From f27aae8e3b1e806ae4a8ae1a4a74eb2095e40225 Mon Sep 17 00:00:00 2001 From: Greg Kroah-Hartman Date: Tue, 4 Aug 2020 10:48:44 +0200 Subject: [PATCH] drop random patches from all queues --- queue-4.14/arm-percpu.h-fix-build-error.patch | 46 ---- ...-on-arm64-after-addition-of-percpu.h.patch | 58 ----- ...ndom-32-bit-definitions-to-prandom.h.patch | 213 ------------------ ...e-from-the-latent-entropy-gcc-plugin.patch | 52 ----- ...ndom-state-on-interrupt-and-activity.patch | 109 --------- queue-4.14/series | 5 - queue-4.19/arm-percpu.h-fix-build-error.patch | 46 ---- ...-on-arm64-after-addition-of-percpu.h.patch | 58 ----- ...ndom-32-bit-definitions-to-prandom.h.patch | 213 ------------------ ...e-from-the-latent-entropy-gcc-plugin.patch | 52 ----- ...ndom-state-on-interrupt-and-activity.patch | 109 --------- queue-4.19/series | 5 - queue-4.4/arm-percpu.h-fix-build-error.patch | 46 ---- ...ndom-state-on-interrupt-and-activity.patch | 109 --------- queue-4.4/series | 2 - queue-4.9/arm-percpu.h-fix-build-error.patch | 46 ---- ...e-from-the-latent-entropy-gcc-plugin.patch | 52 ----- ...ndom-state-on-interrupt-and-activity.patch | 109 --------- queue-4.9/series | 3 - queue-5.4/arm-percpu.h-fix-build-error.patch | 46 ---- ...-on-arm64-after-addition-of-percpu.h.patch | 58 ----- ...ndom-32-bit-definitions-to-prandom.h.patch | 213 ------------------ ...e-from-the-latent-entropy-gcc-plugin.patch | 52 ----- ...ndom-state-on-interrupt-and-activity.patch | 109 --------- queue-5.4/series | 5 - queue-5.7/arm-percpu.h-fix-build-error.patch | 46 ---- ...-on-arm64-after-addition-of-percpu.h.patch | 58 ----- ...ndom-32-bit-definitions-to-prandom.h.patch | 213 ------------------ ...e-from-the-latent-entropy-gcc-plugin.patch | 52 ----- ...ndom-state-on-interrupt-and-activity.patch | 109 --------- queue-5.7/series | 5 - 31 files changed, 2299 deletions(-) delete mode 100644 queue-4.14/arm-percpu.h-fix-build-error.patch delete mode 100644 queue-4.14/random-fix-circular-include-dependency-on-arm64-after-addition-of-percpu.h.patch delete mode 100644 queue-4.14/random32-move-the-pseudo-random-32-bit-definitions-to-prandom.h.patch delete mode 100644 queue-4.14/random32-remove-net_rand_state-from-the-latent-entropy-gcc-plugin.patch delete mode 100644 queue-4.14/random32-update-the-net-random-state-on-interrupt-and-activity.patch delete mode 100644 queue-4.19/arm-percpu.h-fix-build-error.patch delete mode 100644 queue-4.19/random-fix-circular-include-dependency-on-arm64-after-addition-of-percpu.h.patch delete mode 100644 queue-4.19/random32-move-the-pseudo-random-32-bit-definitions-to-prandom.h.patch delete mode 100644 queue-4.19/random32-remove-net_rand_state-from-the-latent-entropy-gcc-plugin.patch delete mode 100644 queue-4.19/random32-update-the-net-random-state-on-interrupt-and-activity.patch delete mode 100644 queue-4.4/arm-percpu.h-fix-build-error.patch delete mode 100644 queue-4.4/random32-update-the-net-random-state-on-interrupt-and-activity.patch delete mode 100644 queue-4.9/arm-percpu.h-fix-build-error.patch delete mode 100644 queue-4.9/random32-remove-net_rand_state-from-the-latent-entropy-gcc-plugin.patch delete mode 100644 queue-4.9/random32-update-the-net-random-state-on-interrupt-and-activity.patch