1. 06 8月, 2014 1 次提交
    • T
      random: introduce getrandom(2) system call · c6e9d6f3
      Theodore Ts'o 提交于
      The getrandom(2) system call was requested by the LibreSSL Portable
      developers.  It is analoguous to the getentropy(2) system call in
      OpenBSD.
      
      The rationale of this system call is to provide resiliance against
      file descriptor exhaustion attacks, where the attacker consumes all
      available file descriptors, forcing the use of the fallback code where
      /dev/[u]random is not available.  Since the fallback code is often not
      well-tested, it is better to eliminate this potential failure mode
      entirely.
      
      The other feature provided by this new system call is the ability to
      request randomness from the /dev/urandom entropy pool, but to block
      until at least 128 bits of entropy has been accumulated in the
      /dev/urandom entropy pool.  Historically, the emphasis in the
      /dev/urandom development has been to ensure that urandom pool is
      initialized as quickly as possible after system boot, and preferably
      before the init scripts start execution.
      
      This is because changing /dev/urandom reads to block represents an
      interface change that could potentially break userspace which is not
      acceptable.  In practice, on most x86 desktop and server systems, in
      general the entropy pool can be initialized before it is needed (and
      in modern kernels, we will printk a warning message if not).  However,
      on an embedded system, this may not be the case.  And so with this new
      interface, we can provide the functionality of blocking until the
      urandom pool has been initialized.  Any userspace program which uses
      this new functionality must take care to assure that if it is used
      during the boot process, that it will not cause the init scripts or
      other portions of the system startup to hang indefinitely.
      
      SYNOPSIS
      	#include <linux/random.h>
      
      	int getrandom(void *buf, size_t buflen, unsigned int flags);
      
      DESCRIPTION
      	The system call getrandom() fills the buffer pointed to by buf
      	with up to buflen random bytes which can be used to seed user
      	space random number generators (i.e., DRBG's) or for other
      	cryptographic uses.  It should not be used for Monte Carlo
      	simulations or other programs/algorithms which are doing
      	probabilistic sampling.
      
      	If the GRND_RANDOM flags bit is set, then draw from the
      	/dev/random pool instead of the /dev/urandom pool.  The
      	/dev/random pool is limited based on the entropy that can be
      	obtained from environmental noise, so if there is insufficient
      	entropy, the requested number of bytes may not be returned.
      	If there is no entropy available at all, getrandom(2) will
      	either block, or return an error with errno set to EAGAIN if
      	the GRND_NONBLOCK bit is set in flags.
      
      	If the GRND_RANDOM bit is not set, then the /dev/urandom pool
      	will be used.  Unlike using read(2) to fetch data from
      	/dev/urandom, if the urandom pool has not been sufficiently
      	initialized, getrandom(2) will block (or return -1 with the
      	errno set to EAGAIN if the GRND_NONBLOCK bit is set in flags).
      
      	The getentropy(2) system call in OpenBSD can be emulated using
      	the following function:
      
                  int getentropy(void *buf, size_t buflen)
                  {
                          int     ret;
      
                          if (buflen > 256)
                                  goto failure;
                          ret = getrandom(buf, buflen, 0);
                          if (ret < 0)
                                  return ret;
                          if (ret == buflen)
                                  return 0;
                  failure:
                          errno = EIO;
                          return -1;
                  }
      
      RETURN VALUE
             On success, the number of bytes that was filled in the buf is
             returned.  This may not be all the bytes requested by the
             caller via buflen if insufficient entropy was present in the
             /dev/random pool, or if the system call was interrupted by a
             signal.
      
             On error, -1 is returned, and errno is set appropriately.
      
      ERRORS
      	EINVAL		An invalid flag was passed to getrandom(2)
      
      	EFAULT		buf is outside the accessible address space.
      
      	EAGAIN		The requested entropy was not available, and
      			getentropy(2) would have blocked if the
      			GRND_NONBLOCK flag was not set.
      
      	EINTR		While blocked waiting for entropy, the call was
      			interrupted by a signal handler; see the description
      			of how interrupted read(2) calls on "slow" devices
      			are handled with and without the SA_RESTART flag
      			in the signal(7) man page.
      
      NOTES
      	For small requests (buflen <= 256) getrandom(2) will not
      	return EINTR when reading from the urandom pool once the
      	entropy pool has been initialized, and it will return all of
      	the bytes that have been requested.  This is the recommended
      	way to use getrandom(2), and is designed for compatibility
      	with OpenBSD's getentropy() system call.
      
