releases/5.1.6/random-fix-crng-initialization-when-random.trust_cpu.patch - pub/scm/linux/kernel/git/stable/stable-queue - Git at Google

 From a8ae7965c30be7d9b94d7f9c00b693045f8eda59 Mon Sep 17 00:00:00 2001
 From: Jon DeVree <nuxi@vault24.org>
 Date: Fri, 19 Apr 2019 23:35:16 -0400
 Subject: random: fix CRNG initialization when random.trust_cpu=1

 [ Upstream commit fe6f1a6a8eedc1aa538fee0baa612b6a59639cf8 ]

 When the system boots with random.trust_cpu=1 it doesn't initialize the
 per-NUMA CRNGs because it skips the rest of the CRNG startup code. This
 means that the code from 1e7f583af67b ("random: make /dev/urandom scalable
 for silly userspace programs") is not used when random.trust_cpu=1.

 crash> dmesg | grep random:
 [    0.000000] random: get_random_bytes called from start_kernel+0x94/0x530 with crng_init=0
 [    0.314029] random: crng done (trusting CPU's manufacturer)
 crash> print crng_node_pool
 $6 = (struct crng_state **) 0x0

 After adding the missing call to numa_crng_init() the per-NUMA CRNGs are
 initialized again:

 crash> dmesg | grep random:
 [    0.000000] random: get_random_bytes called from start_kernel+0x94/0x530 with crng_init=0
 [    0.314031] random: crng done (trusting CPU's manufacturer)
 crash> print crng_node_pool
 $1 = (struct crng_state **) 0xffff9a915f4014a0

 The call to invalidate_batched_entropy() was also missing. This is
 important for architectures like PPC and S390 which only have the
 arch_get_random_seed_* functions.

 Fixes: 39a8883a2b98 ("random: add a config option to trust the CPU's hwrng")
 Signed-off-by: Jon DeVree <nuxi@vault24.org>
 Signed-off-by: Theodore Ts'o <tytso@mit.edu>
 Signed-off-by: Sasha Levin <sashal@kernel.org>
 ---
  drivers/char/random.c | 5 ++++-
  1 file changed, 4 insertions(+), 1 deletion(-)

 diff --git a/drivers/char/random.c b/drivers/char/random.c
 index 38c6d1af6d1c0..d4d45ccfeefc0 100644
 --- a/drivers/char/random.c
 +++ b/drivers/char/random.c
 @@ -777,6 +777,7 @@ static struct crng_state **crng_node_pool __read_mostly;
  #endif

  static void invalidate_batched_entropy(void);
 +static void numa_crng_init(void);

  static bool trust_cpu __ro_after_init = IS_ENABLED(CONFIG_RANDOM_TRUST_CPU);
  static int __init parse_trust_cpu(char *arg)
 @@ -805,7 +806,9 @@ static void crng_initialize(struct crng_state *crng)
  		}
  		crng->state[i] ^= rv;
  	}
 -	if (trust_cpu && arch_init) {
 +	if (trust_cpu && arch_init && crng == &primary_crng) {
 +		invalidate_batched_entropy();
 +		numa_crng_init();
  		crng_init = 2;
  		pr_notice("random: crng done (trusting CPU's manufacturer)\n");
  	}
 --
 2.20.1
	From a8ae7965c30be7d9b94d7f9c00b693045f8eda59 Mon Sep 17 00:00:00 2001
	From: Jon DeVree <nuxi@vault24.org>
	Date: Fri, 19 Apr 2019 23:35:16 -0400
	Subject: random: fix CRNG initialization when random.trust_cpu=1

	[ Upstream commit fe6f1a6a8eedc1aa538fee0baa612b6a59639cf8 ]

	When the system boots with random.trust_cpu=1 it doesn't initialize the
	per-NUMA CRNGs because it skips the rest of the CRNG startup code. This
	means that the code from 1e7f583af67b ("random: make /dev/urandom scalable
	for silly userspace programs") is not used when random.trust_cpu=1.

	crash> dmesg \| grep random:
	[ 0.000000] random: get_random_bytes called from start_kernel+0x94/0x530 with crng_init=0
	[ 0.314029] random: crng done (trusting CPU's manufacturer)
	crash> print crng_node_pool
	$6 = (struct crng_state **) 0x0

	After adding the missing call to numa_crng_init() the per-NUMA CRNGs are
	initialized again:

	crash> dmesg \| grep random:
	[ 0.000000] random: get_random_bytes called from start_kernel+0x94/0x530 with crng_init=0
	[ 0.314031] random: crng done (trusting CPU's manufacturer)
	crash> print crng_node_pool
	$1 = (struct crng_state **) 0xffff9a915f4014a0

	The call to invalidate_batched_entropy() was also missing. This is
	important for architectures like PPC and S390 which only have the
	arch_get_random_seed_* functions.

	Fixes: 39a8883a2b98 ("random: add a config option to trust the CPU's hwrng")
	Signed-off-by: Jon DeVree <nuxi@vault24.org>
	Signed-off-by: Theodore Ts'o <tytso@mit.edu>
	Signed-off-by: Sasha Levin <sashal@kernel.org>
	---
	drivers/char/random.c \| 5 ++++-
	1 file changed, 4 insertions(+), 1 deletion(-)

	diff --git a/drivers/char/random.c b/drivers/char/random.c
	index 38c6d1af6d1c0..d4d45ccfeefc0 100644
	--- a/drivers/char/random.c
	+++ b/drivers/char/random.c
	@@ -777,6 +777,7 @@ static struct crng_state **crng_node_pool __read_mostly;
	#endif

	static void invalidate_batched_entropy(void);
	+static void numa_crng_init(void);

	static bool trust_cpu __ro_after_init = IS_ENABLED(CONFIG_RANDOM_TRUST_CPU);
	static int __init parse_trust_cpu(char *arg)
	@@ -805,7 +806,9 @@ static void crng_initialize(struct crng_state *crng)
	}
	crng->state[i] ^= rv;
	}
	- if (trust_cpu && arch_init) {
	+ if (trust_cpu && arch_init && crng == &primary_crng) {
	+ invalidate_batched_entropy();
	+ numa_crng_init();
	crng_init = 2;
	pr_notice("random: crng done (trusting CPU's manufacturer)\n");
	}
	--
	2.20.1