Received: by 2002:a6b:500f:0:0:0:0:0 with SMTP id e15csp1573854iob; Thu, 5 May 2022 04:24:49 -0700 (PDT) X-Google-Smtp-Source: ABdhPJwkl0pmLzMFq0FeelEDrODMA2LLi1ESW1wmgMO9PsfL7A22lHidESVYuRowmHKBiWkvQzin X-Received: by 2002:a17:907:6d23:b0:6d9:ac9d:222 with SMTP id sa35-20020a1709076d2300b006d9ac9d0222mr25576370ejc.595.1651749889193; Thu, 05 May 2022 04:24:49 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1651749889; cv=none; d=google.com; s=arc-20160816; b=myD9rsFY3DLO4wE0VPGUrTodaU+PQt4EtBn5Pb6zYhPOhyXD5aWjuA7SIDobv7R3lf t8UsS8jHD+boUBTesebCVSNUYefO1qlWSIau7gKoymIIZQg0ppLb3bNa/9mKGl3LDMtB kX2ACYUV2g9KaZy1oyS4rdNuggRAvTdGntxFpMoWk/tr1DZMOO9G5HotRwpZsbkB5Nry IXgftopG+6+CiCV8Ixpi3C7jfHzD62YpSJU+JK9gLRFHNVracuLpU9lCwqN4nceYWrLW xRZ0yO18XUdIuh3z2PTWo//4/PS0waG6767eN+smwNgS7Jckw+oycBdeGx3RE+1qPaHR 5/sg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=/x+q8szNDEuBdV29gbI+Fv1fEqHBjjq0rW124DO+QnY=; b=uY/yazUwXRhGiec3nv46axgGemQgF+h4xTO4YSyDH2J/nHrHjif0UammaS8urTW977 OHwr1JU1NdmNem0ALzhrfVTD4hKxfKC6Uwo6zp1YazrqWT2vpHTxcF5lAnPPlwvmqgxn ed4uSr+C7SIl6vCzii9IVMwwyYeKZrQ5copCU6CnXUXaAv8TtbQGVqr8bpnlcj1TOsk8 ztmKoPIqsfQULZCs+zLUU7b677HM49EiLUPOz/obYLSAtBCFnxalY8Pj8vt46wCrVnpT G72g7q9eozKjJxDWMs57Xdmme2AElWq+Ojv0VyYtkNDEha/Ss8EuFqI05Ejzzyh4DTs0 S6yw== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@zx2c4.com header.s=20210105 header.b=LjvDclPy; spf=pass (google.com: domain of linux-crypto-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=zx2c4.com Return-Path: Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id qc3-20020a170906d8a300b006f3d25b3108si1728876ejb.312.2022.05.05.04.24.12; Thu, 05 May 2022 04:24:49 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-crypto-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@zx2c4.com header.s=20210105 header.b=LjvDclPy; spf=pass (google.com: domain of linux-crypto-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=zx2c4.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S230319AbiEEAXo (ORCPT + 99 others); Wed, 4 May 2022 20:23:44 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:42296 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S230027AbiEEAXn (ORCPT ); Wed, 4 May 2022 20:23:43 -0400 Received: from ams.source.kernel.org (ams.source.kernel.org [145.40.68.75]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 673B618E06; Wed, 4 May 2022 17:20:05 -0700 (PDT) Received: from smtp.kernel.org (relay.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ams.source.kernel.org (Postfix) with ESMTPS id 274F2B82A3E; Thu, 5 May 2022 00:20:04 +0000 (UTC) Received: by smtp.kernel.org (Postfix) with ESMTPSA id 0E527C385A5; Thu, 5 May 2022 00:20:01 +0000 (UTC) Authentication-Results: smtp.kernel.org; dkim=pass (1024-bit key) header.d=zx2c4.com header.i=@zx2c4.com header.b="LjvDclPy" DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=zx2c4.com; s=20210105; t=1651710000; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=/x+q8szNDEuBdV29gbI+Fv1fEqHBjjq0rW124DO+QnY=; b=LjvDclPydox5jokMv+8kIIOdf4dsQqmeFatfQLF8P6adL/mNAFRwI33SovkQQmb73Ke43z 9ScUiXpoGrx9UAKUTWtg8LG2viDnxaOgzCTdseNNRKR7t/U8GZbkUuvJAxzlkR7EiEN9bY jC1QlNYKz9ghPUUsSEG6g5Y8SWwM+DA= Received: by mail.zx2c4.com (ZX2C4 Mail Server) with ESMTPSA id 152a7184 (TLSv1.3:AEAD-AES256-GCM-SHA384:256:NO); Thu, 5 May 2022 00:19:59 +0000 (UTC) From: "Jason A. Donenfeld" To: linux-kernel@vger.kernel.org, linux-crypto@vger.kernel.org Cc: nathan@kernel.org, "Jason A. Donenfeld" , Thomas Gleixner , Arnd Bergmann , Theodore Ts'o