From: Matt Mackall <mpm@selenic.com>
To: Andrew Morton <akpm@osdl.org>
Cc: linux-kernel@vger.kernel.org
Subject: [PATCH 10/22] /dev/random: entropy reserve logic for starvation preve
Date: Thu, 25 Mar 2004 17:57:44 -0600 [thread overview]
Message-ID: <11.524465763@selenic.com> (raw)
In-Reply-To: <10.524465763@selenic.com>
/dev/random entropy reserve logic for starvation prevention
Additional parameter to allow keeping an entropy reserve in the input
pool. Groundwork for /dev/urandom vs /dev/random starvation prevention.
tiny-mpm/drivers/char/random.c | 30 +++++++++++++++++-------------
1 files changed, 17 insertions(+), 13 deletions(-)
diff -puN drivers/char/random.c~debit-entropy drivers/char/random.c
--- tiny/drivers/char/random.c~debit-entropy 2004-03-20 13:38:26.000000000 -0600
+++ tiny-mpm/drivers/char/random.c 2004-03-20 13:38:26.000000000 -0600
@@ -1264,7 +1264,7 @@ static void MD5Transform(__u32 buf[HASH_
#define SEC_XFER_SIZE (TMP_BUF_SIZE*4)
static ssize_t extract_entropy(struct entropy_store *r, void * buf,
- size_t nbytes, int min, int flags);
+ size_t nbytes, int min, int rsvd, int flags);
/*
* This utility inline function is responsible for transfering entropy
@@ -1283,7 +1283,7 @@ static inline void xfer_secondary_pool(s
bytes * 8, nbytes * 8, r->entropy_count);
bytes=extract_entropy(input_pool, tmp, bytes,
- random_read_wakeup_thresh / 8,
+ random_read_wakeup_thresh / 8, 0,
EXTRACT_ENTROPY_LIMIT);
add_entropy_words(r, tmp, bytes);
credit_entropy_store(r, bytes*8);
@@ -1297,13 +1297,15 @@ static inline void xfer_secondary_pool(s
* number of bytes that are actually obtained. If the EXTRACT_ENTROPY_USER
* flag is given, then the buf pointer is assumed to be in user space.
*
- * If we have less than min bytes of entropy available, exit without
- * transferring any. This helps avoid racing when reseeding.
+ * The min parameter specifies the minimum amount we can pull before
+ * failing to avoid races that defeat catastrophic reseeding while the
+ * reserved parameter indicates how much entropy we must leave in the
+ * pool after each pull to avoid starving other readers.
*
* Note: extract_entropy() assumes that .poolwords is a multiple of 16 words.
*/
static ssize_t extract_entropy(struct entropy_store *r, void * buf,
- size_t nbytes, int min, int flags)
+ size_t nbytes, int min, int reserved, int flags)
{
ssize_t ret, i;
__u32 tmp[TMP_BUF_SIZE];
@@ -1323,17 +1325,19 @@ static ssize_t extract_entropy(struct en
DEBUG_ENT("trying to extract %d bits from %s\n", nbytes * 8, r->name);
- if (r->entropy_count / 8 < min) {
+ /* Can we pull enough? */
+ if (r->entropy_count / 8 < min + reserved) {
nbytes = 0;
} else {
+ /* If limited, never pull more than available */
if (flags & EXTRACT_ENTROPY_LIMIT &&
- nbytes >= r->entropy_count / 8)
- nbytes = r->entropy_count / 8;
+ nbytes + reserved >= r->entropy_count / 8)
+ nbytes = r->entropy_count/8 - reserved;
- if (r->entropy_count / 8 >= nbytes)
+ if(r->entropy_count / 8 >= nbytes + reserved)
r->entropy_count -= nbytes*8;
else
- r->entropy_count = 0;
+ r->entropy_count = reserved;
if (r->entropy_count < random_write_wakeup_thresh)
wake_up_interruptible(&random_write_wait);
@@ -1421,7 +1425,7 @@ static ssize_t extract_entropy(struct en
void get_random_bytes(void *buf, int nbytes)
{
BUG_ON(!blocking_pool);
- extract_entropy(blocking_pool, buf, nbytes, 0, 0);
+ extract_entropy(blocking_pool, buf, nbytes, 0, 0, 0);
