In the event that random_get_entropy() can't access a cycle counter or
similar, falling back to returning 0 is really not the best we can do.
Instead, at least calling ktime_read_raw_clock() would be preferable,
because that always needs to return _something_, even falling back to
jiffies eventually. It's not as though ktime_read_raw_clock() is super
high precision or guaranteed to be entropic, but basically anything
that's not zero all the time is better than returning zero all the time.
Cc: Thomas Gleixner <[email protected]>
Cc: Arnd Bergmann <[email protected]>
Cc: Geert Uytterhoeven <[email protected]>
Signed-off-by: Jason A. Donenfeld <[email protected]>
---
arch/m68k/include/asm/timex.h | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/arch/m68k/include/asm/timex.h b/arch/m68k/include/asm/timex.h
index 6a21d9358280..5351b10e1b18 100644
--- a/arch/m68k/include/asm/timex.h
+++ b/arch/m68k/include/asm/timex.h
@@ -35,7 +35,7 @@ static inline unsigned long random_get_entropy(void)
{
if (mach_random_get_entropy)
return mach_random_get_entropy();
- return 0;
+ return ktime_read_raw_clock();
}
#define random_get_entropy random_get_entropy
--
2.35.1
Hi Thomas,
On Mon, Apr 11, 2022 at 10:18 AM Thomas Gleixner <[email protected]> wrote:
> > diff --git a/arch/m68k/include/asm/timex.h b/arch/m68k/include/asm/timex.h
> > index 6a21d9358280..5351b10e1b18 100644
> > --- a/arch/m68k/include/asm/timex.h
> > +++ b/arch/m68k/include/asm/timex.h
> > @@ -35,7 +35,7 @@ static inline unsigned long random_get_entropy(void)
> > {
> > if (mach_random_get_entropy)
> > return mach_random_get_entropy();
> > - return 0;
> > + return ktime_read_raw_clock();
>
> I'd rather do something like this in a common header:
>
> unsigned long random_get_entropy_fallback(void);
>
> and use random_get_entropy_fallback() in the architecture specific
> files.
>
> That way you can encapsulate the fallback implementation in the random
> code and if it turns out that ktime_read_raw_clock() is a stupid idea or
> someone has a better idea then you have to change exactly one place and
> not patch the whole tree again.
Absolutely. That's a good idea. I'll do that for v3.
Jason
On Sun, Apr 10 2022 at 23:49, Jason A. Donenfeld wrote:
> In the event that random_get_entropy() can't access a cycle counter or
> similar, falling back to returning 0 is really not the best we can do.
> Instead, at least calling ktime_read_raw_clock() would be preferable,
> because that always needs to return _something_, even falling back to
> jiffies eventually. It's not as though ktime_read_raw_clock() is super
> high precision or guaranteed to be entropic, but basically anything
> that's not zero all the time is better than returning zero all the time.
>
> Cc: Thomas Gleixner <[email protected]>
> Cc: Arnd Bergmann <[email protected]>
> Cc: Geert Uytterhoeven <[email protected]>
> Signed-off-by: Jason A. Donenfeld <[email protected]>
> ---
> arch/m68k/include/asm/timex.h | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/arch/m68k/include/asm/timex.h b/arch/m68k/include/asm/timex.h
> index 6a21d9358280..5351b10e1b18 100644
> --- a/arch/m68k/include/asm/timex.h
> +++ b/arch/m68k/include/asm/timex.h
> @@ -35,7 +35,7 @@ static inline unsigned long random_get_entropy(void)
> {
> if (mach_random_get_entropy)
> return mach_random_get_entropy();
> - return 0;
> + return ktime_read_raw_clock();
I'd rather do something like this in a common header:
unsigned long random_get_entropy_fallback(void);
and use random_get_entropy_fallback() in the architecture specific
files.
That way you can encapsulate the fallback implementation in the random
code and if it turns out that ktime_read_raw_clock() is a stupid idea or
someone has a better idea then you have to change exactly one place and
not patch the whole tree again.
Thanks,
tglx