020 at 01:56:05PM +0800, Wu Hao wrote:
> > > On Mon, Jan 06, 2020 at 10:37:42AM +0800, Wu Hao wrote:
> > > > On Mon, Dec 16, 2019 at 09:01:04AM +0800, Xu Yilum wrote:
> > > > > On Mon, Dec 09, 2019 at 10:45:27AM +0800, Wu Hao wrote:
> > > > > > On Mon, Nov 25, 2019 at 04:08:39PM +0800, Wu Hao wrote:
> > > > > > > On Mon, Nov 25, 2019 at 08:01:28AM +0000, Will Deacon wrote:
> > > > > > > > On Mon, Nov 25, 2019 at 11:34:12AM +0800, Wu Hao wrote:
> > > > > > > > > Hi Will and Mark,
> > > > > > > > > 
> > > > > > > > > Could you please help us on review this patchset? as this patchset mainly 
> > > > > > > > > introduced a new perf driver following the similar way as drivers/perf/*.
> > > > > > > > 
> > > > > > > > Why is it not under drivers/perf/, then?
> > > > > > > 
> > > > > > > Hi Will
> > > > > > > 
> > > > > > > Thanks for the quick response. This is one sub feature for DFL based FPGAs,
> > > > > > > and we plan to put this sub feature together with others, including related
> > > > > > > documentation. It only registers a standard perf pmu for its userspace
> > > > > > > interfaces.
> > > > > > > 
> > > > > > > > 
> > > > > > > > > This patchset has been submitted for a long time but didn't receive any
> > > > > > > > > comment after v4. we appreciate any review comments! thanks in advance. :)
> > > > > > > > 
> > > > > > > > Hmm, not sure I saw the previous versions. Guessing I wasn't on cc?
> > > > > > > 
> > > > > > > We switched to perf API from v4, and started ccing you and Mark from v5. :)
> > > > > > 
> > > > > > Hi Will
> > > > > > 
> > > > > > Did you get a chance to look into this patchset?
> > > > > > 
> > > > > > Thanks
> > > > > > Hao
> > > > > 
> > > > > Hi Will
> > > > > 
> > > > > Did you have time to look into this patchset? We have done review work
> > > > > for FPGA part. And as a perf driver, we appreciate your comments.
> > > > > 
> > > > > Thanks
> > > > > Yilun
> > > > 
> > > > Hi Will
> > > > 
> > > > Did you get a chance to look into this patchset these days? 
> > > > 
> > > > Actually we didn't receive any comments for a long time, if you are busy and
> > > > don't have enough time on this, do you know if someone else could help with
> > > > review and ack from perf driver point of view, or any other things we can do
> > > > to speed up this? Thanks in advance! 
> > > 
> > > Hi Moritz
> > > 
> > > Looks like still no response from Will. :(
> > > 
> > > Do you know someone else could help?
> > 
> > Do you have some feedback? I'm a bit confused on what to do in such a
> > situation, do I just take the patch if the maintainer doesn't respond
> > for a while?
> 
> Resend it and say something like "please review" or the like.  With the
> holidays and catching up from the holidays, this time of year is usually
> very backlogged for lots of reviewers.

Sure, will resend this patchset soon. Thanks!

Hao

> 
> greg k-h

^ permalink raw reply

* Re: [PATCH v27 01/12] Linux Random Number Generator
From: kbuild test robot @ 2020-01-16  6:09 UTC (permalink / raw)
  To: Stephan Müller
  Cc: kbuild-all, Arnd Bergmann, Greg Kroah-Hartman, linux-crypto, LKML,
	linux-api, Eric W. Biederman, Alexander E. Patrakov,
	Ahmed S. Darwish, Theodore Y. Ts'o, Willy Tarreau,
	Matthew Garrett, Vito Caputo, Andreas Dilger, Jan Kara,
	Ray Strode, William Jon McCann, zhangjs, Andy Lutomirski,
	Florian Weimer, Lennart Poettering, Ni
In-Reply-To: <112781836.sNYxTrJJ31@positron.chronox.de>

Hi "Stephan,

Thank you for the patch! Perhaps something to improve:

[auto build test WARNING on char-misc/char-misc-testing]
[also build test WARNING on cryptodev/master crypto/master v5.5-rc6 next-20200110]
[if your patch is applied to the wrong git tree, please drop us a note to help
improve the system. BTW, we also suggest to use '--base' option to specify the
base tree in git format-patch, please see https://stackoverflow.com/a/37406982]

url:    https://github.com/0day-ci/linux/commits/Stephan-M-ller/dev-random-a-new-approach-with-full-SP800-90B/20200110-084934
base:   https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/char-misc.git 68faa679b8be1a74e6663c21c3a9d25d32f1c079
reproduce:
        # apt-get install sparse
        # sparse version: v0.6.1-130-g1a803e7a-dirty
        make ARCH=x86_64 allmodconfig
        make C=1 CF='-fdiagnostic-prefix -D__CHECK_ENDIAN__'

If you fix the issue, kindly add following tag
Reported-by: kbuild test robot <lkp@intel.com>


sparse warnings: (new ones prefixed by >>)

>> drivers/char/lrng/lrng_interfaces.c:455:16: sparse: sparse: incorrect type in return expression (different base types)
>> drivers/char/lrng/lrng_interfaces.c:455:16: sparse:    expected unsigned int
>> drivers/char/lrng/lrng_interfaces.c:455:16: sparse:    got restricted __poll_t [assigned] [usertype] mask
>> drivers/char/lrng/lrng_interfaces.c:586:18: sparse: sparse: incorrect type in initializer (different base types)
>> drivers/char/lrng/lrng_interfaces.c:586:18: sparse:    expected restricted __poll_t ( *poll )( ... )
>> drivers/char/lrng/lrng_interfaces.c:586:18: sparse:    got unsigned int ( * )( ... )
   drivers/char/lrng/lrng_interfaces.c:605:49: sparse: sparse: undefined identifier 'GRND_INSECURE'
   drivers/char/lrng/lrng_interfaces.c:613:15: sparse: sparse: undefined identifier 'GRND_INSECURE'
   drivers/char/lrng/lrng_interfaces.c:613:47: sparse: sparse: undefined identifier 'GRND_INSECURE'
   drivers/char/lrng/lrng_interfaces.c:619:21: sparse: sparse: undefined identifier 'GRND_INSECURE'
--
   drivers/char/lrng/lrng_drng.c:378:6: sparse: sparse: symbol 'lrng_reset' was not declared. Should it be static?
>> drivers/char/lrng/lrng_internal.h:235:39: sparse: sparse: context imbalance in 'lrng_drng_inject' - unexpected unlock
>> drivers/char/lrng/lrng_internal.h:235:39: sparse: sparse: context imbalance in 'lrng_drng_seed' - unexpected unlock
>> drivers/char/lrng/lrng_internal.h:235:39: sparse: sparse: context imbalance in 'lrng_drng_get' - unexpected unlock
>> drivers/char/lrng/lrng_internal.h:235:39: sparse: sparse: context imbalance in 'lrng_drngs_init_cc20' - unexpected unlock
>> drivers/char/lrng/lrng_internal.h:235:39: sparse: sparse: context imbalance in '_lrng_reset' - unexpected unlock