}
EXPORT_SYMBOL(get_random_bytes);
@@ -1536,7 +1540,7 @@ random_read(struct file * file, char * b
DEBUG_ENT("reading %d bits\n", n*8);
- n = extract_entropy(blocking_pool, buf, n, 0,
+ n = extract_entropy(blocking_pool, buf, n, 0, 0,
EXTRACT_ENTROPY_USER |
EXTRACT_ENTROPY_LIMIT);
@@ -1589,7 +1593,7 @@ static ssize_t
urandom_read(struct file * file, char * buf,
size_t nbytes, loff_t *ppos)
{
- return extract_entropy(blocking_pool, buf, nbytes, 0,
+ return extract_entropy(blocking_pool, buf, nbytes, 0, 0,
EXTRACT_ENTROPY_USER);
}
_
next prev parent reply other threads:[~2004-03-26 0:01 UTC|newest]
Thread overview: 33+ messages / expand[flat|nested] mbox.gz Atom feed top
2004-03-25 23:57 [PATCH 0/22] /dev/random: Assorted fixes and cleanups Matt Mackall
2004-03-25 23:57 ` [PATCH 1/22] /dev/random: Simplify entropy debugging Matt Mackall
2004-03-25 23:57 ` [PATCH 2/22] /dev/random: Cleanup sleep logic Matt Mackall
2004-03-25 23:57 ` [PATCH 3/22] /dev/random: remove broken resizing sysctl Matt Mackall
2004-03-25 23:57 ` [PATCH 4/22] /dev/random: remove outdated RNDGETPOOL ioctl Matt Mackall
2004-03-25 23:57 ` [PATCH 5/22] /dev/random: pool struct cleanup and rename Matt Mackall
2004-03-25 23:57 ` [PATCH 6/22] /dev/random: simplify pool initialization Matt Mackall
2004-03-25 23:57 ` [PATCH 7/22] /dev/random: simplify reseed logic Matt Mackall
2004-03-25 23:57 ` [PATCH 8/22] /dev/random: BUG on premature random users Matt Mackall
2004-03-25 23:57 ` [PATCH 9/22] /dev/random: more robust catastrophic reseed logic Matt Mackall
2004-03-25 23:57 ` Matt Mackall [this message]
2004-03-25 23:57 ` [PATCH 11/22] /dev/random: flag pools that need entropy reserve Matt Mackall
2004-03-25 23:57 ` [PATCH 12/22] /dev/random: add pool for /dev/urandom to prevent starv Matt Mackall
2004-03-25 23:57 ` [PATCH 13/22] /dev/random: kill extract_timer_state Matt Mackall
2004-03-25 23:57 ` [PATCH 14/22] /dev/random: kill unused md5 copy Matt Mackall
2004-03-25 23:57 ` [PATCH 15/22] /dev/random: kill unrolled SHA code Matt Mackall
2004-03-25 23:57 ` [PATCH 16/22] /dev/random: kill 2.2 cruft Matt Mackall
2004-03-25 23:57 ` [PATCH 17/22] /dev/random: minor shrinkage Matt Mackall
2004-03-25 23:57 ` [PATCH 18/22] /dev/random: bitop cleanup Matt Mackall
2004-03-25 23:57 ` [PATCH 19/22] /dev/random: use sched_clock for timing data Matt Mackall
2004-03-25 23:57 ` [PATCH 20/22] /dev/random: cleanup rol bitop Matt Mackall
2004-03-25 23:57 ` [PATCH 21/22] /dev/random: kill batching of entropy mixing Matt Mackall
2004-03-25 23:57 ` [PATCH 22/22] /dev/random: update credits Matt Mackall
2004-03-27 13:52 ` [PATCH 21/22] /dev/random: kill batching of entropy mixing Jamie Lokier
2004-03-27 15:17 ` Matt Mackall
2004-03-26 1:43 ` [PATCH 15/22] /dev/random: kill unrolled SHA code Jeff Garzik
2004-03-26 3:59 ` Matt Mackall
2004-03-27 13:49 ` Jamie Lokier
2004-03-26 0:15 ` [PATCH 4/22] /dev/random: remove outdated RNDGETPOOL ioctl Andrew Morton
2004-03-26 0:15 ` [PATCH 3/22] /dev/random: remove broken resizing sysctl Andrew Morton
2004-03-26 3:53 ` Matt Mackall
2004-03-26 0:14 ` [PATCH 2/22] /dev/random: Cleanup sleep logic Andrew Morton
2004-03-26 3:49 ` Matt Mackall
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=11.524465763@selenic.com \
--to=mpm@selenic.com \
--cc=akpm@osdl.org \
--cc=linux-kernel@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox