Received: by 2002:a05:6358:d09b:b0:dc:cd0c:909e with SMTP id jc27csp5870863rwb;
        Sun, 11 Dec 2022 14:23:50 -0800 (PST)
X-Google-Smtp-Source: AA0mqf6QMSYn+sr9lyP6dsv0aClU5vJh9Mini6RWhZqxzY2pLX21AKGhCch9992lr6A/+c6MRKMg
X-Received: by 2002:a05:6a20:93a3:b0:ad:a277:e57f with SMTP id x35-20020a056a2093a300b000ada277e57fmr154412pzh.34.1670797430152;
        Sun, 11 Dec 2022 14:23:50 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; t=1670797430; cv=none;
        d=google.com; s=arc-20160816;
        b=hIr7/jP84xeQr2mkWA6FYm7Eg08pC7L6zoThsyBwb+zx/mZQ1XJHhSCa0ITynZuul7
         9df2wdt2hTW4xOgnYesnKP369Ap32lBdLxSM9JoUruA0SAiO01Jpatc+t54OqwZ29OkI
         ABtJyzGeZgTdD1LcLrnOWBiA+xLgfjYppXVloAqnQ10w9ZuupTNsuyqjsFoLCHH8kKVh
         F5VSR6QnS3hplcm3O6eQP8rxnZs46G7GPX5+QHh+vTCg+NZz4A4s6LdVsYJXw8CoFkP1
         SEvo2zagiScmc3/9lp/DrHcK3vU861fnMWkqEetBIOjCqMh5uFgH0HLcjVUAthDBLdTC
         NCYw==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:content-transfer-encoding:mime-version
         :references:in-reply-to:message-id:date:subject:cc:to:from
         :dkim-signature;
        bh=Ni6ap3ZTSSQLWT4jw5HwfmJdLJiMoNH+N4dU0gGowyA=;
        b=B0slHmuzQeafrMbq25sG99xbfvkMDXVxOv4zq82JZKO8M6epzahwMZ7ssFoyC2+vso
         m/sy34xr7bkkLZpdHu5ap3JvMPWnr3ByEbc5equK42MHUmHTF2ONpDwFkH+cFwW6zaqJ
         oOEozj/yj8dM+4sOEcDI7cnYQ5voOTIYOl/ax9+EvLRJGRyuSe1J5d5e069mxt9oYuMU
         dY9XknB29+zVT0KO31eq6YOouPUJ4LR1zh6G81S8WUIgiF9Cuz1V5+OWG9xAihLcE2as
         cueQozgO5lQHKMlamKH6WyQEk7cWWIsx/Hu3t8C3N15VW0JOoVSn3IEI1VJHknxqCyg0
         5zuw==
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=pass (test mode) header.i=@mail.huji.ac.il header.s=mailhuji header.b=EYLzQOAo;
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=huji.ac.il
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20])
        by mx.google.com with ESMTP id k1-20020a056a00168100b005774d572ad3si8626665pfc.31.2022.12.11.14.23.40;
        Sun, 11 Dec 2022 14:23:50 -0800 (PST)
Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20;
Authentication-Results: mx.google.com;
       dkim=pass (test mode) header.i=@mail.huji.ac.il header.s=mailhuji header.b=EYLzQOAo;
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=huji.ac.il
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S230345AbiLKWQb (ORCPT <rfc822;4ak.abc@gmail.com> + 75 others);
        Sun, 11 Dec 2022 17:16:31 -0500
Received: from lindbergh.monkeyblade.net ([23.128.96.19]:50118 "EHLO
        lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S230335AbiLKWQZ (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Sun, 11 Dec 2022 17:16:25 -0500
Received: from mail-wr1-x431.google.com (mail-wr1-x431.google.com [IPv6:2a00:1450:4864:20::431])
        by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 75839DECF
        for <linux-kernel@vger.kernel.org>; Sun, 11 Dec 2022 14:16:24 -0800 (PST)
Received: by mail-wr1-x431.google.com with SMTP id h12so10289868wrv.10
        for <linux-kernel@vger.kernel.org>; Sun, 11 Dec 2022 14:16:24 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=mail.huji.ac.il; s=mailhuji;
        h=content-transfer-encoding:mime-version:references:in-reply-to
         :message-id:date:subject:cc:to:from:from:to:cc:subject:date
         :message-id:reply-to;
        bh=Ni6ap3ZTSSQLWT4jw5HwfmJdLJiMoNH+N4dU0gGowyA=;
        b=EYLzQOAopum3pSRQHrpnKxi13r3F+Hy0yhyJAoTuvDz33Ch7Tv2ysaS8m4GyyOxgBi
         q/k32WQO5EX91YsdGdGMabqCZ9P8blItNhs9fIQM7o1mTlleCHIr3HtU1PIWR6v+z85I
         cDLhaKRLFOCzCBXGxHMwhxnrJmimSYjeYJIx0=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20210112;
        h=content-transfer-encoding:mime-version:references:in-reply-to
         :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc
         :subject:date:message-id:reply-to;
        bh=Ni6ap3ZTSSQLWT4jw5HwfmJdLJiMoNH+N4dU0gGowyA=;
        b=0/EKU37xuNrhtAV24vQFIFfFMHwbGwnWh1x6gLCVyPjJ0xauF8P1MvUb+oRDTvilBa
         IMyEWyyJ2mulv++dBKMzGs8zMazrLHROpyZPfl1f42k/VjEjs4hsv4z4bFNTPGsA1eR/
         6K1o4kzGRB8QGaIHpED3SOM3tAR6BXTsR29WbI02WToOwrKsfeHGu708jNREGKNIovbK
         yLT/ATuFDUgrUzGaVre2F/Pq8lmuMmbRb3iYin4vSWwaZIDjqldUgQaG0lYQJyri9uiA
         b5+gQ3WNrdOrDP3/IQtJ21wSqfyVuFYAypbQzwG+oXhF+eVUK11aZSTrEbH2AE1S/uhg
         j5wA==
X-Gm-Message-State: ANoB5pk9kQVJXlwtjB+GCZTbmtsCPsdCtbU/elGy+d60eyNGDSnohJ0W
        P/xscJMb82I3euDYmTbzSjoSCQ==
X-Received: by 2002:a05:6000:81a:b0:242:69f4:cb6f with SMTP id bt26-20020a056000081a00b0024269f4cb6fmr9084177wrb.32.1670796982926;
        Sun, 11 Dec 2022 14:16:22 -0800 (PST)
Received: from MacBook-Pro-5.lan ([2a0d:6fc2:218c:1a00:a91c:f8bf:c26f:4f15])
        by smtp.gmail.com with ESMTPSA id d7-20020adffd87000000b002422bc69111sm8605805wrr.9.2022.12.11.14.16.20
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Sun, 11 Dec 2022 14:16:22 -0800 (PST)
From:   david.keisarschm@mail.huji.ac.il
To:     Alexei Starovoitov <ast@kernel.org>,
        Daniel Borkmann <daniel@iogearbox.net>,
        John Fastabend <john.fastabend@gmail.com>,
        Andrii Nakryiko <andrii@kernel.org>,
        Martin KaFai Lau <martin.lau@linux.dev>,
        Song Liu <song@kernel.org>, Yonghong Song <yhs@fb.com>,
        KP Singh <kpsingh@kernel.org>,
        Stanislav Fomichev <sdf@google.com>,
        Hao Luo <haoluo@google.com>, Jiri Olsa <jolsa@kernel.org>,
        "David S. Miller" <davem@davemloft.net>,
        Eric Dumazet <edumazet@google.com>,
        Jakub Kicinski <kuba@kernel.org>,
        Paolo Abeni <pabeni@redhat.com>
Cc:     David <david.keisarschm@mail.huji.ac.il>, aksecurity@gmail.com,
        ilay.bahat1@gmail.com, bpf@vger.kernel.org,
        linux-kernel@vger.kernel.org, netdev@vger.kernel.org
Subject: [PATCH 2/5] Replace invocation of weak PRNG in kernel/bpf/core.c
Date:   Mon, 12 Dec 2022 00:16:05 +0200
Message-Id: <7c16cafe96c47ff5234fbb980df9d3e3d48a0296.1670778652.git.david.keisarschm@mail.huji.ac.il>
X-Mailer: git-send-email 2.38.0
In-Reply-To: <cover.1670778651.git.david.keisarschm@mail.huji.ac.il>
References: <cover.1670778651.git.david.keisarschm@mail.huji.ac.il>
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
X-Spam-Status: No, score=-2.0 required=5.0 tests=BAYES_00,DKIM_SIGNED,
        DKIM_VALID,DKIM_VALID_AU,RCVD_IN_DNSWL_NONE,SPF_HELO_NONE,SPF_PASS
        autolearn=ham autolearn_force=no version=3.4.6
X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on
        lindbergh.monkeyblade.net
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

