Received: by 2002:a6b:fb09:0:0:0:0:0 with SMTP id h9csp2941178iog;
        Mon, 20 Jun 2022 07:57:33 -0700 (PDT)
X-Google-Smtp-Source: AGRyM1tGze+twU7svMsanuMwRtYbCTJToF6W0HHL4l/AuHRd4PxkY7lEtoLU1hUuxgLttl+0t8Yf
X-Received: by 2002:a17:902:e892:b0:167:4570:32e3 with SMTP id w18-20020a170902e89200b00167457032e3mr24275626plg.51.1655737053076;
        Mon, 20 Jun 2022 07:57:33 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1655737053; cv=none;
        d=google.com; s=arc-20160816;
        b=Ef6FXqWO33WtyBw8dRbcMR7MF+GQA19z5d0xG9yMlZj6VCb9WRSSVgkjwBlUWavHet
         H9QRZt/U6viAmCM+r16UZICsMCpYD/f/ezKTjpegMDYMJQlBFMWCnKAHKtKHw28/UcUI
         YF/hSQTpQGONrCDku7K+4KJvI7BEXDmVgYKQS3n//ZikvO3AYHrl/G7pWOFiK2jHsBzW
         uGvyoMlYtM6lorX0kjMcu4XgdPYtuXLutR8f4y/8bFF9k2w1C//Go1QIDpU2YFPJo4FA
         ieXtdrgXvPNFETWbs9wGp4ZVvAvKJ5QfDp0Rt5+oZF5LebXHJLebi9htWi0RbJymUBfw
         Llng==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:content-transfer-encoding:mime-version
         :user-agent:references:in-reply-to:message-id:date:subject:cc:to
         :from:dkim-signature;
        bh=AkGKbJvQqJLtVe9Oi3QjmJLbyeq2E+k404/MOo+6sc4=;
        b=rRR5frfOWjc0uNvgGuG3fWmu4GS31Ay/aQlLoKDZu5Dt9sboZADmvlpViS03gGKpuq
         PUT30F1Z6uLXsry70OySRML3L1LHX0OFgB483NOn++t/AVLmoXnG5CUCuxvRzmleTlkc
         Iz+cxP/ML8klbCoX7uRekqYPNqh5rBujtuCWdAWHp1+Qcld+FCYOVA/CeZhXFdXpCpeT
         JX2bqEiXPpuSL+MJBKczYh5zUvY5Pxa8dNVWM5wbLU+SsnUqd6bJQYHk/h+TnLhx/n8e
         rmrGsx1LmDvtqJMQF9mGEwvTpb/yAlrVeIs5XSVOzFJKeRfBau4yQRTesU4L1cLxvQh6
         36Bg==
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=pass header.i=@linuxfoundation.org header.s=korg header.b=zE2GHv73;
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linuxfoundation.org
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20])
        by mx.google.com with ESMTP id q7-20020a63f947000000b003db379692e2si9950498pgk.181.2022.06.20.07.57.20;
        Mon, 20 Jun 2022 07:57:33 -0700 (PDT)
Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20;
Authentication-Results: mx.google.com;
       dkim=pass header.i=@linuxfoundation.org header.s=korg header.b=zE2GHv73;
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linuxfoundation.org
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1347406AbiFTNke (ORCPT <rfc822;airlied@gmail.com> + 99 others);
        Mon, 20 Jun 2022 09:40:34 -0400
Received: from lindbergh.monkeyblade.net ([23.128.96.19]:38242 "EHLO
        lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S1347400AbiFTNi2 (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Mon, 20 Jun 2022 09:38:28 -0400
Received: from dfw.source.kernel.org (dfw.source.kernel.org [IPv6:2604:1380:4641:c500::1])
        by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 433002873D;
        Mon, 20 Jun 2022 06:14:17 -0700 (PDT)
Received: from smtp.kernel.org (relay.kernel.org [52.25.139.140])
        (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
        (No client certificate requested)
        by dfw.source.kernel.org (Postfix) with ESMTPS id 1CF8860A52;
        Mon, 20 Jun 2022 13:14:17 +0000 (UTC)
Received: by smtp.kernel.org (Postfix) with ESMTPSA id 12C5BC3411B;
        Mon, 20 Jun 2022 13:14:15 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=linuxfoundation.org;
        s=korg; t=1655730856;
        bh=IRIB/nfddzpYszgOCi6TNfrnOf4M5Ta9hww7v3gomiQ=;
        h=From:To:Cc:Subject:Date:In-Reply-To:References:From;
        b=zE2GHv73BP0MqJcipfDrggimtGr5B2g4tXSu6yr7os35OwB4Lsj7Nn5DCwuhSWJyY
         Ls7oILxI8sxbKo6lAkyNlxAWTQss5dyhM11ceCoAdRNpWePUgKP4vU2BYz8Rs5aiXk
         TRc7l3Qk816vMLWt6mn2W4eEE+w0mTkwLR0NYmQI=
From:   Greg Kroah-Hartman <gregkh@linuxfoundation.org>
To:     linux-kernel@vger.kernel.org
Cc:     Greg Kroah-Hartman <gregkh@linuxfoundation.org>,
        stable@vger.kernel.org, Theodore Tso <tytso@mit.edu>,
        Dominik Brodowski <linux@dominikbrodowski.net>,
        Eric Biggers <ebiggers@google.com>,
        "Jason A. Donenfeld" <Jason@zx2c4.com>
Subject: [PATCH 5.4 078/240] random: absorb fast pool into input pool after fast load
Date:   Mon, 20 Jun 2022 14:49:39 +0200
Message-Id: <20220620124741.016486257@linuxfoundation.org>
X-Mailer: git-send-email 2.36.1
In-Reply-To: <20220620124737.799371052@linuxfoundation.org>
References: <20220620124737.799371052@linuxfoundation.org>
User-Agent: quilt/0.66
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
X-Spam-Status: No, score=-7.7 required=5.0 tests=BAYES_00,DKIMWL_WL_HIGH,
        DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_HI,
        SPF_HELO_NONE,SPF_PASS,T_SCC_BODY_TEXT_LINE autolearn=ham
        autolearn_force=no version=3.4.6
X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on
        lindbergh.monkeyblade.net
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