vim +455 drivers/char/lrng/lrng_interfaces.c

   442	
   443	static unsigned int lrng_random_poll(struct file *file, poll_table *wait)
   444	{
   445		__poll_t mask;
   446	
   447		poll_wait(file, &lrng_init_wait, wait);
   448		poll_wait(file, &lrng_write_wait, wait);
   449		mask = 0;
   450		if (lrng_state_operational())
   451			mask |= EPOLLIN | EPOLLRDNORM;
   452		if (lrng_need_entropy() ||
   453		    lrng_state_exseed_allow(lrng_noise_source_user))
   454			mask |= EPOLLOUT | EPOLLWRNORM;
 > 455		return mask;
   456	}
   457	
   458	static ssize_t lrng_drng_write_common(const char __user *buffer, size_t count,
   459					      u32 entropy_bits)
   460	{
   461		ssize_t ret = 0;
   462		u8 buf[64] __aligned(LRNG_KCAPI_ALIGN);
   463		const char __user *p = buffer;
   464		u32 orig_entropy_bits = entropy_bits;
   465	
   466		if (!lrng_get_available())
   467			return -EAGAIN;
   468	
   469		count = min_t(size_t, count, INT_MAX);
   470		while (count > 0) {
   471			size_t bytes = min_t(size_t, count, sizeof(buf));
   472			u32 ent = min_t(u32, bytes<<3, entropy_bits);
   473	
   474			if (copy_from_user(&buf, p, bytes))
   475				return -EFAULT;
   476			/* Inject data into entropy pool */
   477			lrng_pool_lfsr(buf, bytes);
   478			lrng_pool_add_entropy(ent);
   479	
   480			count -= bytes;
   481			p += bytes;
   482			ret += bytes;
   483			entropy_bits -= ent;
   484	
   485			cond_resched();
   486		}
   487	
   488		/* Force reseed of DRNG during next data request. */
   489		if (!orig_entropy_bits)
   490			lrng_drng_force_reseed();
   491	
   492		return ret;
   493	}
   494	
   495	static ssize_t lrng_drng_read(struct file *file, char __user *buf,
   496				      size_t nbytes, loff_t *ppos)
   497	{
   498		if (!lrng_state_min_seeded())
   499			pr_notice_ratelimited("%s - use of insufficiently seeded DRNG "
   500					      "(%zu bytes read)\n", current->comm,
   501					      nbytes);
   502		else if (!lrng_state_operational())
   503			pr_debug_ratelimited("%s - use of not fully seeded DRNG (%zu "
   504					     "bytes read)\n", current->comm, nbytes);
   505	
   506		return lrng_read_common(buf, nbytes);
   507	}
   508	
   509	static ssize_t lrng_drng_write(struct file *file, const char __user *buffer,
   510				       size_t count, loff_t *ppos)
   511	{
   512		return lrng_drng_write_common(buffer, count, 0);
   513	}
   514	
   515	static long lrng_ioctl(struct file *f, unsigned int cmd, unsigned long arg)
   516	{
   517		int size, ent_count_bits;
   518		int __user *p = (int __user *)arg;
   519	
   520		switch (cmd) {
   521		case RNDGETENTCNT:
   522			ent_count_bits = lrng_avail_entropy();
   523			if (put_user(ent_count_bits, p))
   524				return -EFAULT;
   525			return 0;
   526		case RNDADDTOENTCNT:
   527			if (!capable(CAP_SYS_ADMIN))
   528				return -EPERM;
   529			if (get_user(ent_count_bits, p))
   530				return -EFAULT;
   531			ent_count_bits = (int)lrng_avail_entropy() + ent_count_bits;
   532			if (ent_count_bits < 0)
   533				ent_count_bits = 0;
   534			if (ent_count_bits > LRNG_POOL_SIZE_BITS)
   535				ent_count_bits = LRNG_POOL_SIZE_BITS;
   536			lrng_pool_set_entropy(ent_count_bits);
   537			return 0;
   538		case RNDADDENTROPY:
   539			if (!capable(CAP_SYS_ADMIN))
   540				return -EPERM;
   541			if (get_user(ent_count_bits, p++))
   542				return -EFAULT;
   543			if (ent_count_bits < 0)
   544				return -EINVAL;
   545			if (get_user(size, p++))
   546				return -EFAULT;
   547			if (size < 0)
   548				return -EINVAL;
   549			lrng_state_exseed_set(lrng_noise_source_user, false);
   550			/* there cannot be more entropy than data */
   551			ent_count_bits = min(ent_count_bits, size<<3);
   552			return lrng_drng_write_common((const char __user *)p, size,
   553						      ent_count_bits);
   554		case RNDZAPENTCNT:
   555		case RNDCLEARPOOL:
   556			/* Clear the entropy pool counter. */
   557			if (!capable(CAP_SYS_ADMIN))
   558				return -EPERM;
   559			lrng_pool_set_entropy(0);
   560			return 0;
   561		case RNDRESEEDCRNG:
   562			/*
   563			 * We leave the capability check here since it is present
   564			 * in the upstream's RNG implementation. Yet, user space
   565			 * can trigger a reseed as easy as writing into /dev/random
   566			 * or /dev/urandom where no privilege is needed.
   567			 */
   568			if (!capable(CAP_SYS_ADMIN))
   569				return -EPERM;
   570			/* Force a reseed of all DRNGs */
   571			lrng_drng_force_reseed();
   572			return 0;
   573		default:
   574			return -EINVAL;
   575		}
   576	}
   577	
   578	static int lrng_fasync(int fd, struct file *filp, int on)
   579	{
   580		return fasync_helper(fd, filp, on, &fasync);
   581	}
   582	
   583	const struct file_operations random_fops = {
   584		.read  = lrng_drng_read_block,
   585		.write = lrng_drng_write,
 > 586		.poll  = lrng_random_poll,
   587		.unlocked_ioctl = lrng_ioctl,
   588		.compat_ioctl = compat_ptr_ioctl,
   589		.fasync = lrng_fasync,
   590		.llseek = noop_llseek,
   591	};
   592	

---
0-DAY kernel test infrastructure                 Open Source Technology Center
https://lists.01.org/hyperkitty/list/kbuild-all@lists.01.org Intel Corporation

^ permalink raw reply

* Re: [PATCH v27 01/12] Linux Random Number Generator
From: Stephan Mueller @ 2020-01-16  6:41 UTC (permalink / raw)
  To: kbuild test robot
  Cc: kbuild-all-hn68Rpc1hR1g9hUCZPvPmw, Arnd Bergmann,
	Greg Kroah-Hartman, linux-crypto-u79uwXL29TY76Z2rM5mHXA, LKML,
	linux-api-u79uwXL29TY76Z2rM5mHXA, Eric W. Biederman,
	Alexander E. Patrakov, Ahmed S. Darwish, Theodore Y. Ts'o,
	Willy Tarreau, Matthew Garrett, Vito Caputo, Andreas Dilger,
	Jan Kara, Ray Strode, William Jon McCann, zhangjs,
	Andy Lutomirski, Florian Weimer, Lennart Poettering, Ni
In-Reply-To: <202001161241.meGVaLli%lkp-ral2JQCrhuEAvxtiuMwx3w@public.gmane.org>

Am Donnerstag, 16. Januar 2020, 07:09:51 CET schrieb kbuild test robot:

Hi kbuild,

> Hi "Stephan,
> 
> Thank you for the patch! Perhaps something to improve:
> 
> [auto build test WARNING on char-misc/char-misc-testing]
> [also build test WARNING on cryptodev/master crypto/master v5.5-rc6
> next-20200110] [if your patch is applied to the wrong git tree, please drop
> us a note to help improve the system. BTW, we also suggest to use '--base'
> option to specify the base tree in git format-patch, please see
> https://stackoverflow.com/a/37406982]

This patch requires the presence of patch 
75551dbf112c992bc6c99a972990b3f272247e23 from Ted Tso's kernel tree as 
documented in patch 0/12.

I am not sure how to document it for the kbuild system.
> 
> url:   
> https://github.com/0day-ci/linux/commits/Stephan-M-ller/dev-random-a-new-ap
> proach-with-full-SP800-90B/20200110-084934 base:  
> https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/char-misc.git
> 68faa679b8be1a74e6663c21c3a9d25d32f1c079 reproduce:
>         # apt-get install sparse
>         # sparse version: v0.6.1-130-g1a803e7a-dirty
>         make ARCH=x86_64 allmodconfig
>         make C=1 CF='-fdiagnostic-prefix -D__CHECK_ENDIAN__'
> 
> If you fix the issue, kindly add following tag
> Reported-by: kbuild test robot <lkp-ral2JQCrhuEAvxtiuMwx3w@public.gmane.org>
> 
> 
> sparse warnings: (new ones prefixed by >>)
> 
> >> drivers/char/lrng/lrng_interfaces.c:455:16: sparse: sparse: incorrect
> >> type in return expression (different base types)
> >> drivers/char/lrng/lrng_interfaces.c:455:16: sparse:    expected unsigned
> >> int drivers/char/lrng/lrng_interfaces.c:455:16: sparse:    got
> >> restricted __poll_t [assigned] [usertype] mask
> >> drivers/char/lrng/lrng_interfaces.c:586:18: sparse: sparse: incorrect
> >> type in initializer (different base types)
> >> drivers/char/lrng/lrng_interfaces.c:586:18: sparse:    expected
> >> restricted __poll_t ( *poll )( ... )
> >> drivers/char/lrng/lrng_interfaces.c:586:18: sparse:    got unsigned int
> >> ( * )( ... )
>    drivers/char/lrng/lrng_interfaces.c:605:49: sparse: sparse: undefined
> identifier 'GRND_INSECURE' drivers/char/lrng/lrng_interfaces.c:613:15:
> sparse: sparse: undefined identifier 'GRND_INSECURE'
> drivers/char/lrng/lrng_interfaces.c:613:47: sparse: sparse: undefined
> identifier 'GRND_INSECURE' drivers/char/lrng/lrng_interfaces.c:619:21:
> sparse: sparse: undefined identifier 'GRND_INSECURE' --
>    drivers/char/lrng/lrng_drng.c:378:6: sparse: sparse: symbol 'lrng_reset'
> was not declared. Should it be static?
> >> drivers/char/lrng/lrng_internal.h:235:39: sparse: sparse: context
> >> imbalance in 'lrng_drng_inject' - unexpected unlock
> >> drivers/char/lrng/lrng_internal.h:235:39: sparse: sparse: context
> >> imbalance in 'lrng_drng_seed' - unexpected unlock
> >> drivers/char/lrng/lrng_internal.h:235:39: sparse: sparse: context
> >> imbalance in 'lrng_drng_get' - unexpected unlock
> >> drivers/char/lrng/lrng_internal.h:235:39: sparse: sparse: context
> >> imbalance in 'lrng_drngs_init_cc20' - unexpected unlock
> >> drivers/char/lrng/lrng_internal.h:235:39: sparse: sparse: context
> >> imbalance in '_lrng_reset' - unexpected unlock
> vim +455 drivers/char/lrng/lrng_interfaces.c
> 
>    442
>    443	static unsigned int lrng_random_poll(struct file *file, poll_table
> *wait) 444	{
>    445		__poll_t mask;
>    446
>    447		poll_wait(file, &lrng_init_wait, wait);
>    448		poll_wait(file, &lrng_write_wait, wait);
>    449		mask = 0;
>    450		if (lrng_state_operational())
>    451			mask |= EPOLLIN | EPOLLRDNORM;
>    452		if (lrng_need_entropy() ||
>    453		    lrng_state_exseed_allow(lrng_noise_source_user))
>    454			mask |= EPOLLOUT | EPOLLWRNORM;
> 
>  > 455		return mask;
> 
>    456	}
>    457
>    458	static ssize_t lrng_drng_write_common(const char __user *buffer,
> size_t count, 459					      u32 
entropy_bits)
>    460	{
>    461		ssize_t ret = 0;
>    462		u8 buf[64] __aligned(LRNG_KCAPI_ALIGN);
>    463		const char __user *p = buffer;
