2022-10-28 16:10:50

by Jean-Philippe Brucker

Subject: [PATCH] random: Use arch_get_random*_early() in random_init()

While reworking the archrandom handling, commit d349ab99eec7 ("random:
handle archrandom with multiple longs") switched to the non-early
archrandom helpers in random_init(), which broke initialization of the
entropy pool from the arm64 random generator.

Indeed at that point the arm64 CPU features, which verify that all CPUs
have compatible capabilities, are not finalized so arch_get_random_seed_longs()
is unsuccessful. Instead random_init() should use the _early functions,
which check only the boot CPU on arm64. On other architectures the
_early functions directly call the normal ones.

Fixes: d349ab99eec7 ("random: handle archrandom with multiple longs")
Signed-off-by: Jean-Philippe Brucker <[email protected]>
---
drivers/char/random.c | 5 +++--
1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/drivers/char/random.c b/drivers/char/random.c
index 2fe28eeb2f38..085af17c32f5 100644
--- a/drivers/char/random.c
+++ b/drivers/char/random.c
@@ -791,13 +791,14 @@ void __init random_init_early(const char *command_line)
#endif

for (i = 0, arch_bits = sizeof(entropy) * 8; i < ARRAY_SIZE(entropy);) {
- longs = arch_get_random_seed_longs(entropy, ARRAY_SIZE(entropy) - i);
+ longs = arch_get_random_seed_longs_early(entropy,
+ ARRAY_SIZE(entropy) - i);
if (longs) {
_mix_pool_bytes(entropy, sizeof(*entropy) * longs);
i += longs;
continue;
}
- longs = arch_get_random_longs(entropy, ARRAY_SIZE(entropy) - i);
+ longs = arch_get_random_longs_early(entropy, ARRAY_SIZE(entropy) - i);
if (longs) {
_mix_pool_bytes(entropy, sizeof(*entropy) * longs);
i += longs;
--
2.37.3

2022-10-28 16:39:50

by Jason A. Donenfeld

Subject: Re: [PATCH] random: Use arch_get_random*_early() in random_init()

On Fri, Oct 28, 2022 at 05:00:42PM +0100, Jean-Philippe Brucker wrote:
> While reworking the archrandom handling, commit d349ab99eec7 ("random:
> handle archrandom with multiple longs") switched to the non-early
> archrandom helpers in random_init(), which broke initialization of the
> entropy pool from the arm64 random generator.
>
> Indeed at that point the arm64 CPU features, which verify that all CPUs
> have compatible capabilities, are not finalized so arch_get_random_seed_longs()
> is unsuccessful. Instead random_init() should use the _early functions,
> which check only the boot CPU on arm64. On other architectures the
> _early functions directly call the normal ones.
>
> Fixes: d349ab99eec7 ("random: handle archrandom with multiple longs")
> Signed-off-by: Jean-Philippe Brucker <[email protected]>

Thank you for catching this. I'll get this queued up for the next rc.

Jason