Subject: [PATCH v7] timekeeping: Add raw clock fallback for random_get_entropy() Date: Thu, 5 May 2022 02:19:24 +0200 Message-Id: <20220505001924.176087-1-Jason@zx2c4.com> In-Reply-To: <87y1zkmg0l.ffs@tglx> References: <87y1zkmg0l.ffs@tglx> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Spam-Status: No, score=-6.8 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS, RCVD_IN_DNSWL_HI,SPF_HELO_NONE,SPF_PASS,T_SCC_BODY_TEXT_LINE autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org The addition of random_get_entropy_fallback() provides access to whichever time source has the highest frequency, which is useful for gathering entropy on platforms without available cycle counters. It's not necessarily as good as being able to quickly access a cycle counter that the CPU has, but it's still something, even when it falls back to being jiffies-based. In the event that a given arch does not define get_cycles(), falling back to the get_cycles() default implementation that returns 0 is really not the best we can do. Instead, at least calling random_get_entropy_fallback() would be preferable, because that always needs to return _something_, even falling back to jiffies eventually. It's not as though random_get_entropy_fallback() is super high precision or guaranteed to be entropic, but basically anything that's not zero all the time is better than returning zero all the time. Finally, since random_get_entropy_fallback() is used during extremely early boot when randomizing freelists in mm_init(), it can be called before timekeeping has been initialized. In that case there really is nothing we can do; jiffies hasn't even started ticking yet. So just give up and return 0. Suggested-by: Thomas Gleixner Signed-off-by: Jason A. Donenfeld Reviewed-by: Thomas Gleixner Cc: Arnd Bergmann Cc: Theodore Ts'o --- Changes v6->v7: - Return 0 if we're called before timekeeping has been initialized, reported by Nathan. include/linux/timex.h | 8 ++++++++ kernel/time/timekeeping.c | 10 ++++++++++ 2 files changed, 18 insertions(+) diff --git a/include/linux/timex.h b/include/linux/timex.h index 5745c90c8800..3871b06bd302 100644 --- a/include/linux/timex.h +++ b/include/linux/timex.h @@ -62,6 +62,8 @@ #include #include +unsigned long random_get_entropy_fallback(void); + #include #ifndef random_get_entropy @@ -74,8 +76,14 @@ * * By default we use get_cycles() for this purpose, but individual * architectures may override this in their asm/timex.h header file. + * If a given arch does not have get_cycles(), then we fallback to + * using random_get_entropy_fallback(). */ +#ifdef get_cycles #define random_get_entropy() ((unsigned long)get_cycles()) +#else +#define random_get_entropy() random_get_entropy_fallback() +#endif #endif /* diff --git a/kernel/time/timekeeping.c b/kernel/time/timekeeping.c index dcdcb85121e4..7cd2ec239cae 100644 --- a/kernel/time/timekeeping.c +++ b/kernel/time/timekeeping.c @@ -17,6 +17,7 @@ #include #include #include +#include #include #include #include @@ -2380,6 +2381,15 @@ static int timekeeping_validate_timex(const struct __kernel_timex *txc) return 0; } +/** + * random_get_entropy_fallback - Returns the raw clock source value, + * used by random.c for platforms with no valid random_get_entropy(). + */ +unsigned long random_get_entropy_fallback(void) +{ + return tk_clock_read(&tk_core.timekeeper.tkr_mono); +} +EXPORT_SYMBOL_GPL(random_get_entropy_fallback); /** * do_adjtimex() - Accessor function to NTP __do_adjtimex function -- 2.35.1