>    464		u32 orig_entropy_bits = entropy_bits;
>    465
>    466		if (!lrng_get_available())
>    467			return -EAGAIN;
>    468
>    469		count = min_t(size_t, count, INT_MAX);
>    470		while (count > 0) {
>    471			size_t bytes = min_t(size_t, count, sizeof(buf));
>    472			u32 ent = min_t(u32, bytes<<3, entropy_bits);
>    473
>    474			if (copy_from_user(&buf, p, bytes))
>    475				return -EFAULT;
>    476			/* Inject data into entropy pool */
>    477			lrng_pool_lfsr(buf, bytes);
>    478			lrng_pool_add_entropy(ent);
>    479
>    480			count -= bytes;
>    481			p += bytes;
>    482			ret += bytes;
>    483			entropy_bits -= ent;
>    484
>    485			cond_resched();
>    486		}
>    487
>    488		/* Force reseed of DRNG during next data request. */
>    489		if (!orig_entropy_bits)
>    490			lrng_drng_force_reseed();
>    491
>    492		return ret;
>    493	}
>    494
>    495	static ssize_t lrng_drng_read(struct file *file, char __user *buf,
>    496				      size_t nbytes, loff_t *ppos)
>    497	{
>    498		if (!lrng_state_min_seeded())
>    499			pr_notice_ratelimited("%s - use of insufficiently 
seeded DRNG "
>    500					      "(%zu bytes read)\n", current-
>comm,
>    501					      nbytes);
>    502		else if (!lrng_state_operational())
>    503			pr_debug_ratelimited("%s - use of not fully seeded 
DRNG (%zu "
>    504					     "bytes read)\n", current->comm, 
nbytes);
>    505
>    506		return lrng_read_common(buf, nbytes);
>    507	}
>    508
>    509	static ssize_t lrng_drng_write(struct file *file, const char __user
> *buffer, 510				       size_t count, loff_t *ppos)
>    511	{
>    512		return lrng_drng_write_common(buffer, count, 0);
>    513	}
>    514
>    515	static long lrng_ioctl(struct file *f, unsigned int cmd, unsigned
> long arg) 516	{
>    517		int size, ent_count_bits;
>    518		int __user *p = (int __user *)arg;
>    519
>    520		switch (cmd) {
>    521		case RNDGETENTCNT:
>    522			ent_count_bits = lrng_avail_entropy();
>    523			if (put_user(ent_count_bits, p))
>    524				return -EFAULT;
>    525			return 0;
>    526		case RNDADDTOENTCNT:
>    527			if (!capable(CAP_SYS_ADMIN))
>    528				return -EPERM;
>    529			if (get_user(ent_count_bits, p))
>    530				return -EFAULT;
>    531			ent_count_bits = (int)lrng_avail_entropy() + 
ent_count_bits;
>    532			if (ent_count_bits < 0)
>    533				ent_count_bits = 0;
>    534			if (ent_count_bits > LRNG_POOL_SIZE_BITS)
>    535				ent_count_bits = LRNG_POOL_SIZE_BITS;
>    536			lrng_pool_set_entropy(ent_count_bits);
>    537			return 0;
>    538		case RNDADDENTROPY:
>    539			if (!capable(CAP_SYS_ADMIN))
>    540				return -EPERM;
>    541			if (get_user(ent_count_bits, p++))
>    542				return -EFAULT;
>    543			if (ent_count_bits < 0)
>    544				return -EINVAL;
>    545			if (get_user(size, p++))
>    546				return -EFAULT;
>    547			if (size < 0)
>    548				return -EINVAL;
>    549			lrng_state_exseed_set(lrng_noise_source_user, false);
>    550			/* there cannot be more entropy than data */
>    551			ent_count_bits = min(ent_count_bits, size<<3);
>    552			return lrng_drng_write_common((const char __user *)p, 
size,
>    553						      ent_count_bits);
>    554		case RNDZAPENTCNT:
>    555		case RNDCLEARPOOL:
>    556			/* Clear the entropy pool counter. */
>    557			if (!capable(CAP_SYS_ADMIN))
>    558				return -EPERM;
>    559			lrng_pool_set_entropy(0);
>    560			return 0;
>    561		case RNDRESEEDCRNG:
>    562			/*
>    563			 * We leave the capability check here since it is 
present
>    564			 * in the upstream's RNG implementation. Yet, user 
space
>    565			 * can trigger a reseed as easy as writing into /dev/
random
>    566			 * or /dev/urandom where no privilege is needed.
>    567			 */
>    568			if (!capable(CAP_SYS_ADMIN))
>    569				return -EPERM;
>    570			/* Force a reseed of all DRNGs */
>    571			lrng_drng_force_reseed();
>    572			return 0;
>    573		default:
>    574			return -EINVAL;
>    575		}
>    576	}
>    577
>    578	static int lrng_fasync(int fd, struct file *filp, int on)
>    579	{
>    580		return fasync_helper(fd, filp, on, &fasync);
>    581	}
>    582
>    583	const struct file_operations random_fops = {
>    584		.read  = lrng_drng_read_block,
>    585		.write = lrng_drng_write,
> 
>  > 586		.poll  = lrng_random_poll,
> 
>    587		.unlocked_ioctl = lrng_ioctl,
>    588		.compat_ioctl = compat_ptr_ioctl,
>    589		.fasync = lrng_fasync,
>    590		.llseek = noop_llseek,
>    591	};
>    592
> 
> ---
> 0-DAY kernel test infrastructure                 Open Source Technology
> Center https://lists.01.org/hyperkitty/list/kbuild-all-hn68Rpc1hR1g9hUCZPvPmw@public.gmane.org Intel
> Corporation