From: "Jason A. Donenfeld" <Jason@zx2c4.com>

commit c30c575db4858f0bbe5e315ff2e529c782f33a1f upstream.

During crng_init == 0, we never credit entropy in add_interrupt_
randomness(), but instead dump it directly into the primary_crng. That's
fine, except for the fact that we then wind up throwing away that
entropy later when we switch to extracting from the input pool and
xoring into (and later in this series overwriting) the primary_crng key.
The two other early init sites -- add_hwgenerator_randomness()'s use
crng_fast_load() and add_device_ randomness()'s use of crng_slow_load()
-- always additionally give their inputs to the input pool. But not
add_interrupt_randomness().

This commit fixes that shortcoming by calling mix_pool_bytes() after
crng_fast_load() in add_interrupt_randomness(). That's partially
verboten on PREEMPT_RT, where it implies taking spinlock_t from an IRQ
handler. But this also only happens during early boot and then never
again after that. Plus it's a trylock so it has the same considerations
as calling crng_fast_load(), which we're already using.

Cc: Theodore Ts'o <tytso@mit.edu>
Reviewed-by: Dominik Brodowski <linux@dominikbrodowski.net>
Reviewed-by: Eric Biggers <ebiggers@google.com>
Suggested-by: Eric Biggers <ebiggers@google.com>
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
---
 drivers/char/random.c |    4 ++++
 1 file changed, 4 insertions(+)

--- a/drivers/char/random.c
+++ b/drivers/char/random.c
@@ -850,6 +850,10 @@ void add_interrupt_randomness(int irq)
 		    crng_fast_load((u8 *)fast_pool->pool, sizeof(fast_pool->pool)) > 0) {
 			fast_pool->count = 0;
 			fast_pool->last = now;
+			if (spin_trylock(&input_pool.lock)) {
+				_mix_pool_bytes(&fast_pool->pool, sizeof(fast_pool->pool));
+				spin_unlock(&input_pool.lock);
+			}
 		}
 		return;
 	}