delete mode 100644 queue-5.4/arm-percpu.h-fix-build-error.patch delete mode 100644 queue-5.4/random-fix-circular-include-dependency-on-arm64-after-addition-of-percpu.h.patch delete mode 100644 queue-5.4/random32-move-the-pseudo-random-32-bit-definitions-to-prandom.h.patch delete mode 100644 queue-5.4/random32-remove-net_rand_state-from-the-latent-entropy-gcc-plugin.patch delete mode 100644 queue-5.4/random32-update-the-net-random-state-on-interrupt-and-activity.patch delete mode 100644 queue-5.7/arm-percpu.h-fix-build-error.patch delete mode 100644 queue-5.7/random-fix-circular-include-dependency-on-arm64-after-addition-of-percpu.h.patch delete mode 100644 queue-5.7/random32-move-the-pseudo-random-32-bit-definitions-to-prandom.h.patch delete mode 100644 queue-5.7/random32-remove-net_rand_state-from-the-latent-entropy-gcc-plugin.patch delete mode 100644 queue-5.7/random32-update-the-net-random-state-on-interrupt-and-activity.patch diff --git a/queue-4.14/arm-percpu.h-fix-build-error.patch b/queue-4.14/arm-percpu.h-fix-build-error.patch deleted file mode 100644 index 588ad9ec5b4..00000000000 --- a/queue-4.14/arm-percpu.h-fix-build-error.patch +++ /dev/null @@ -1,46 +0,0 @@ -From aa54ea903abb02303bf55855fb51e3fcee135d70 Mon Sep 17 00:00:00 2001 -From: Grygorii Strashko -Date: Thu, 30 Jul 2020 22:05:01 +0300 -Subject: ARM: percpu.h: fix build error -MIME-Version: 1.0 -Content-Type: text/plain; charset=UTF-8 -Content-Transfer-Encoding: 8bit - -From: Grygorii Strashko - -commit aa54ea903abb02303bf55855fb51e3fcee135d70 upstream. - -Fix build error for the case: - defined(CONFIG_SMP) && !defined(CONFIG_CPU_V6) - -config: keystone_defconfig - - CC arch/arm/kernel/signal.o - In file included from ../include/linux/random.h:14, - from ../arch/arm/kernel/signal.c:8: - ../arch/arm/include/asm/percpu.h: In function ‘__my_cpu_offset’: - ../arch/arm/include/asm/percpu.h:29:34: error: ‘current_stack_pointer’ undeclared (first use in this function); did you mean ‘user_stack_pointer’? - : "Q" (*(const unsigned long *)current_stack_pointer)); - ^~~~~~~~~~~~~~~~~~~~~ - user_stack_pointer - -Fixes: f227e3ec3b5c ("random32: update the net random state on interrupt and activity") -Signed-off-by: Grygorii Strashko -Signed-off-by: Linus Torvalds -Signed-off-by: Greg Kroah-Hartman - ---- - arch/arm/include/asm/percpu.h | 2 ++ - 1 file changed, 2 insertions(+) - ---- a/arch/arm/include/asm/percpu.h -+++ b/arch/arm/include/asm/percpu.h -@@ -16,6 +16,8 @@ - #ifndef _ASM_ARM_PERCPU_H_ - #define _ASM_ARM_PERCPU_H_ - -+#include -+ - /* - * Same as asm-generic/percpu.h, except that we store the per cpu offset - * in the TPIDRPRW. TPIDRPRW only exists on V6K and V7 diff --git a/queue-4.14/random-fix-circular-include-dependency-on-arm64-after-addition-of-percpu.h.patch b/queue-4.14/random-fix-circular-include-dependency-on-arm64-after-addition-of-percpu.h.patch deleted file mode 100644 index efe3af7d26c..00000000000 --- a/queue-4.14/random-fix-circular-include-dependency-on-arm64-after-addition-of-percpu.h.patch +++ /dev/null @@ -1,58 +0,0 @@ -From 1c9df907da83812e4f33b59d3d142c864d9da57f Mon Sep 17 00:00:00 2001 -From: Willy Tarreau -Date: Thu, 30 Jul 2020 07:59:24 +0200 -Subject: random: fix circular include dependency on arm64 after addition of percpu.h -MIME-Version: 1.0 -Content-Type: text/plain; charset=UTF-8 -Content-Transfer-Encoding: 8bit - -From: Willy Tarreau - -commit 1c9df907da83812e4f33b59d3d142c864d9da57f upstream. - -Daniel Díaz and Kees Cook independently reported that commit -f227e3ec3b5c ("random32: update the net random state on interrupt and -activity") broke arm64 due to a circular dependency on include files -since the addition of percpu.h in random.h. - -The correct fix would definitely be to move all the prandom32 stuff out -of random.h but for backporting, a smaller solution is preferred. - -This one replaces linux/percpu.h with asm/percpu.h, and this fixes the -problem on x86_64, arm64, arm, and mips. Note that moving percpu.h -around didn't change anything and that removing it entirely broke -differently. When backporting, such options might still be considered -if this patch fails to help. - -[ It turns out that an alternate fix seems to be to just remove the - troublesome remove from the arm64 - that causes the circular dependency. - - But we might as well do the whole belt-and-suspenders thing, and - minimize inclusion in too. Either will fix the - problem, and both are good changes. - Linus ] - -Reported-by: Daniel Díaz -Reported-by: Kees Cook -Tested-by: Marc Zyngier -Fixes: f227e3ec3b5c -Cc: Stephen Rothwell -Signed-off-by: Willy Tarreau -Signed-off-by: Linus Torvalds -Signed-off-by: Greg Kroah-Hartman - ---- - include/linux/random.h | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - ---- a/include/linux/random.h -+++ b/include/linux/random.h -@@ -9,7 +9,7 @@ - - #include - #include --#include -+#include - - #include - diff --git a/queue-4.14/random32-move-the-pseudo-random-32-bit-definitions-to-prandom.h.patch b/queue-4.14/random32-move-the-pseudo-random-32-bit-definitions-to-prandom.h.patch deleted file mode 100644 index e8e9002431d..00000000000 --- a/queue-4.14/random32-move-the-pseudo-random-32-bit-definitions-to-prandom.h.patch +++ /dev/null @@ -1,213 +0,0 @@ -From c0842fbc1b18c7a044e6ff3e8fa78bfa822c7d1a Mon Sep 17 00:00:00 2001 -From: Linus Torvalds -Date: Fri, 31 Jul 2020 07:51:14 +0200 -Subject: random32: move the pseudo-random 32-bit definitions to prandom.h - -From: Linus Torvalds - -commit c0842fbc1b18c7a044e6ff3e8fa78bfa822c7d1a upstream. - -The addition of percpu.h to the list of includes in random.h revealed -some circular dependencies on arm64 and possibly other platforms. This -include was added solely for the pseudo-random definitions, which have -nothing to do with the rest of the definitions in this file but are -still there for legacy reasons. - -This patch moves the pseudo-random parts to linux/prandom.h and the -percpu.h include with it, which is now guarded by _LINUX_PRANDOM_H and -protected against recursive inclusion. - -A further cleanup step would be to remove this from -entirely, and make people who use the prandom infrastructure include -just the new header file. That's a bit of a churn patch, but grepping -for "prandom_" and "next_pseudo_random32" "struct rnd_state" should -catch most users. - -But it turns out that that nice cleanup step is fairly painful, because -a _lot_ of code