From: David <david.keisarschm@mail.huji.ac.il>

We changed the invocation of
 prandom_u32_state to get_random_u32.
 We deleted the maintained state,
 which was a CPU-variable,
 since get_random_u32 maintains its own CPU-variable.
 We also deleted the state initializer,
 since it is not needed anymore.

Signed-off-by: David <david.keisarschm@mail.huji.ac.il>
---
 include/linux/bpf.h   |  1 -
 kernel/bpf/core.c     | 13 +------------
 kernel/bpf/verifier.c |  2 --
 net/core/filter.c     |  1 -
 4 files changed, 1 insertion(+), 16 deletions(-)

diff --git a/include/linux/bpf.h b/include/linux/bpf.h
index c1bd1bd10..0689520b9 100644
--- a/include/linux/bpf.h
+++ b/include/linux/bpf.h
@@ -2572,7 +2572,6 @@ const struct bpf_func_proto *tracing_prog_func_proto(
   enum bpf_func_id func_id, const struct bpf_prog *prog);
 
 /* Shared helpers among cBPF and eBPF. */
-void bpf_user_rnd_init_once(void);
 u64 bpf_user_rnd_u32(u64 r1, u64 r2, u64 r3, u64 r4, u64 r5);
 u64 bpf_get_raw_cpu_id(u64 r1, u64 r2, u64 r3, u64 r4, u64 r5);
 
diff --git a/kernel/bpf/core.c b/kernel/bpf/core.c
index 4cb5421d9..a6f06894e 100644
--- a/kernel/bpf/core.c
+++ b/kernel/bpf/core.c
@@ -2579,13 +2579,6 @@ void bpf_prog_free(struct bpf_prog *fp)
 }
 EXPORT_SYMBOL_GPL(bpf_prog_free);
 
-/* RNG for unpriviledged user space with separated state from prandom_u32(). */
-static DEFINE_PER_CPU(struct rnd_state, bpf_user_rnd_state);
-
-void bpf_user_rnd_init_once(void)
-{
-	prandom_init_once(&bpf_user_rnd_state);
-}
 
 BPF_CALL_0(bpf_user_rnd_u32)
 {
@@ -2595,12 +2588,8 @@ BPF_CALL_0(bpf_user_rnd_u32)
 	 * transformations. Register assignments from both sides are
 	 * different, f.e. classic always sets fn(ctx, A, X) here.
 	 */
-	struct rnd_state *state;
 	u32 res;
-
-	state = &get_cpu_var(bpf_user_rnd_state);
-	res = predictable_rng_prandom_u32_state(state);
-	put_cpu_var(bpf_user_rnd_state);
+	res = get_random_u32();
 
 	return res;
 }
diff --git a/kernel/bpf/verifier.c b/kernel/bpf/verifier.c
index 264b3dc71..9f22fb3fa 100644
--- a/kernel/bpf/verifier.c
+++ b/kernel/bpf/verifier.c
@@ -14049,8 +14049,6 @@ static int do_misc_fixups(struct bpf_verifier_env *env)
 
 		if (insn->imm == BPF_FUNC_get_route_realm)
 			prog->dst_needed = 1;
-		if (insn->imm == BPF_FUNC_get_prandom_u32)
-			bpf_user_rnd_init_once();
 		if (insn->imm == BPF_FUNC_override_return)
 			prog->kprobe_override = 1;
 		if (insn->imm == BPF_FUNC_tail_call) {
diff --git a/net/core/filter.c b/net/core/filter.c
index bb0136e7a..7a595ac00 100644
--- a/net/core/filter.c
+++ b/net/core/filter.c
@@ -443,7 +443,6 @@ static bool convert_bpf_extensions(struct sock_filter *fp,
 			break;
 		case SKF_AD_OFF + SKF_AD_RANDOM:
 			*insn = BPF_EMIT_CALL(bpf_user_rnd_u32);
-			bpf_user_rnd_init_once();
 			break;
 		}
 		break;
-- 
2.38.0