      	However, if you are using GRND_RANDOM, then getrandom(2) may
      	block until the entropy accounting determines that sufficient
      	environmental noise has been gathered such that getrandom(2)
      	will be operating as a NRBG instead of a DRBG for those people
      	who are working in the NIST SP 800-90 regime.  Since it may
      	block for a long time, these guarantees do *not* apply.  The
      	user may want to interrupt a hanging process using a signal,
      	so blocking until all of the requested bytes are returned
      	would be unfriendly.
      
      	For this reason, the user of getrandom(2) MUST always check
      	the return value, in case it returns some error, or if fewer
      	bytes than requested was returned.  In the case of
      	!GRND_RANDOM and small request, the latter should never
      	happen, but the careful userspace code (and all crypto code
      	should be careful) should check for this anyway!
      
      	Finally, unless you are doing long-term key generation (and
      	perhaps not even then), you probably shouldn't be using
      	GRND_RANDOM.  The cryptographic algorithms used for
      	/dev/urandom are quite conservative, and so should be
      	sufficient for all purposes.  The disadvantage of GRND_RANDOM
      	is that it can block, and the increased complexity required to
      	deal with partially fulfilled getrandom(2) requests.
      Signed-off-by: NTheodore Ts'o <tytso@mit.edu>
      Reviewed-by: NZach Brown <zab@zabbo.net>
      c6e9d6f3
  2. 15 7月, 2014 10 次提交
  3. 14 7月, 2014 7 次提交
    • L
      Linux 3.16-rc5 · 1795cd9b
      Linus Torvalds 提交于
      1795cd9b
    • L
      Merge tag 'ext4_for_linus_stable' of git://git.kernel.org/pub/scm/linux/kernel/git/tytso/ext4 · 18b34d9a
      Linus Torvalds 提交于
      Pull ext4 bugfixes from Ted Ts'o:
       "More bug fixes for ext4 -- most importantly, a fix for a bug
        introduced in 3.15 that can end up triggering a file system corruption
        error after a journal replay.
      
        It shouldn't lead to any actual data corruption, but it is scary and
        can force file systems to be remounted read-only, etc"
      
      * tag 'ext4_for_linus_stable' of git://git.kernel.org/pub/scm/linux/kernel/git/tytso/ext4:
        ext4: fix potential null pointer dereference in ext4_free_inode
        ext4: fix a potential deadlock in __ext4_es_shrink()
        ext4: revert commit which was causing fs corruption after journal replays
        ext4: disable synchronous transaction batching if max_batch_time==0
        ext4: clarify ext4_error message in ext4_mb_generate_buddy_error()
        ext4: clarify error count warning messages
        ext4: fix unjournalled bg descriptor while initializing inode bitmap
      18b34d9a
    • L
      Merge tag 'clk-fixes-for-linus' of git://git.linaro.org/people/mike.turquette/linux · 502fde1a
      Linus Torvalds 提交于
      Pull clock driver fixes from Mike Turquette:
       "This batch of fixes is for a handful of clock drivers from Allwinner,
        Samsung, ST & TI.  Most of them are of the "this hardware won't work
        without this fix" variety, including patches that fix platforms that
        did not boot under certain configurations.  Other fixes are the result
        of changes to the clock core introduced in 3.15 that had subtle
        impacts on the clock drivers.
      
        There are no fixes to the clock framework core in this pull request"
      
      * tag 'clk-fixes-for-linus' of git://git.linaro.org/people/mike.turquette/linux:
        clk: spear3xx: Set proper clock parent of uart1/2
        clk: spear3xx: Use proper control register offset
        clk: qcom: HDMI source sel is 3 not 2
        clk: sunxi: fix devm_ioremap_resource error detection code
        clk: s2mps11: Fix double free corruption during driver unbind
        clk: ti: am43x: Fix boot with CONFIG_SOC_AM33XX disabled
        clk: exynos5420: Remove aclk66_peric from the clock tree description
        clk/exynos5250: fix bit number for tv sysmmu clock
        clk: s3c64xx: Hookup SPI clocks correctly
        clk: samsung: exynos4: Remove SRC_MASK_ISP gates
        clk: samsung: add more aliases for s3c24xx
        clk: samsung: fix several typos to fix boot on s3c2410
        clk: ti: set CLK_SET_RATE_NO_REPARENT for ti,mux-clock
        clk: ti: am43x: Fix boot with CONFIG_SOC_AM33XX disabled
        clk: ti: dra7: return error code in failure case
        clk: ti: apll: not allocating enough data
      502fde1a
    • L
      Merge tag 'fixes-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/arm/arm-soc · 2f3870e9
      Linus Torvalds 提交于
      Pull ARM SoC fixes from Olof Johansson:
       "This week's arm-soc fixes:
      
         - Another set of OMAP fixes
           * Clock fixes
           * Restart handling
           * PHY regulators
           * SATA hwmod data for DRA7
           + Some trivial fixes and removal of a bit of dead code
         - Exynos fixes
           * A bunch of clock fixes
           * Some SMP fixes
           * Exynos multi-core timer: register as clocksource and fix ftrace.
           + a few other minor fixes
      
        There's also a couple more patches, and at91 fix for USB caused by
        common clock conversion, and more MAINTAINERS entries for shmobile.
      
