From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 96597C433F5 for ; Wed, 2 Mar 2022 08:53:45 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S240251AbiCBIy0 (ORCPT ); Wed, 2 Mar 2022 03:54:26 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:48312 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S234861AbiCBIyX (ORCPT ); Wed, 2 Mar 2022 03:54:23 -0500 Received: from dfw.source.kernel.org (dfw.source.kernel.org [139.178.84.217]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 202475FF04; Wed, 2 Mar 2022 00:53:39 -0800 (PST) Received: from smtp.kernel.org (relay.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by dfw.source.kernel.org (Postfix) with ESMTPS id B81296124D; Wed, 2 Mar 2022 08:53:38 +0000 (UTC) Received: by smtp.kernel.org (Postfix) with ESMTPSA id 7ED9BC004E1; Wed, 2 Mar 2022 08:53:37 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=linuxfoundation.org; s=korg; t=1646211218; bh=G74+aJfG6CYsfJpqACXBWrfFsPqguSBtGOY3haphRKI=; h=Date:From:To:Cc:Subject:References:In-Reply-To:From; b=Lf1K83pfZJ0TAdTTKhvpqcbQIDZD5zpio0iBwWG6ZCzkz3KPJA1kvmZmAVsctBLfS Vm/KMgJJXcNO8HI5RLO7oaBZc5SsnNw44K6jocTDFr9ltgAMntutPJ6qif0Mvg+iUY 7zvswMwmD7/toHQhBSpxgyY8lwJ4X41mdyVEdjmo= Date: Wed, 2 Mar 2022 09:53:34 +0100 From: Greg KH To: "Jason A. Donenfeld" Cc: linux-kernel@vger.kernel.org, linux-crypto@vger.kernel.org, netdev@vger.kernel.org, Alexander Graf , Jann Horn , Dominik Brodowski , Theodore Ts'o Subject: Re: [PATCH 2/3] random: provide notifier for VM fork Message-ID: References: <20220301231038.530897-1-Jason@zx2c4.com> <20220301231038.530897-3-Jason@zx2c4.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20220301231038.530897-3-Jason@zx2c4.com> Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Wed, Mar 02, 2022 at 12:10:37AM +0100, Jason A. Donenfeld wrote: > Drivers such as WireGuard need to learn when VMs fork in order to clear > sessions. This commit provides a simple notifier_block for that, with a > register and unregister function. When no VM fork detection is compiled > in, this turns into a no-op, similar to how the power notifier works. > > Cc: Dominik Brodowski > Cc: Greg Kroah-Hartman > Cc: Theodore Ts'o > Signed-off-by: Jason A. Donenfeld > --- > drivers/char/random.c | 15 +++++++++++++++ > include/linux/random.h | 5 +++++ > 2 files changed, 20 insertions(+) > > diff --git a/drivers/char/random.c b/drivers/char/random.c > index 6bd1bbab7392..483fd2dc2057 100644 > --- a/drivers/char/random.c > +++ b/drivers/char/random.c > @@ -1141,6 +1141,8 @@ void add_bootloader_randomness(const void *buf, size_t size) > EXPORT_SYMBOL_GPL(add_bootloader_randomness); > > #if IS_ENABLED(CONFIG_VMGENID) > +static BLOCKING_NOTIFIER_HEAD(vmfork_notifier); > + > /* > * Handle a new unique VM ID, which is unique, not secret, so we > * don't credit it, but we do immediately force a reseed after so > @@ -1152,11 +1154,24 @@ void add_vmfork_randomness(const void *unique_vm_id, size_t size) > if (crng_ready()) { > crng_reseed(true); > pr_notice("crng reseeded due to virtual machine fork\n"); > + blocking_notifier_call_chain(&vmfork_notifier, 0, NULL); > } > } > #if IS_MODULE(CONFIG_VMGENID) > EXPORT_SYMBOL_GPL(add_vmfork_randomness); > #endif > + > +int register_random_vmfork_notifier(struct notifier_block *nb) > +{ > + return blocking_notifier_chain_register(&vmfork_notifier, nb); > +} > +EXPORT_SYMBOL_GPL(register_random_vmfork_notifier); > + > +int unregister_random_vmfork_notifier(struct notifier_block *nb) > +{ > + return blocking_notifier_chain_unregister(&vmfork_notifier, nb); > +} > +EXPORT_SYMBOL_GPL(unregister_random_vmfork_notifier); > #endif > > struct fast_pool { > diff --git a/include/linux/random.h b/include/linux/random.h > index e84b6fa27435..7fccbc7e5a75 100644 > --- a/include/linux/random.h > +++ b/include/linux/random.h > @@ -31,6 +31,11 @@ extern void add_hwgenerator_randomness(const void *buffer, size_t count, > size_t entropy); > #if IS_ENABLED(CONFIG_VMGENID) > extern void add_vmfork_randomness(const void *unique_vm_id, size_t size); > +extern int register_random_vmfork_notifier(struct notifier_block *nb); > +extern int unregister_random_vmfork_notifier(struct notifier_block *nb); > +#else > +static inline int register_random_vmfork_notifier(struct notifier_block *nb) { return 0; } > +static inline int unregister_random_vmfork_notifier(struct notifier_block *nb) { return 0; } > #endif > > extern void get_random_bytes(void *buf, size_t nbytes); > -- > 2.35.1 > It seems crazy that the "we just were spawned as a new vm" notifier is based in the random driver, but sure, put it here for now! :) Reviewed-by: Greg Kroah-Hartman