Ciao
Stephan

^ permalink raw reply

* Re: [PATCH v28 11/12] LRNG - add interface for gathering of raw entropy
From: Stephan Mueller @ 2020-01-16  6:43 UTC (permalink / raw)
  To: Randy Dunlap
  Cc: Arnd Bergmann, Greg Kroah-Hartman, linux-crypto, LKML, linux-api,
	Eric W. Biederman, Alexander E. Patrakov, Ahmed S. Darwish,
	Theodore Y. Ts'o, Willy Tarreau, Matthew Garrett, Vito Caputo,
	Andreas Dilger, Jan Kara, Ray Strode, William Jon McCann, zhangjs,
	Andy Lutomirski, Florian Weimer, Lennart Poettering,
	Nicolai Stange
In-Reply-To: <abde84fe-2599-0db8-2bad-d2ff29a3c4f0@infradead.org>

Am Donnerstag, 16. Januar 2020, 01:18:18 CET schrieb Randy Dunlap:

Hi Randy,

> On 1/15/20 2:35 AM, Stephan Müller wrote:
> > CC: "Eric W. Biederman" <ebiederm@xmission.com>
> > CC: "Alexander E. Patrakov" <patrakov@gmail.com>
> > CC: "Ahmed S. Darwish" <darwish.07@gmail.com>
> > CC: "Theodore Y. Ts'o" <tytso@mit.edu>
> > CC: Willy Tarreau <w@1wt.eu>
> > CC: Matthew Garrett <mjg59@srcf.ucam.org>
> > CC: Vito Caputo <vcaputo@pengaru.com>
> > CC: Andreas Dilger <adilger.kernel@dilger.ca>
> > CC: Jan Kara <jack@suse.cz>
> > CC: Ray Strode <rstrode@redhat.com>
> > CC: William Jon McCann <mccann@jhu.edu>
> > CC: zhangjs <zachary@baishancloud.com>
> > CC: Andy Lutomirski <luto@kernel.org>
> > CC: Florian Weimer <fweimer@redhat.com>
> > CC: Lennart Poettering <mzxreary@0pointer.de>
> > CC: Nicolai Stange <nstange@suse.de>
> > Reviewed-by: Roman Drahtmueller <draht@schaltsekun.de>
> > Tested-by: Roman Drahtmüller <draht@schaltsekun.de>
> > Tested-by: Marcelo Henrique Cerri <marcelo.cerri@canonical.com>
> > Tested-by: Neil Horman <nhorman@redhat.com>
> > Signed-off-by: Stephan Mueller <smueller@chronox.de>
> > ---
> > 
> >  drivers/char/lrng/Kconfig        |  16 ++
> >  drivers/char/lrng/Makefile       |   1 +
> >  drivers/char/lrng/lrng_testing.c | 271 +++++++++++++++++++++++++++++++
> >  3 files changed, 288 insertions(+)
> >  create mode 100644 drivers/char/lrng/lrng_testing.c
> > 
> > diff --git a/drivers/char/lrng/lrng_testing.c
> > b/drivers/char/lrng/lrng_testing.c new file mode 100644
> > index 000000000000..0e287eccd622
> > --- /dev/null
> > +++ b/drivers/char/lrng/lrng_testing.c
> > @@ -0,0 +1,271 @@
> > +// SPDX-License-Identifier: GPL-2.0 OR BSD-2-Clause
> > +/*
> > + * Linux Random Number Generator (LRNG) Raw entropy collection tool
> > + *
> > + * Copyright (C) 2019 - 2020, Stephan Mueller <smueller@chronox.de>
> > + */
> > +
> > +#define pr_fmt(fmt) KBUILD_MODNAME ": " fmt
> > +
> > +#include <linux/atomic.h>
> > +#include <linux/bug.h>
> > +#include <linux/debugfs.h>
> > +#include <linux/module.h>
> > +#include <linux/sched.h>
> > +#include <linux/sched/signal.h>
> > +#include <linux/slab.h>
> > +#include <linux/string.h>
> > +#include <linux/types.h>
> > +#include <linux/uaccess.h>
> > +#include <linux/workqueue.h>
> > +#include <asm/errno.h>
> > +
> > +#include "lrng_internal.h"
> > +
> > +#define LRNG_TESTING_RINGBUFFER_SIZE	1024
> > +#define LRNG_TESTING_RINGBUFFER_MASK	(LRNG_TESTING_RINGBUFFER_SIZE - 1)
> > +
> > +static u32 lrng_testing_rb[LRNG_TESTING_RINGBUFFER_SIZE];
> > +static u32 lrng_rb_reader = 0;
> > +static u32 lrng_rb_writer = 0;
> > +static atomic_t lrng_testing_enabled = ATOMIC_INIT(0);
> > +
> > +static DECLARE_WAIT_QUEUE_HEAD(lrng_raw_read_wait);
> > +static DEFINE_SPINLOCK(lrng_raw_lock);
> > +
> > +/*
> > + * 0 ==> No boot test, gathering of runtime data allowed
> > + * 1 ==> Boot test enabled and ready for collecting data, gathering
> > runtime + *	 data is disabled
> > + * 2 ==> Boot test completed and disabled, gathering of runtime data is
> > + *	 disabled
> > + */
> > +static u32 boot_test = 0;
> > +module_param(boot_test, uint, 0644);
> > +MODULE_PARM_DESC(boot_test, "Enable gathering boot time entropy of the
> > first" +			    " entropy events");
> 
> One line for the string, please.

may I ask the question whether this should be done for all lines with printk 
statements? As checkpatch.pl will complain if you have lines larger than 80 
chars and complains about line-broken printk statements, I am always unsure 
which way to go.

All printk statements in the patch series have line-broken printk statements.

Ciao
Stephan

^ permalink raw reply

* Re: [PATCH v28 11/12] LRNG - add interface for gathering of raw entropy
From: Randy Dunlap @ 2020-01-16  6:48 UTC (permalink / raw)
  To: Stephan Mueller
  Cc: Arnd Bergmann, Greg Kroah-Hartman, linux-crypto, LKML, linux-api,
	Eric W. Biederman, Alexander E. Patrakov, Ahmed S. Darwish,
	Theodore Y. Ts'o, Willy Tarreau, Matthew Garrett, Vito Caputo,
	Andreas Dilger, Jan Kara, Ray Strode, William Jon McCann, zhangjs,
	Andy Lutomirski, Florian Weimer, Lennart Poettering,
	Nicolai Stange
In-Reply-To: <9116265.6Va6cPe1zF@tauon.chronox.de>

On 1/15/20 10:43 PM, Stephan Mueller wrote:
> Am Donnerstag, 16. Januar 2020, 01:18:18 CET schrieb Randy Dunlap:
> 
> Hi Randy,
> 
>> On 1/15/20 2:35 AM, Stephan Müller wrote:
>>> CC: "Eric W. Biederman" <ebiederm@xmission.com>
>>> CC: "Alexander E. Patrakov" <patrakov@gmail.com>
>>> CC: "Ahmed S. Darwish" <darwish.07@gmail.com>
>>> CC: "Theodore Y. Ts'o" <tytso@mit.edu>
>>> CC: Willy Tarreau <w@1wt.eu>
>>> CC: Matthew Garrett <mjg59@srcf.ucam.org>
>>> CC: Vito Caputo <vcaputo@pengaru.com>
>>> CC: Andreas Dilger <adilger.kernel@dilger.ca>
>>> CC: Jan Kara <jack@suse.cz>
>>> CC: Ray Strode <rstrode@redhat.com>
>>> CC: William Jon McCann <mccann@jhu.edu>
>>> CC: zhangjs <zachary@baishancloud.com>
>>> CC: Andy Lutomirski <luto@kernel.org>
>>> CC: Florian Weimer <fweimer@redhat.com>
>>> CC: Lennart Poettering <mzxreary@0pointer.de>
>>> CC: Nicolai Stange <nstange@suse.de>
>>> Reviewed-by: Roman Drahtmueller <draht@schaltsekun.de>
>>> Tested-by: Roman Drahtmüller <draht@schaltsekun.de>
>>> Tested-by: Marcelo Henrique Cerri <marcelo.cerri@canonical.com>
>>> Tested-by: Neil Horman <nhorman@redhat.com>
>>> Signed-off-by: Stephan Mueller <smueller@chronox.de>
>>> ---
>>>
>>>  drivers/char/lrng/Kconfig        |  16 ++
>>>  drivers/char/lrng/Makefile       |   1 +
>>>  drivers/char/lrng/lrng_testing.c | 271 +++++++++++++++++++++++++++++++
>>>  3 files changed, 288 insertions(+)
>>>  create mode 100644 drivers/char/lrng/lrng_testing.c
>>>
>>> diff --git a/drivers/char/lrng/lrng_testing.c
>>> b/drivers/char/lrng/lrng_testing.c new file mode 100644
>>> index 000000000000..0e287eccd622
>>> --- /dev/null
>>> +++ b/drivers/char/lrng/lrng_testing.c
>>> @@ -0,0 +1,271 @@
>>> +// SPDX-License-Identifier: GPL-2.0 OR BSD-2-Clause
>>> +/*
>>> + * Linux Random Number Generator (LRNG) Raw entropy collection tool
>>> + *
>>> + * Copyright (C) 2019 - 2020, Stephan Mueller <smueller@chronox.de>
>>> + */
>>> +
>>> +#define pr_fmt(fmt) KBUILD_MODNAME ": " fmt
>>> +
>>> +#include <linux/atomic.h>
>>> +#include <linux/bug.h>
>>> +#include <linux/debugfs.h>
>>> +#include <linux/module.h>
>>> +#include <linux/sched.h>
>>> +#include <linux/sched/signal.h>
>>> +#include <linux/slab.h>
>>> +#include <linux/string.h>
>>> +#include <linux/types.h>
>>> +#include <linux/uaccess.h>
>>> +#include <linux/workqueue.h>
>>> +#include <asm/errno.h>
>>> +
>>> +#include "lrng_internal.h"
>>> +
>>> +#define LRNG_TESTING_RINGBUFFER_SIZE	1024
>>> +#define LRNG_TESTING_RINGBUFFER_MASK	(LRNG_TESTING_RINGBUFFER_SIZE - 1)
>>> +
>>> +static u32 lrng_testing_rb[LRNG_TESTING_RINGBUFFER_SIZE];
>>> +static u32 lrng_rb_reader = 0;
>>> +static u32 lrng_rb_writer = 0;
>>> +static atomic_t lrng_testing_enabled = ATOMIC_INIT(0);
>>> +
>>> +static DECLARE_WAIT_QUEUE_HEAD(lrng_raw_read_wait);
>>> +static DEFINE_SPINLOCK(lrng_raw_lock);
>>> +
>>> +/*
>>> + * 0 ==> No boot test, gathering of runtime data allowed
>>> + * 1 ==> Boot test enabled and ready for collecting data, gathering
>>> runtime + *	 data is disabled
>>> + * 2 ==> Boot test completed and disabled, gathering of runtime data is
>>> + *	 disabled
>>> + */
>>> +static u32 boot_test = 0;
>>> +module_param(boot_test, uint, 0644);
>>> +MODULE_PARM_DESC(boot_test, "Enable gathering boot time entropy of the
>>> first" +			    " entropy events");
>>
>> One line for the string, please.
> 
> may I ask the question whether this should be done for all lines with printk 
> statements? As checkpatch.pl will complain if you have lines larger than 80 
> chars and complains about line-broken printk statements, I am always unsure 
> which way to go.
> 
> All printk statements in the patch series have line-broken printk statements.

It's for grep-ability of the strings.
grepping for partial strings would work as is, but then one would need to know
what partial string to search for.

-- 
~Randy

^ permalink raw reply

* Re: [PATCH v28 09/12] LRNG - add Jitter RNG fast noise source
From: Stephan Mueller @ 2020-01-16  6:51 UTC (permalink / raw)
  To: Randy Dunlap
  Cc: Arnd Bergmann, Greg Kroah-Hartman, linux-crypto, LKML, linux-api,
	Eric W. Biederman, Alexander E. Patrakov, Ahmed S. Darwish,
	Theodore Y. Ts'o, Willy Tarreau, Matthew Garrett, Vito Caputo,
	Andreas Dilger, Jan Kara, Ray Strode, William Jon McCann, zhangjs,
	Andy Lutomirski, Florian Weimer, Lennart Poettering,
	Nicolai Stange
In-Reply-To: <e354fe2f-2040-689a-4293-e1d919f14b74@infradead.org>

Am Donnerstag, 16. Januar 2020, 01:17:05 CET schrieb Randy Dunlap:

Hi Randy,

> On 1/15/20 2:34 AM, Stephan Müller wrote:
> > CC: "Eric W. Biederman" <ebiederm@xmission.com>
> > CC: "Alexander E. Patrakov" <patrakov@gmail.com>
> > CC: "Ahmed S. Darwish" <darwish.07@gmail.com>
> > CC: "Theodore Y. Ts'o" <tytso@mit.edu>
> > CC: Willy Tarreau <w@1wt.eu>
> > CC: Matthew Garrett <mjg59@srcf.ucam.org>
> > CC: Vito Caputo <vcaputo@pengaru.com>
> > CC: Andreas Dilger <adilger.kernel@dilger.ca>
> > CC: Jan Kara <jack@suse.cz>
> > CC: Ray Strode <rstrode@redhat.com>
> > CC: William Jon McCann <mccann@jhu.edu>
> > CC: zhangjs <zachary@baishancloud.com>
> > CC: Andy Lutomirski <luto@kernel.org>
> > CC: Florian Weimer <fweimer@redhat.com>
> > CC: Lennart Poettering <mzxreary@0pointer.de>
> > CC: Nicolai Stange <nstange@suse.de>
> > Reviewed-by: Marcelo Henrique Cerri <marcelo.cerri@canonical.com>
> > Reviewed-by: Roman Drahtmueller <draht@schaltsekun.de>
> > Tested-by: Roman Drahtmüller <draht@schaltsekun.de>
> > Tested-by: Marcelo Henrique Cerri <marcelo.cerri@canonical.com>
> > Tested-by: Neil Horman <nhorman@redhat.com>
> > Signed-off-by: Stephan Mueller <smueller@chronox.de>
> > ---
> > 
> >  drivers/char/lrng/Kconfig     | 11 +++++
> >  drivers/char/lrng/Makefile    |  1 +
> >  drivers/char/lrng/lrng_jent.c | 89 +++++++++++++++++++++++++++++++++++
> >  3 files changed, 101 insertions(+)
> >  create mode 100644 drivers/char/lrng/lrng_jent.c
> > 
> > diff --git a/drivers/char/lrng/Kconfig b/drivers/char/lrng/Kconfig
> > index 0d070a3897dd..10b7cbdb8c8e 100644
> > --- a/drivers/char/lrng/Kconfig
> > +++ b/drivers/char/lrng/Kconfig
> > @@ -92,4 +92,15 @@ config LRNG_KCAPI
> > 
> >  	  provided by the selected kernel crypto API RNG.
> >  
> >  endif # LRNG_DRNG_SWITCH
> > 
> > +config LRNG_JENT
> > +	bool "Enable Jitter RNG as LRNG Seed Source"
> > +	select CRYPTO_JITTERENTROPY
> 
> Don't select unless CRYPTO is already set/enabled.

