提交 85608f8e 编写于 作者: T Theodore Ts'o

random: remove unneeded hash of a portion of the entropy pool

We previously extracted a portion of the entropy pool in
mix_pool_bytes() and hashed it in to avoid racing CPU's from returning
duplicate random values.  Now that we are using a spinlock to prevent
this from happening, this is no longer necessary.  So remove it, to
simplify the code a bit.
Signed-off-by: NTheodore Ts'o <tytso@mit.edu>
Cc: George Spelvin <linux@horizon.com>
上级 91fcb532
...@@ -481,9 +481,9 @@ static __u32 const twist_table[8] = { ...@@ -481,9 +481,9 @@ static __u32 const twist_table[8] = {
* the entropy is concentrated in the low-order bits. * the entropy is concentrated in the low-order bits.
*/ */
static void _mix_pool_bytes(struct entropy_store *r, const void *in, static void _mix_pool_bytes(struct entropy_store *r, const void *in,
int nbytes, __u8 out[64]) int nbytes)
{ {
unsigned long i, j, tap1, tap2, tap3, tap4, tap5; unsigned long i, tap1, tap2, tap3, tap4, tap5;
int input_rotate; int input_rotate;
int wordmask = r->poolinfo->poolwords - 1; int wordmask = r->poolinfo->poolwords - 1;
const char *bytes = in; const char *bytes = in;
...@@ -525,27 +525,23 @@ static void _mix_pool_bytes(struct entropy_store *r, const void *in, ...@@ -525,27 +525,23 @@ static void _mix_pool_bytes(struct entropy_store *r, const void *in,
r->input_rotate = input_rotate; r->input_rotate = input_rotate;
r->add_ptr = i; r->add_ptr = i;
if (out)
for (j = 0; j < 16; j++)
((__u32 *)out)[j] = r->pool[(i - j) & wordmask];
} }
static void __mix_pool_bytes(struct entropy_store *r, const void *in, static void __mix_pool_bytes(struct entropy_store *r, const void *in,
int nbytes, __u8 out[64]) int nbytes)
{ {
trace_mix_pool_bytes_nolock(r->name, nbytes, _RET_IP_); trace_mix_pool_bytes_nolock(r->name, nbytes, _RET_IP_);
_mix_pool_bytes(r, in, nbytes, out); _mix_pool_bytes(r, in, nbytes);
} }
static void mix_pool_bytes(struct entropy_store *r, const void *in, static void mix_pool_bytes(struct entropy_store *r, const void *in,
int nbytes, __u8 out[64]) int nbytes)
{ {
unsigned long flags; unsigned long flags;
trace_mix_pool_bytes(r->name, nbytes, _RET_IP_); trace_mix_pool_bytes(r->name, nbytes, _RET_IP_);
spin_lock_irqsave(&r->lock, flags); spin_lock_irqsave(&r->lock, flags);
_mix_pool_bytes(r, in, nbytes, out); _mix_pool_bytes(r, in, nbytes);
spin_unlock_irqrestore(&r->lock, flags); spin_unlock_irqrestore(&r->lock, flags);
} }
...@@ -737,13 +733,13 @@ void add_device_randomness(const void *buf, unsigned int size) ...@@ -737,13 +733,13 @@ void add_device_randomness(const void *buf, unsigned int size)
trace_add_device_randomness(size, _RET_IP_); trace_add_device_randomness(size, _RET_IP_);
spin_lock_irqsave(&input_pool.lock, flags); spin_lock_irqsave(&input_pool.lock, flags);
_mix_pool_bytes(&input_pool, buf, size, NULL); _mix_pool_bytes(&input_pool, buf, size);
_mix_pool_bytes(&input_pool, &time, sizeof(time), NULL); _mix_pool_bytes(&input_pool, &time, sizeof(time));
spin_unlock_irqrestore(&input_pool.lock, flags); spin_unlock_irqrestore(&input_pool.lock, flags);
spin_lock_irqsave(&nonblocking_pool.lock, flags); spin_lock_irqsave(&nonblocking_pool.lock, flags);
_mix_pool_bytes(&nonblocking_pool, buf, size, NULL); _mix_pool_bytes(&nonblocking_pool, buf, size);
_mix_pool_bytes(&nonblocking_pool, &time, sizeof(time), NULL); _mix_pool_bytes(&nonblocking_pool, &time, sizeof(time));
spin_unlock_irqrestore(&nonblocking_pool.lock, flags); spin_unlock_irqrestore(&nonblocking_pool.lock, flags);
} }
EXPORT_SYMBOL(add_device_randomness); EXPORT_SYMBOL(add_device_randomness);
...@@ -776,7 +772,7 @@ static void add_timer_randomness(struct timer_rand_state *state, unsigned num) ...@@ -776,7 +772,7 @@ static void add_timer_randomness(struct timer_rand_state *state, unsigned num)
sample.cycles = random_get_entropy(); sample.cycles = random_get_entropy();
sample.num = num; sample.num = num;
r = nonblocking_pool.initialized ? &input_pool : &nonblocking_pool; r = nonblocking_pool.initialized ? &input_pool : &nonblocking_pool;
mix_pool_bytes(r, &sample, sizeof(sample), NULL); mix_pool_bytes(r, &sample, sizeof(sample));
/* /*
* Calculate number of bits of randomness we probably added. * Calculate number of bits of randomness we probably added.