        We're definitely switching to only regression fixes from here on out,
        we've been a little less strict than usual up until now"
      
      * tag 'fixes-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/arm/arm-soc: (26 commits)
        ARM: at91: at91sam9x5: add clocks for usb device
        ARM: EXYNOS: Register cpuidle device only on exynos4210 and 5250
        ARM: dts: Add clock property for mfc_pd in exynos5420
        clk: exynos5420: Add IDs for clocks used in PD mfc
        ARM: EXYNOS: Add support for clock handling in power domain
        ARM: OMAP2+: Remove non working OMAP HDMI audio initialization
        ARM: imx: fix shared gate clock
        ARM: dts: Update the parent for Audss clocks in Exynos5420
        ARM: EXYNOS: Update secondary boot addr for secure mode
        ARM: dts: Fix TI CPSW Phy mode selection on IGEP COM AQUILA.
        ARM: dts: am335x-evmsk: Enable the McASP FIFO for audio
        ARM: dts: am335x-evm: Enable the McASP FIFO for audio
        ARM: OMAP2+: Make GPMC skip disabled devices
        ARM: OMAP2+: create dsp device only on OMAP3 SoCs
        ARM: dts: dra7-evm: Make VDDA_1V8_PHY supply always on
        ARM: DRA7/AM43XX: fix header definition for omap44xx_restart
        ARM: OMAP2+: clock/dpll: fix _dpll_test_fint arithmetics overflow
        ARM: DRA7: hwmod: Add SYSCONFIG for usb_otg_ss
        ARM: DRA7: hwmod: Fixup SATA hwmod
        ARM: OMAP3: PRM/CM: Add back macros used by TI DSP/Bridge driver
        ...
      2f3870e9
    • L
      Merge branch 'fixes' of git://ftp.arm.linux.org.uk/~rmk/linux-arm · 5fa77b54
      Linus Torvalds 提交于
      Pull ARM fixes from Russell King:
       "Another round of fixes for ARM:
         - a set of kprobes fixes from Jon Medhurst
         - fix the revision checking for the L2 cache which wasn't noticed to
           have been broken"
      
      * 'fixes' of git://ftp.arm.linux.org.uk/~rmk/linux-arm:
        ARM: l2c: fix revision checking
        ARM: kprobes: Fix test code compilation errors for ARMv4 targets
        ARM: kprobes: Disallow instructions with PC and register specified shift
        ARM: kprobes: Prevent known test failures stopping other tests running
      5fa77b54
    • L
      Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/geert/linux-m68k · 33fe3aee
      Linus Torvalds 提交于
      Pull m68k fixes from Geert Uytterhoeven:
       "Summary:
        - Fix for a boot regression introduced in v3.16-rc1,
        - Fix for a build issue in -next"
      
      Christoph Hellwig questioned why mach_random_get_entropy should be
      exported to modules, and Geert explains that random_get_entropy() is
      called by at least the crypto layer and ends up using it on m68k.  On
      most other architectures it just uses get_cycles() (which is typically
      inlined and doesn't need exporting),
      
      * 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/geert/linux-m68k:
        m68k: Export mach_random_get_entropy to modules
        m68k: Fix boot regression on machines with RAM at non-zero
      33fe3aee
    • L
      Merge branch 'parisc-3.16-5' of git://git.kernel.org/pub/scm/linux/kernel/git/deller/parisc-linux · 54f8c2aa
      Linus Torvalds 提交于
      Pull parisc fixes from Helge Deller:
       "The major patch in here is one which fixes the fanotify_mark() syscall
        in the compat layer of the 64bit parisc kernel.  It went unnoticed so
        long, because the calling syntax when using a 64bit parameter in a
        32bit syscall is quite complex and even worse, it may be even
        different if you call syscall() or the glibc wrapper.  This patch
        makes the kernel accept the calling convention when called by the
        glibc wrapper.
      
        The other two patches are trivial and remove unused headers, #includes
        and adds the serial ports of the fastest C8000 workstation to the
        parisc-kernel internal hardware database"
      
      * 'parisc-3.16-5' of git://git.kernel.org/pub/scm/linux/kernel/git/deller/parisc-linux:
        parisc: drop unused defines and header includes
        parisc: fix fanotify_mark() syscall on 32bit compat kernel
        parisc: add serial ports of C8000/1GHz machine to hardware database
      54f8c2aa
  4. 13 7月, 2014 19 次提交
  5. 12 7月, 2014 3 次提交