currently seems to depend on the implicit include of -, which can currently come in a lot of ways, including -such fairly core headfers as . - -So the "nice cleanup" part may or may never happen. - -Fixes: 1c9df907da83 ("random: fix circular include dependency on arm64 after addition of percpu.h") -Tested-by: Guenter Roeck -Acked-by: Willy Tarreau -Signed-off-by: Linus Torvalds -Signed-off-by: Greg Kroah-Hartman - ---- - include/linux/prandom.h | 78 ++++++++++++++++++++++++++++++++++++++++++++++++ - include/linux/random.h | 66 ++-------------------------------------- - 2 files changed, 82 insertions(+), 62 deletions(-) - ---- /dev/null -+++ b/include/linux/prandom.h -@@ -0,0 +1,78 @@ -+/* SPDX-License-Identifier: GPL-2.0 */ -+/* -+ * include/linux/prandom.h -+ * -+ * Include file for the fast pseudo-random 32-bit -+ * generation. -+ */ -+#ifndef _LINUX_PRANDOM_H -+#define _LINUX_PRANDOM_H -+ -+#include -+#include -+ -+u32 prandom_u32(void); -+void prandom_bytes(void *buf, size_t nbytes); -+void prandom_seed(u32 seed); -+void prandom_reseed_late(void); -+ -+struct rnd_state { -+ __u32 s1, s2, s3, s4; -+}; -+ -+DECLARE_PER_CPU(struct rnd_state, net_rand_state); -+ -+u32 prandom_u32_state(struct rnd_state *state); -+void prandom_bytes_state(struct rnd_state *state, void *buf, size_t nbytes); -+void prandom_seed_full_state(struct rnd_state __percpu *pcpu_state); -+ -+#define prandom_init_once(pcpu_state) \ -+ DO_ONCE(prandom_seed_full_state, (pcpu_state)) -+ -+/** -+ * prandom_u32_max - returns a pseudo-random number in interval [0, ep_ro) -+ * @ep_ro: right open interval endpoint -+ * -+ * Returns a pseudo-random number that is in interval [0, ep_ro). Note -+ * that the result depends on PRNG being well distributed in [0, ~0U] -+ * u32 space. Here we use maximally equidistributed combined Tausworthe -+ * generator, that is, prandom_u32(). This is useful when requesting a -+ * random index of an array containing ep_ro elements, for example. -+ * -+ * Returns: pseudo-random number in interval [0, ep_ro) -+ */ -+static inline u32 prandom_u32_max(u32 ep_ro) -+{ -+ return (u32)(((u64) prandom_u32() * ep_ro) >> 32); -+} -+ -+/* -+ * Handle minimum values for seeds -+ */ -+static inline u32 __seed(u32 x, u32 m) -+{ -+ return (x < m) ? x + m : x; -+} -+ -+/** -+ * prandom_seed_state - set seed for prandom_u32_state(). -+ * @state: pointer to state structure to receive the seed. -+ * @seed: arbitrary 64-bit value to use as a seed. -+ */ -+static inline void prandom_seed_state(struct rnd_state *state, u64 seed) -+{ -+ u32 i = (seed >> 32) ^ (seed << 10) ^ seed; -+ -+ state->s1 = __seed(i, 2U); -+ state->s2 = __seed(i, 8U); -+ state->s3 = __seed(i, 16U); -+ state->s4 = __seed(i, 128U); -+} -+ -+/* Pseudo random number generator from numerical recipes. */ -+static inline u32 next_pseudo_random32(u32 seed) -+{ -+ return seed * 1664525 + 1013904223; -+} -+ -+#endif ---- a/include/linux/random.h -+++ b/include/linux/random.h -@@ -9,7 +9,6 @@ - - #include - #include --#include - - #include - -@@ -108,63 +107,12 @@ declare_get_random_var_wait(long) - - unsigned long randomize_page(unsigned long start, unsigned long range); - --u32 prandom_u32(void); --void prandom_bytes(void *buf, size_t