I added "depends on 
> 
> > +	help
> > +	  The Linux RNG may use the Jitter RNG as noise source. Enabling
> > +	  this option enables the use of the Jitter RNG. Its default
> > +	  entropy level is 16 bits of entropy per 256 data bits delivered
> > +	  by the Jitter RNG. This entropy level can be changed at boot
> > +	  time or at runtime with the lrng_base.jitterrng configuration
> > +	  variable.
> > +
> > 
> >  endif # LRNG
> > 
> > diff --git a/drivers/char/lrng/lrng_jent.c b/drivers/char/lrng/lrng_jent.c
> > new file mode 100644
> > index 000000000000..ff0bbe2680c4
> > --- /dev/null
> > +++ b/drivers/char/lrng/lrng_jent.c
> > @@ -0,0 +1,89 @@
> > +// SPDX-License-Identifier: GPL-2.0 OR BSD-2-Clause
> > +/*
> > + * LRNG Fast Noise Source: Jitter RNG
> > + *
> > + * Copyright (C) 2016 - 2020, Stephan Mueller <smueller@chronox.de>
> > + */
> > +
> > +#define pr_fmt(fmt) KBUILD_MODNAME ": " fmt
> > +
> > +#include <linux/types.h>
> > +#include <crypto/internal/jitterentropy.h>
> > +
> > +#include "lrng_internal.h"
> > +
> > +/*
> > + * Estimated entropy of data is a 16th of
> > LRNG_DRNG_SECURITY_STRENGTH_BITS. + * Albeit a full entropy assessment is
> > provided for the noise source indicating + * that it provides high
> > entropy rates and considering that it deactivates + * when it detects
> > insufficient hardware, the chosen under estimation of + * entropy is
> > considered to be acceptable to all reviewers.
> > + */
> > +static u32 jitterrng = LRNG_DRNG_SECURITY_STRENGTH_BITS>>4;
> > +module_param(jitterrng, uint, 0644);
> > +MODULE_PARM_DESC(jitterrng, "Entropy in bits of 256 data bits from Jitter
> > " +			    "RNG noise source");
> 
> One line for the string, please, not split to 2 lines.

Changed.

Thank you.

Ciao
Stephan

^ permalink raw reply

* Re: [PATCH v28 11/12] LRNG - add interface for gathering of raw entropy
From: Stephan Mueller @ 2020-01-16  6:52 UTC (permalink / raw)
  To: Randy Dunlap
  Cc: Arnd Bergmann, Greg Kroah-Hartman, linux-crypto, LKML, linux-api,
	Eric W. Biederman, Alexander E. Patrakov, Ahmed S. Darwish,
	Theodore Y. Ts'o, Willy Tarreau, Matthew Garrett, Vito Caputo,
	Andreas Dilger, Jan Kara, Ray Strode, William Jon McCann, zhangjs,
	Andy Lutomirski, Florian Weimer, Lennart Poettering,
	Nicolai Stange
In-Reply-To: <72a57d93-737a-c6c1-82c4-e14f73054ad5@infradead.org>

Am Donnerstag, 16. Januar 2020, 07:48:20 CET schrieb Randy Dunlap:

Hi Randy,

> On 1/15/20 10:43 PM, Stephan Mueller wrote:
> > Am Donnerstag, 16. Januar 2020, 01:18:18 CET schrieb Randy Dunlap:
> > 
> > Hi Randy,
> > 
> >> On 1/15/20 2:35 AM, Stephan Müller wrote:
> >>> CC: "Eric W. Biederman" <ebiederm@xmission.com>
> >>> CC: "Alexander E. Patrakov" <patrakov@gmail.com>
> >>> CC: "Ahmed S. Darwish" <darwish.07@gmail.com>
> >>> CC: "Theodore Y. Ts'o" <tytso@mit.edu>
> >>> CC: Willy Tarreau <w@1wt.eu>
> >>> CC: Matthew Garrett <mjg59@srcf.ucam.org>
> >>> CC: Vito Caputo <vcaputo@pengaru.com>
> >>> CC: Andreas Dilger <adilger.kernel@dilger.ca>
> >>> CC: Jan Kara <jack@suse.cz>
> >>> CC: Ray Strode <rstrode@redhat.com>
> >>> CC: William Jon McCann <mccann@jhu.edu>
> >>> CC: zhangjs <zachary@baishancloud.com>
> >>> CC: Andy Lutomirski <luto@kernel.org>
> >>> CC: Florian Weimer <fweimer@redhat.com>
> >>> CC: Lennart Poettering <mzxreary@0pointer.de>
> >>> CC: Nicolai Stange <nstange@suse.de>
> >>> Reviewed-by: Roman Drahtmueller <draht@schaltsekun.de>
> >>> Tested-by: Roman Drahtmüller <draht@schaltsekun.de>
> >>> Tested-by: Marcelo Henrique Cerri <marcelo.cerri@canonical.com>
> >>> Tested-by: Neil Horman <nhorman@redhat.com>
> >>> Signed-off-by: Stephan Mueller <smueller@chronox.de>
> >>> ---
> >>> 
> >>>  drivers/char/lrng/Kconfig        |  16 ++
> >>>  drivers/char/lrng/Makefile       |   1 +
> >>>  drivers/char/lrng/lrng_testing.c | 271 +++++++++++++++++++++++++++++++
> >>>  3 files changed, 288 insertions(+)
> >>>  create mode 100644 drivers/char/lrng/lrng_testing.c
> >>> 
> >>> diff --git a/drivers/char/lrng/lrng_testing.c
> >>> b/drivers/char/lrng/lrng_testing.c new file mode 100644
> >>> index 000000000000..0e287eccd622
> >>> --- /dev/null
> >>> +++ b/drivers/char/lrng/lrng_testing.c
> >>> @@ -0,0 +1,271 @@
> >>> +// SPDX-License-Identifier: GPL-2.0 OR BSD-2-Clause
> >>> +/*
> >>> + * Linux Random Number Generator (LRNG) Raw entropy collection tool
> >>> + *
> >>> + * Copyright (C) 2019 - 2020, Stephan Mueller <smueller@chronox.de>
> >>> + */
> >>> +
> >>> +#define pr_fmt(fmt) KBUILD_MODNAME ": " fmt
> >>> +
> >>> +#include <linux/atomic.h>
> >>> +#include <linux/bug.h>
> >>> +#include <linux/debugfs.h>
> >>> +#include <linux/module.h>
> >>> +#include <linux/sched.h>
> >>> +#include <linux/sched/signal.h>
> >>> +#include <linux/slab.h>
> >>> +#include <linux/string.h>
> >>> +#include <linux/types.h>
> >>> +#include <linux/uaccess.h>
> >>> +#include <linux/workqueue.h>
> >>> +#include <asm/errno.h>
> >>> +
> >>> +#include "lrng_internal.h"
> >>> +
> >>> +#define LRNG_TESTING_RINGBUFFER_SIZE	1024
> >>> +#define LRNG_TESTING_RINGBUFFER_MASK	
(LRNG_TESTING_RINGBUFFER_SIZE - 1)
> >>> +
> >>> +static u32 lrng_testing_rb[LRNG_TESTING_RINGBUFFER_SIZE];
> >>> +static u32 lrng_rb_reader = 0;
> >>> +static u32 lrng_rb_writer = 0;
> >>> +static atomic_t lrng_testing_enabled = ATOMIC_INIT(0);
> >>> +
> >>> +static DECLARE_WAIT_QUEUE_HEAD(lrng_raw_read_wait);
> >>> +static DEFINE_SPINLOCK(lrng_raw_lock);
> >>> +
> >>> +/*
> >>> + * 0 ==> No boot test, gathering of runtime data allowed
> >>> + * 1 ==> Boot test enabled and ready for collecting data, gathering
> >>> runtime + *	 data is disabled
> >>> + * 2 ==> Boot test completed and disabled, gathering of runtime data is
> >>> + *	 disabled
> >>> + */
> >>> +static u32 boot_test = 0;
> >>> +module_param(boot_test, uint, 0644);
> >>> +MODULE_PARM_DESC(boot_test, "Enable gathering boot time entropy of the
> >>> first" +			    " entropy events");
> >> 
> >> One line for the string, please.
> > 
> > may I ask the question whether this should be done for all lines with
> > printk statements? As checkpatch.pl will complain if you have lines
> > larger than 80 chars and complains about line-broken printk statements, I
> > am always unsure which way to go.
> > 
> > All printk statements in the patch series have line-broken printk
> > statements.
> It's for grep-ability of the strings.
> grepping for partial strings would work as is, but then one would need to
> know what partial string to search for.

Ok, I am changing all these strings to one-liners even though checkpatch.pl 
will complain.

Thank you.

Ciao
Stephan

^ permalink raw reply

* Re: [PATCH v28 07/12] LRNG - add kernel crypto API PRNG extension
From: Stephan Mueller @ 2020-01-16  6:54 UTC (permalink / raw)
  To: Randy Dunlap
  Cc: Arnd Bergmann, Greg Kroah-Hartman, linux-crypto, LKML, linux-api,
	Eric W. Biederman, Alexander E. Patrakov, Ahmed S. Darwish,
	Theodore Y. Ts'o, Willy Tarreau, Matthew Garrett, Vito Caputo,
	Andreas Dilger, Jan Kara, Ray Strode, William Jon McCann, zhangjs,
	Andy Lutomirski, Florian Weimer, Lennart Poettering,
	Nicolai Stange
In-Reply-To: <d98e7a45-3d1b-8119-1ed0-87aea0f3c6f3@infradead.org>

Am Donnerstag, 16. Januar 2020, 01:15:46 CET schrieb Randy Dunlap:

Hi Randy,

> On 1/15/20 2:34 AM, Stephan Müller wrote:
> > CC: "Eric W. Biederman" <ebiederm@xmission.com>
> > CC: "Alexander E. Patrakov" <patrakov@gmail.com>
> > CC: "Ahmed S. Darwish" <darwish.07@gmail.com>
> > CC: "Theodore Y. Ts'o" <tytso@mit.edu>
> > CC: Willy Tarreau <w@1wt.eu>
> > CC: Matthew Garrett <mjg59@srcf.ucam.org>
> > CC: Vito Caputo <vcaputo@pengaru.com>
> > CC: Andreas Dilger <adilger.kernel@dilger.ca>
> > CC: Jan Kara <jack@suse.cz>
> > CC: Ray Strode <rstrode@redhat.com>
> > CC: William Jon McCann <mccann@jhu.edu>
> > CC: zhangjs <zachary@baishancloud.com>
> > CC: Andy Lutomirski <luto@kernel.org>
> > CC: Florian Weimer <fweimer@redhat.com>
> > CC: Lennart Poettering <mzxreary@0pointer.de>
> > CC: Nicolai Stange <nstange@suse.de>
> > Reviewed-by: Marcelo Henrique Cerri <marcelo.cerri@canonical.com>
> > Reviewed-by: Roman Drahtmueller <draht@schaltsekun.de>
> > Tested-by: Roman Drahtmüller <draht@schaltsekun.de>
> > Tested-by: Marcelo Henrique Cerri <marcelo.cerri@canonical.com>
> > Tested-by: Neil Horman <nhorman@redhat.com>
> > Signed-off-by: Stephan Mueller <smueller@chronox.de>
> > ---
> > 
> >  drivers/char/lrng/Kconfig      |  10 +
> >  drivers/char/lrng/Makefile     |   1 +
> >  drivers/char/lrng/lrng_kcapi.c | 327 +++++++++++++++++++++++++++++++++
> >  3 files changed, 338 insertions(+)
> >  create mode 100644 drivers/char/lrng/lrng_kcapi.c
> > 
> > diff --git a/drivers/char/lrng/Kconfig b/drivers/char/lrng/Kconfig
> > index 15fb623d9d1f..0d070a3897dd 100644
> > --- a/drivers/char/lrng/Kconfig
> > +++ b/drivers/char/lrng/Kconfig
> > @@ -80,6 +80,16 @@ config LRNG_DRBG
> > 
> >  	  Enable the SP800-90A DRBG support for the LRNG. Once the
> >  	  module is loaded, output from /dev/random, /dev/urandom,
> >  	  getrandom(2), or get_random_bytes is provided by a DRBG.
> > 
> > +
> > +config LRNG_KCAPI
> > +	tristate "Kernel Crypto API support for the LRNG"
> > +	select CRYPTO_RNG
> 
> Don't select CRYPTO_RNG unless you know that CRYPTO is set/enabled.

I added "depends on CRYPTO"
> 
> > +	help
> > +	  Enable the support for generic pseudo-random number
> > +	  generators offered by the kernel crypto API with the
> > +	  LRNG. Once the module is loaded, output from /dev/random,
> > +	  /dev/urandom, getrandom(2), or get_random_bytes is
> > +	  provided by the selected kernel crypto API RNG.
> > 
> >  endif # LRNG_DRNG_SWITCH
> >  
> >  endif # LRNG

Thank you.

Ciao
Stephan

^ permalink raw reply


This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox