Received: by 2002:a25:ab43:0:0:0:0:0 with SMTP id u61csp273958ybi; Wed, 29 May 2019 21:09:06 -0700 (PDT) X-Google-Smtp-Source: APXvYqzL063rVLzJsGlrcnNqlcz+b6Q9Rx0yx+XItA0UPBb4AUFo/LcgJBb/xMVMWs5jfBS0f5Cd X-Received: by 2002:a17:902:20e2:: with SMTP id v31mr1837312plg.138.1559189346520; Wed, 29 May 2019 21:09:06 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1559189346; cv=none; d=google.com; s=arc-20160816; b=N2WwP7p+ObexZq1/1gDF5jp8wel+WxmZdZ3sY2H0O66yHmYPrYgI5JbW359ilBe/E/ qhoU8g9rxGFi37HNT26dwnZ95vcKEySWxZPrLVeiSYjtdo7ZcdRPMjMWxUzS2K6Nt1kJ 2z8IKAPKGZBOsvKTJJLhrtIxRx3hEm5sj9iqFp5o0q/HgChg0yVcu9ys/mmp6psYz138 n6C5Psvjig7ObXv26GuAEWA2IPQGW5KJKRgl3TgfNVWToNWmRrM/Ri0y0UWFjU8ibbD7 Dt4NgZ45RclxA5sTgd3yILCwPtDJ1zkkbTyfgww2wJBHook8VKriA2Alvno2idfZlRDj C5lw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:mime-version :user-agent:references:in-reply-to:message-id:date:subject:cc:to :from:dkim-signature; bh=RC2KIpY0gzBfgBveNmJ0N23OvI9hdTOOqH04zjKwIEs=; b=SbyHncJIJn3fky12zWxAxbbYpr8xyym6JRPsUbPDyLBLQ5y+jeJtiLLF85/rXWMz/m 7ybOsFpZw/qky40jjxj5ujaG+j/+OU8QTBh/dveGdPvaSf1svQ/xbfrN9CyP2QaXnPiR YWPcqnVEMBKG3VHy/Vxve9otqEDrPa/usgn2pIEkhuMSQfSSty4ttfleE06nf8gX/Iuv XStshyTusJwOnl3O3h9L+Bn2ycj1bMoqqVj7SbIM8O0lnAFPQNcaX3N1V6Ud2WNdk4Gp MdPaUZ/n0+A2Zvqxoi+wP2NlaIvhwsJTG7inHOjE19K45bLKdzlVH9yM9F1o32i++eZm AJ7g== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@kernel.org header.s=default header.b=KFDJ+qdB; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id a69si1949734pla.178.2019.05.29.21.08.51; Wed, 29 May 2019 21:09:06 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@kernel.org header.s=default header.b=KFDJ+qdB; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726697AbfE3EGl (ORCPT + 99 others); Thu, 30 May 2019 00:06:41 -0400 Received: from mail.kernel.org ([198.145.29.99]:47690 "EHLO mail.kernel.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1731163AbfE3DRe (ORCPT ); Wed, 29 May 2019 23:17:34 -0400 Received: from localhost (ip67-88-213-2.z213-88-67.customer.algx.net [67.88.213.2]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPSA id AF70C2464B; Thu, 30 May 2019 03:17:33 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=default; t=1559186253; bh=VlALxv8za7zVD5ocOij2gNebnaZB8CTrJQnYlpH9y0k=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=KFDJ+qdBFmZabf7qJ0PcyjMCgxbeIaYj8scyTyhSSiyiG91C5FjKCAnnzRu173XsK YeY2T6vjdHwNG4FgQQnrFyoXpRth0MnNs57qaA0lUyM7ymRpdZ8Kwx47TShoe3wdG9 IAo8XGxFRSwZSDiDIaiiS/jg/R4a3D+XCYpl3DMY= From: Greg Kroah-Hartman To: linux-kernel@vger.kernel.org Cc: Greg Kroah-Hartman , stable@vger.kernel.org, Jon DeVree , Theodore Tso , Sasha Levin Subject: [PATCH 4.19 133/276] random: fix CRNG initialization when random.trust_cpu=1 Date: Wed, 29 May 2019 20:04:51 -0700 Message-Id: <20190530030534.073451785@linuxfoundation.org> X-Mailer: git-send-email 2.21.0 In-Reply-To: <20190530030523.133519668@linuxfoundation.org> References: <20190530030523.133519668@linuxfoundation.org> User-Agent: quilt/0.66 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org [ Upstream commit fe6f1a6a8eedc1aa538fee0baa612b6a59639cf8 ] When the system boots with random.trust_cpu=1 it doesn't initialize the per-NUMA CRNGs because it skips the rest of the CRNG startup code. This means that the code from 1e7f583af67b ("random: make /dev/urandom scalable for silly userspace programs") is not used when random.trust_cpu=1. crash> dmesg | grep random: [ 0.000000] random: get_random_bytes called from start_kernel+0x94/0x530 with crng_init=0 [ 0.314029] random: crng done (trusting CPU's manufacturer) crash> print crng_node_pool $6 = (struct crng_state **) 0x0 After adding the missing call to numa_crng_init() the per-NUMA CRNGs are initialized again: crash> dmesg | grep random: [ 0.000000] random: get_random_bytes called from start_kernel+0x94/0x530 with crng_init=0 [ 0.314031] random: crng done (trusting CPU's manufacturer) crash> print crng_node_pool $1 = (struct crng_state **) 0xffff9a915f4014a0 The call to invalidate_batched_entropy() was also missing. This is important for architectures like PPC and S390 which only have the arch_get_random_seed_* functions. Fixes: 39a8883a2b98 ("random: add a config option to trust the CPU's hwrng") Signed-off-by: Jon DeVree Signed-off-by: Theodore Ts'o Signed-off-by: Sasha Levin --- drivers/char/random.c | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/drivers/char/random.c b/drivers/char/random.c index c75b6cdf00533..a4515703cfcdd 100644 --- a/drivers/char/random.c +++ b/drivers/char/random.c @@ -778,6 +778,7 @@ static struct crng_state **crng_node_pool __read_mostly; #endif static void invalidate_batched_entropy(void); +static void numa_crng_init(void); static bool trust_cpu __ro_after_init = IS_ENABLED(CONFIG_RANDOM_TRUST_CPU); static int __init parse_trust_cpu(char *arg) @@ -806,7 +807,9 @@ static void crng_initialize(struct crng_state *crng) } crng->state[i] ^= rv; } - if (trust_cpu && arch_init) { + if (trust_cpu && arch_init && crng == &primary_crng) { + invalidate_batched_entropy(); + numa_crng_init(); crng_init = 2; pr_notice("random: crng done (trusting CPU's manufacturer)\n"); } -- 2.20.1