...@@ -864,7 +860,7 @@ void add_interrupt_randomness(int irq, int irq_flags) ...@@ -864,7 +860,7 @@ void add_interrupt_randomness(int irq, int irq_flags)
return; return;
} }
fast_pool->last = now; fast_pool->last = now;
__mix_pool_bytes(r, &fast_pool->pool, sizeof(fast_pool->pool), NULL); __mix_pool_bytes(r, &fast_pool->pool, sizeof(fast_pool->pool));
/* /*
* If we have architectural seed generator, produce a seed and * If we have architectural seed generator, produce a seed and
...@@ -872,7 +868,7 @@ void add_interrupt_randomness(int irq, int irq_flags) ...@@ -872,7 +868,7 @@ void add_interrupt_randomness(int irq, int irq_flags)
* 50% entropic. * 50% entropic.
*/ */
if (arch_get_random_seed_long(&seed)) { if (arch_get_random_seed_long(&seed)) {
__mix_pool_bytes(r, &seed, sizeof(seed), NULL); __mix_pool_bytes(r, &seed, sizeof(seed));
credit += sizeof(seed) * 4; credit += sizeof(seed) * 4;
} }
spin_unlock(&r->lock); spin_unlock(&r->lock);
...@@ -955,7 +951,7 @@ static void _xfer_secondary_pool(struct entropy_store *r, size_t nbytes) ...@@ -955,7 +951,7 @@ static void _xfer_secondary_pool(struct entropy_store *r, size_t nbytes)
ENTROPY_BITS(r), ENTROPY_BITS(r->pull)); ENTROPY_BITS(r), ENTROPY_BITS(r->pull));
bytes = extract_entropy(r->pull, tmp, bytes, bytes = extract_entropy(r->pull, tmp, bytes,
random_read_wakeup_bits / 8, rsvd_bytes); random_read_wakeup_bits / 8, rsvd_bytes);
mix_pool_bytes(r, tmp, bytes, NULL); mix_pool_bytes(r, tmp, bytes);
credit_entropy_bits(r, bytes*8); credit_entropy_bits(r, bytes*8);
} }
...@@ -1031,7 +1027,6 @@ static void extract_buf(struct entropy_store *r, __u8 *out) ...@@ -1031,7 +1027,6 @@ static void extract_buf(struct entropy_store *r, __u8 *out)
unsigned long l[LONGS(20)]; unsigned long l[LONGS(20)];
} hash; } hash;
__u32 workspace[SHA_WORKSPACE_WORDS]; __u32 workspace[SHA_WORKSPACE_WORDS];
__u8 extract[64];
unsigned long flags; unsigned long flags;
/* /*
...@@ -1060,15 +1055,9 @@ static void extract_buf(struct entropy_store *r, __u8 *out) ...@@ -1060,15 +1055,9 @@ static void extract_buf(struct entropy_store *r, __u8 *out)
* brute-forcing the feedback as hard as brute-forcing the * brute-forcing the feedback as hard as brute-forcing the
* hash. * hash.
*/ */
__mix_pool_bytes(r, hash.w, sizeof(hash.w), extract); __mix_pool_bytes(r, hash.w, sizeof(hash.w));
spin_unlock_irqrestore(&r->lock, flags); spin_unlock_irqrestore(&r->lock, flags);
/*
* To avoid duplicates, we atomically extract a portion of the
* pool while mixing, and hash one final time.
*/
sha_transform(hash.w, extract, workspace);
memset(extract, 0, sizeof(extract));
memset(workspace, 0, sizeof(workspace)); memset(workspace, 0, sizeof(workspace));
/* /*
...@@ -1255,14 +1244,14 @@ static void init_std_data(struct entropy_store *r) ...@@ -1255,14 +1244,14 @@ static void init_std_data(struct entropy_store *r)
unsigned long rv; unsigned long rv;
r->last_pulled = jiffies; r->last_pulled = jiffies;
mix_pool_bytes(r, &now, sizeof(now), NULL); mix_pool_bytes(r, &now, sizeof(now));
for (i = r->poolinfo->poolbytes; i > 0; i -= sizeof(rv)) { for (i = r->poolinfo->poolbytes; i > 0; i -= sizeof(rv)) {
if (!arch_get_random_seed_long(&rv) && if (!arch_get_random_seed_long(&rv) &&
!arch_get_random_long(&rv)) !arch_get_random_long(&rv))
rv = random_get_entropy(); rv = random_get_entropy();
mix_pool_bytes(r, &rv, sizeof(rv), NULL); mix_pool_bytes(r, &rv, sizeof(rv));
} }
mix_pool_bytes(r, utsname(), sizeof(*(utsname())), NULL); mix_pool_bytes(r, utsname(), sizeof(*(utsname())));
} }
/* /*
...@@ -1325,7 +1314,7 @@ static int arch_random_refill(void) ...@@ -1325,7 +1314,7 @@ static int arch_random_refill(void)
if (n) { if (n) {
unsigned int rand_bytes = n * sizeof(unsigned long); unsigned int rand_bytes = n * sizeof(unsigned long);
mix_pool_bytes(&input_pool, buf, rand_bytes, NULL); mix_pool_bytes(&input_pool, buf, rand_bytes);
credit_entropy_bits(&input_pool, rand_bytes*4); credit_entropy_bits(&input_pool, rand_bytes*4);
} }
...@@ -1415,7 +1404,7 @@ write_pool(struct entropy_store *r, const char __user *buffer, size_t count) ...@@ -1415,7 +1404,7 @@ write_pool(struct entropy_store *r, const char __user *buffer, size_t count)
count -= bytes; count -= bytes;
p += bytes; p += bytes;
mix_pool_bytes(r, buf, bytes, NULL); mix_pool_bytes(r, buf, bytes);
cond_resched(); cond_resched();
} }
......
Markdown is supported
0% .
You are about to add 0 people to the discussion. Proceed with caution.
先完成此消息的编辑!
想要评论请 注册