Received: by 2002:a05:6a10:22f:0:0:0:0 with SMTP id 15csp2950772pxk;
        Mon, 21 Sep 2020 01:00:48 -0700 (PDT)
X-Google-Smtp-Source: ABdhPJynDoJSM6uDx3xgOHVrYFPhuY7cYWfb9QWtEoUgRYP7mofDcKHAL1GV9qJp3On+D95ClMK7
X-Received: by 2002:a17:906:7248:: with SMTP id n8mr47945167ejk.160.1600675248640;
        Mon, 21 Sep 2020 01:00:48 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1600675248; cv=none;
        d=google.com; s=arc-20160816;
        b=la78KUAGKPAPf56h74J2MVeHoAoZcnHzIDgaBYEhtnKk5Jv22l69Y5NDFm4fIv7vqS
         f6Ci61YyUskAU9ZPc0Fi7TWY5G16wgYv72tqpyHLevwsXf0f+9ZdK0W7A+DRsBpMQJD8
         ARTPoO7rM6KfajN5qiszBdA3kWUNRtRJPXU8sSbCFzXrF+4EgH9teBYAajjpkSwsE8yK
         z6tXWf/gLxpEfq22MSa/vtMHzQk/w4p5H9NTh5rjEnFZ1ObHLgZHUfzFaGn75W2eLE56
         GItJq5z9NkbKszuPiBfMHg6sbuqrhRqUyAVqpkbvn+4Pkj/bN0rKYZjdoxjW7Y6aPaam
         eMTA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:content-transfer-encoding:mime-version
         :references:in-reply-to:message-id:date:subject:cc:to:from;
        bh=gc+9gB84vufug2Z1Cfcn/nbhCPpJE1YDoIVshPCy3Sg=;
        b=gUfcJO14PGKbUacz43omLagHwAFXYXP9gaW3v4Jz5nvVUB0QBrktxvvI27mqrKEP8s
         XOHBsrM4h8cwC6d2E7eQIZO5BikAi0pcgX9EPGlwx6PYJ6d1fWZ0gzexUKXcOnFXfy6v
         ml1Cqts5AUjUumzNdXNbag7vJ8hNZE4qhrYo2V9E0LTsLIaZlkyAdrKS4SdSwO08AjAo
         vwcGbMr9kJmJOten3kfH2WMBRZPgPxURSjhHR1piZlXb5K4z3hve5vWw3JIjnN/jueJ3
         S8uBc+CDwtHG1U5RdDzxfOHELZI6HLfPUfvecJrZRcg59kMbxSxpXPA6qaFtqao6x1wo
         41Zw==
ARC-Authentication-Results: i=1; mx.google.com;
       spf=pass (google.com: domain of linux-crypto-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org
Return-Path: <linux-crypto-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18])
        by mx.google.com with ESMTP id cx12si9386836edb.298.2020.09.21.01.00.23;
        Mon, 21 Sep 2020 01:00:48 -0700 (PDT)
Received-SPF: pass (google.com: domain of linux-crypto-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18;
Authentication-Results: mx.google.com;
       spf=pass (google.com: domain of linux-crypto-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1726630AbgIUH7v (ORCPT <rfc822;rajesh.android@gmail.com>
        + 99 others); Mon, 21 Sep 2020 03:59:51 -0400
Received: from mx2.suse.de ([195.135.220.15]:57702 "EHLO mx2.suse.de"
        rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP
        id S1726532AbgIUH71 (ORCPT <rfc822;linux-crypto@vger.kernel.org>);
        Mon, 21 Sep 2020 03:59:27 -0400
X-Virus-Scanned: by amavisd-new at test-mx.suse.de
Received: from relay2.suse.de (unknown [195.135.221.27])
        by mx2.suse.de (Postfix) with ESMTP id BB3A9B51A;
        Mon, 21 Sep 2020 08:00:00 +0000 (UTC)
From:   Nicolai Stange <nstange@suse.de>
To:     "Theodore Y. Ts'o" <tytso@mit.edu>
Cc:     linux-crypto@vger.kernel.org, LKML <linux-kernel@vger.kernel.org>,
        Arnd Bergmann <arnd@arndb.de>,
        Greg Kroah-Hartman <gregkh@linuxfoundation.org>,
        "Eric W. Biederman" <ebiederm@xmission.com>,
        "Alexander E. Patrakov" <patrakov@gmail.com>,
        "Ahmed S. Darwish" <darwish.07@gmail.com>,
        Willy Tarreau <w@1wt.eu>,
        Matthew Garrett <mjg59@srcf.ucam.org>,
        Vito Caputo <vcaputo@pengaru.com>,
        Andreas Dilger <adilger.kernel@dilger.ca>,
        Jan Kara <jack@suse.cz>, Ray Strode <rstrode@redhat.com>,
        William Jon McCann <mccann@jhu.edu>,
        zhangjs <zachary@baishancloud.com>,
        Andy Lutomirski <luto@kernel.org>,
        Florian Weimer <fweimer@redhat.com>,
        Lennart Poettering <mzxreary@0pointer.de>,
        Peter Matthias <matthias.peter@bsi.bund.de>,
        Marcelo Henrique Cerri <marcelo.cerri@canonical.com>,
        Roman Drahtmueller <draht@schaltsekun.de>,
        Neil Horman <nhorman@redhat.com>,
        Randy Dunlap <rdunlap@infradead.org>,
        Julia Lawall <julia.lawall@inria.fr>,
        Dan Carpenter <dan.carpenter@oracle.com>,
        Andy Lavr <andy.lavr@gmail.com>,
        Eric Biggers <ebiggers@kernel.org>,
        "Jason A. Donenfeld" <Jason@zx2c4.com>,
        =?UTF-8?q?Stephan=20M=C3=BCller?= <smueller@chronox.de>,
        Torsten Duwe <duwe@suse.de>, Petr Tesarik <ptesarik@suse.cz>,
        Nicolai Stange <nstange@suse.de>
Subject: [RFC PATCH 20/41] random: provide min_crng_reseed_pool_entropy()
Date:   Mon, 21 Sep 2020 09:58:36 +0200
Message-Id: <20200921075857.4424-21-nstange@suse.de>
X-Mailer: git-send-email 2.26.2
In-Reply-To: <20200921075857.4424-1-nstange@suse.de>
References: <20200921075857.4424-1-nstange@suse.de>
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
Precedence: bulk
List-ID: <linux-crypto.vger.kernel.org>
X-Mailing-List: linux-crypto@vger.kernel.org

Currently, the current minimum entropy required from the input_pool for
reseeding the primary_crng() is 16 bytes == 128 bits. A future patch will
introduce support for obtaining up to a certain fraction thereof from the
architecture's RNG, if available.

This will effectively lower the minimum input_pool ->entropy_count required
for a successful reseed of the primary_crng.

As this value is used at a couple of places, namely crng_reseed() itself
as well as dispatch_queued_entropy() and __dispatch_queued_entropy_fast(),
introduce min_crng_reseed_pool_entropy() to ensure consistency among
these.

min_crng_reseed_pool_entropy() returns the minimum amount of entropy in
bytes required from the input_pool for a successful reseed of the
primary_crng. Currently it's hardcoded to 16.

Use it in place of the hardcoded constants in crng_reseed(),
dispatch_queued_entropy() and __dispatch_queued_entropy_fast().

Signed-off-by: Nicolai Stange <nstange@suse.de>
---
 drivers/char/random.c | 18 +++++++++++++++---
 1 file changed, 15 insertions(+), 3 deletions(-)

diff --git a/drivers/char/random.c b/drivers/char/random.c
index 1945249597e0..424de1565927 100644
--- a/drivers/char/random.c
+++ b/drivers/char/random.c
@@ -516,6 +516,8 @@ static ssize_t extract_entropy(struct entropy_store *r, void *buf,
 static ssize_t _extract_entropy(struct entropy_store *r, void *buf,
 				size_t nbytes, int fips);
 
+static int min_crng_reseed_pool_entropy(void);
+
 static void crng_reseed(struct crng_state *crng, struct entropy_store *r);
 static __u32 input_pool_data[INPUT_POOL_WORDS] __latent_entropy;
 
@@ -916,7 +918,7 @@ static bool __dispatch_queued_entropy_fast(struct entropy_store *r,
 	if (unlikely(r == &input_pool && crng_init < 2)) {
 		const int entropy_bits = entropy_count >> ENTROPY_SHIFT;
 
-		return (entropy_bits >= 128);
+		return (entropy_bits >= min_crng_reseed_pool_entropy() * 8);
 	}
 
 	return false;
@@ -965,7 +967,7 @@ static void dispatch_queued_entropy(struct entropy_store *r,
 		if (crng_init < 2) {
 			const int entropy_bits = entropy_count >> ENTROPY_SHIFT;
 
-			if (entropy_bits < 128)
+			if (entropy_bits < min_crng_reseed_pool_entropy() * 8)
 				return;
 			crng_reseed(&primary_crng, r);
 		}
@@ -1182,6 +1184,15 @@ static int crng_slow_load(const char *cp, size_t len)
 	return 1;
 }
 
+/*
+ * Minimum amount of entropy in bytes required from the input_pool for
+ * a successful reseed of the primary_crng.
+ */
+static int min_crng_reseed_pool_entropy(void)
+{
+	return 16;
+}
+
 static void crng_reseed(struct crng_state *crng, struct entropy_store *r)
 {
 	unsigned long	flags;
@@ -1192,7 +1203,8 @@ static void crng_reseed(struct crng_state *crng, struct entropy_store *r)
 	} buf;
 
 	if (r) {
-		num = extract_entropy(r, &buf, 32, 16);
+		num = extract_entropy(r, &buf, 32,
+				      min_crng_reseed_pool_entropy());
 		if (num == 0)
 			return;
 	} else {
-- 
2.26.2