random: do not split fast init input in add_hwgenerator_randomness()

stable inclusion from stable-v5.10.119 commit bb515a5beff279443f54802d20d609f7294c98a4 category: bugfix bugzilla: https://gitee.com/openeuler/kernel/issues/I5L6BB Reference: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id=bb515a5beff279443f54802d20d609f7294c98a4 -------------------------------- commit 527a9867 upstream. add_hwgenerator_randomness() tries to only use the required amount of input for fast init, but credits all the entropy, rather than a fraction of it. Since it's hard to determine how much entropy is left over out of a non-unformly random sample, either give it all to fast init or credit it, but don't attempt to do both. In the process, we can clean up the injection code to no longer need to return a value. Signed-off-by: N Jan Varho <jan.varho@gmail.com> [Jason: expanded commit message] Fixes: 73c7733f ("random: do not throw away excess input to crng_fast_load") Cc: stable@vger.kernel.org # 5.17+, requires af704c85Signed-off-by: N Jason A. Donenfeld <Jason@zx2c4.com> Signed-off-by: N Greg Kroah-Hartman <gregkh@linuxfoundation.org> Signed-off-by: N Zheng Zengkai <zhengzengkai@huawei.com> Acked-by: N Xie XiuQi <xiexiuqi@huawei.com>

random: do not split fast init input in add_hwgenerator_randomness()
stable inclusion from stable-v5.10.119 commit bb515a5beff279443f54802d20d609f7294c98a4 category: bugfix bugzilla: https://gitee.com/openeuler/kernel/issues/I5L6BB Reference: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id=bb515a5beff279443f54802d20d609f7294c98a4 -------------------------------- commit 527a9867 upstream. add_hwgenerator_randomness() tries to only use the required amount of input for fast init, but credits all the entropy, rather than a fraction of it. Since it's hard to determine how much entropy is left over out of a non-unformly random sample, either give it all to fast init or credit it, but don't attempt to do both. In the process, we can clean up the injection code to no longer need to return a value. Signed-off-by: N Jan Varho <jan.varho@gmail.com> [Jason: expanded commit message] Fixes: 73c7733f ("random: do not throw away excess input to crng_fast_load") Cc: stable@vger.kernel.org # 5.17+, requires af704c85Signed-off-by: N Jason A. Donenfeld <Jason@zx2c4.com> Signed-off-by: N Greg Kroah-Hartman <gregkh@linuxfoundation.org> Signed-off-by: N Zheng Zengkai <zhengzengkai@huawei.com> Acked-by: N Xie XiuQi <xiexiuqi@huawei.com>
327ad7a1 · Jan Varho · Zheng Zengkai · ae736721 · 327ad7a1
显示空白变更内容
内联并排

Showing with 6 addition and 17 deletion

drivers/char/random.c drivers/char/random.c +6 -17

未找到文件。
--- a/drivers/char/random.c
+++ b/drivers/char/random.c
@@ -439,11 +439,8 @@ static void crng_make_state(u32 chacha_state[CHACHA_STATE_WORDS],
 * This shouldn't be set by functions like add_device_randomness(),
 * where we can't trust the buffer passed to it is guaranteed to be
 * unpredictable (so it might not have any entropy at all).
- *
- * Returns the number of bytes processed from input, which is bounded
- * by CRNG_INIT_CNT_THRESH if account is true.
 */
-static size_t crng_pre_init_inject(const void *input, size_t len, bool account)
+static void crng_pre_init_inject(const void *input, size_t len, bool account)
 {
 	static int crng_init_cnt = 0;
 	struct blake2s_state hash;
@@ -454,18 +451,15 @@ static size_t crng_pre_init_inject(const void *input, size_t len, bool account)
 	spin_lock_irqsave(&base_crng.lock, flags);
 	if (crng_init != 0) {
 		spin_unlock_irqrestore(&base_crng.lock, flags);
-		return 0;
+		return;
 	}
-	if (account)
-		len = min_t(size_t, len, CRNG_INIT_CNT_THRESH - crng_init_cnt);
 	blake2s_update(&hash, base_crng.key, sizeof(base_crng.key));
 	blake2s_update(&hash, input, len);
 	blake2s_final(&hash, base_crng.key);
 	if (account) {
-		crng_init_cnt += len;
+		crng_init_cnt += min_t(size_t, len, CRNG_INIT_CNT_THRESH - crng_init_cnt);
 		if (crng_init_cnt >= CRNG_INIT_CNT_THRESH) {
 			++base_crng.generation;
 			crng_init = 1;
@@ -476,8 +470,6 @@ static size_t crng_pre_init_inject(const void *input, size_t len, bool account)
 	if (crng_init == 1)
 		pr_notice("fast init done\n");
-	return len;
 }
 static void _get_random_bytes(void *buf, size_t nbytes)
@@ -1138,11 +1130,8 @@ void add_hwgenerator_randomness(const void *buffer, size_t count,
 				size_t entropy)
 {
 	if (unlikely(crng_init == 0 && entropy < POOL_MIN_BITS)) {
-		size_t ret = crng_pre_init_inject(buffer, count, true);
+		crng_pre_init_inject(buffer, count, true);
-		mix_pool_bytes(buffer, ret);
+		mix_pool_bytes(buffer, count);
-		count -= ret;
-		buffer += ret;
-		if (!count || crng_init == 0)
 		return;
 	}