nbytes); --void prandom_seed(u32 seed); --void prandom_reseed_late(void); -- --struct rnd_state { -- __u32 s1, s2, s3, s4; --}; -- --DECLARE_PER_CPU(struct rnd_state, net_rand_state); -- --u32 prandom_u32_state(struct rnd_state *state); --void prandom_bytes_state(struct rnd_state *state, void *buf, size_t nbytes); --void prandom_seed_full_state(struct rnd_state __percpu *pcpu_state); -- --#define prandom_init_once(pcpu_state) \ -- DO_ONCE(prandom_seed_full_state, (pcpu_state)) -- --/** -- * prandom_u32_max - returns a pseudo-random number in interval [0, ep_ro) -- * @ep_ro: right open interval endpoint -- * -- * Returns a pseudo-random number that is in interval [0, ep_ro). Note -- * that the result depends on PRNG being well distributed in [0, ~0U] -- * u32 space. Here we use maximally equidistributed combined Tausworthe -- * generator, that is, prandom_u32(). This is useful when requesting a -- * random index of an array containing ep_ro elements, for example. -- * -- * Returns: pseudo-random number in interval [0, ep_ro) -- */ --static inline u32 prandom_u32_max(u32 ep_ro) --{ -- return (u32)(((u64) prandom_u32() * ep_ro) >> 32); --} -- - /* -- * Handle minimum values for seeds -- */ --static inline u32 __seed(u32 x, u32 m) --{ -- return (x < m) ? x + m : x; --} -- --/** -- * prandom_seed_state - set seed for prandom_u32_state(). -- * @state: pointer to state structure to receive the seed. -- * @seed: arbitrary 64-bit value to use as a seed. -+ * This is designed to be standalone for just prandom -+ * users, but for now we include it from -+ * for legacy reasons. - */ --static inline void prandom_seed_state(struct rnd_state *state, u64 seed) --{ -- u32 i = (seed >> 32) ^ (seed << 10) ^ seed; -- -- state->s1 = __seed(i, 2U); -- state->s2 = __seed(i, 8U); -- state->s3 = __seed(i, 16U); -- state->s4 = __seed(i, 128U); --} -+#include - - #ifdef CONFIG_ARCH_RANDOM - # include -@@ -195,10 +143,4 @@ static inline bool arch_has_random_seed( - } - #endif - --/* Pseudo random number generator from numerical recipes. */ --static inline u32 next_pseudo_random32(u32 seed) --{ -- return seed * 1664525 + 1013904223; --} -- - #endif /* _LINUX_RANDOM_H */ diff --git a/queue-4.14/random32-remove-net_rand_state-from-the-latent-entropy-gcc-plugin.patch b/queue-4.14/random32-remove-net_rand_state-from-the-latent-entropy-gcc-plugin.patch deleted file mode 100644 index 8c7f836480f..00000000000 --- a/queue-4.14/random32-remove-net_rand_state-from-the-latent-entropy-gcc-plugin.patch +++ /dev/null @@ -1,52 +0,0 @@ -From 83bdc7275e6206f560d247be856bceba3e1ed8f2 Mon Sep 17 00:00:00 2001 -From: Linus Torvalds -Date: Wed, 29 Jul 2020 19:11:00 -0700 -Subject: random32: remove net_rand_state from the latent entropy gcc plugin - -From: Linus Torvalds - -commit 83bdc7275e6206f560d247be856bceba3e1ed8f2 upstream. - -It turns out that the plugin right now ends up being really unhappy -about the change from 'static' to 'extern' storage that happened in -commit f227e3ec3b5c ("random32: update the net random state on interrupt -and activity"). - -This is probably a trivial fix for the latent_entropy plugin, but for -now, just remove net_rand_state from the list of things the plugin -worries about. - -Reported-by: Stephen Rothwell -Cc: Emese Revfy -Cc: Kees Cook -Cc: Willy Tarreau -Signed-off-by: Linus Torvalds -Signed-off-by: Greg Kroah-Hartman - ---- - include/linux/random.h | 2 +- - lib/random32.c | 2 +- - 2 files changed, 2 insertions(+), 2 deletions(-) - ---- a/include/linux/random.h -+++ b/include/linux/random.h -@@ -117,7 +117,7 @@ struct rnd_state { - __u32 s1, s2, s3, s4; - }; - --DECLARE_PER_CPU(struct rnd_state, net_rand_state) __latent_entropy; -+DECLARE_PER_CPU(struct rnd_state, net_rand_state); - - u32 prandom_u32_state(struct rnd_state *state); - void prandom_bytes_state(struct rnd_state *state, void *buf, size_t nbytes); ---- a/lib/random32.c -+++ b/lib/random32.c -@@ -48,7 +48,7 @@ static inline void prandom_state_selftes - } - #endif - --DEFINE_PER_CPU(struct rnd_state, net_rand_state) __latent_entropy; -+DEFINE_PER_CPU(struct rnd_state, net_rand_state); - - /** - * prandom_u32_state - seeded pseudo-random number generator. diff --git a/queue-4.14/random32-update-the-net-random-state-on-interrupt-and-activity.patch b/queue-4.14/random32-update-the-net-random-state-on-interrupt-and-activity.patch deleted file mode 100644 index be0b9059e4b..00000000000 --- a/queue-4.14/random32-update-the-net-random-state-on-interrupt-and-activity.patch +++ /dev/null @@ -1,109 +0,0 @@ -From f227e3ec3b5cad859ad15666874405e8c1bbc1d4 Mon Sep 17 00:00:00 2001 -From: Willy Tarreau -Date: Fri, 10 Jul 2020 15:23:19 +0200 -Subject: random32: update the net random state on interrupt and activity - -From: Willy Tarreau - -commit f227e3ec3b5cad859ad15666874405e8c1bbc1d4 upstream. - -This modifies the first 32 bits out of the 128 bits of a random CPU's -net_rand_state on interrupt or CPU activity to complicate remote -observations that could lead to guessing the network RNG's internal -state. - -Note that depending on some network devices' interrupt rate moderation -or binding, this re-seeding might happen on every packet or even almost -never. - -In addition, with NOHZ some CPUs might not even get timer interrupts, -leaving their local state rarely updated, while they are running -networked processes making use of the random state. For this reason, we -also perform this update in update_process_times() in order to at least -update the state when there is user or system activity, since it's the -only case we care about. - -Reported-by: Amit Klein -Suggested-by: Linus Torvalds -Cc: Eric Dumazet -Cc: "Jason A. Donenfeld" -Cc: Andy Lutomirski -Cc: Kees Cook -Cc: Thomas Gleixner -Cc: Peter Zijlstra -Cc: -Signed-off-by: Willy Tarreau -Signed-off-by: Linus Torvalds -Signed-off-by: Greg Kroah-Hartman - ---- - drivers/char/random.c | 1 + - include/linux/random.h | 3 +++ - kernel/time/timer.c | 8 ++++++++ - lib/random32.c | 2 +- - 4 files changed, 13 insertions(+), 1 deletion(-) - ---- a/drivers/char/random.c -+++ b/drivers/char/random.c -@@ -1246,6 +1246,7 @@ void add_interrupt_randomness(int irq, i - - fast_mix(fast_pool); - add_interrupt_bench(cycles); -+ this_cpu_add(net_rand_state.s1, fast_pool->pool[cycles & 3]); - - if (unlikely(crng_init == 0)) { - if ((fast_pool->count >= 64) && ---- a/include/linux/random.h -+++ b/include/linux/random.h -@@ -9,6 +9,7 @@ - - #include - #include -+#include - - #include - -@@ -116,6 +117,8 @@ struct rnd_state { - __u32 s1, s2, s3, s4; - }; - -+DECLARE_PER_CPU(struct rnd_state, net_rand_state) __latent_entropy; -+ - u32 prandom_u32_state(struct rnd_state *state); - void prandom_bytes_state(struct rnd_state *state, void *buf, size_t nbytes); - void prandom_seed_full_state(struct rnd_state __percpu *pcpu_state); ---- a/kernel/time/timer.c -+++ b/kernel/time/timer.c -@@ -44,6 +44,7 @@ - #include - #include - #include -+#include - - #include - #include -@@ -1595,6 +1596,13 @@ void update_process_times(int user_tick) - scheduler_tick(); - if (IS_ENABLED(CONFIG_POSIX_TIMERS)) - run_posix_cpu_timers(p); -+ -+ /* The current CPU might make use of net randoms without receiving IRQs -+ * to renew them often enough. Let's update the net_rand_state from a -+ * non-constant value that's not affine to the number of calls to make -+ * sure it's updated when there's some activity (we don't care in idle). -+ */ -+ this_cpu_add(net_rand_state.s1, rol32(jiffies, 24) + user_tick); - } - - /** ---- a/lib/random32.c -+++ b/lib/random32.c -@@ -48,7 +48,7 @@ static inline void prandom_state_selftes - } - #endif - --static DEFINE_PER_CPU(struct rnd_state, net_rand_state) __latent_entropy; -+DEFINE_PER_CPU(struct rnd_state, net_rand_state) __latent_entropy; - - /** - * prandom_u32_state - seeded pseudo-random number generator. diff --git a/queue-4.14/series b/queue-4.14/series index 928ffb91120..755266392e5 100644 --- a/queue-4.14/series +++ b/queue-4.14/series @@ -9,14 +9,10 @@ x86-kvm-be-careful-not-to-clear-kvm_vcpu_flush_tlb-b.patch pci-aspm-disable-aspm-on-asmedia-asm1083-1085-pcie-to-pci-bridge.patch wireless-use-offsetof-instead-of-custom-macro.patch arm-8986-1-hw_breakpoint-don-t-invoke-overflow-handler-on-uaccess-watchpoints.patch -random32-update-the-net-random-state-on-interrupt-and-activity.patch -arm-percpu.h-fix-build-error.patch drm-amdgpu-prevent-kernel-infoleak-in-amdgpu_info_ioctl.patch drm-hold-gem-reference-until-object-is-no-longer-accessed.patch f2fs-check-memory-boundary-by-insane-namelen.patch f2fs-check-if-file-namelen-exceeds-max-value.patch -random-fix-circular-include-dependency-on-arm64-after-addition-of-percpu.h.patch -random32-remove-net_rand_state-from-the-latent-entropy-gcc-plugin.patch 9p-trans_fd-abort-p9_read_work-if-req-status-changed.patch 9p-trans_fd-fix-concurrency-del-of-req_list-in-p9_fd.patch x86-build-lto-fix-truncated-.bss-with-fdata-sections.patch @@ -49,4 +45,3 @@ cxgb4-add-missing-release-on-skb-in-uld_send.patch xen-netfront-fix-potential-deadlock-in-xennet_remove.patch kvm-lapic-prevent-setting-the-tscdeadline-timer-if-the-lapic-is-hw-disabled.patch x86-i8259-use-printk_deferred-to-prevent-deadlock.patch -random32-move-the-pseudo-random-32-bit-definitions-to-prandom.h.patch diff --git a/queue-4.19/arm-percpu.h-fix-build-error.patch b/queue-4.19/arm-percpu.h-fix-build-error.patch deleted file mode 100644 index 588ad9ec5b4..00000000000 --- a/queue-4.19/arm-percpu.h-fix-build-error.patch +++ /dev/null @@ -1,46 +0,0 @@ -From aa54ea903abb02303bf55855fb51e3fcee135d70 Mon Sep 17 00:00:00 2001 -From: Grygorii Strashko -Date: Thu, 30 Jul 2020 22:05:01 +0300 -Subject: ARM: percpu.h: fix build error -MIME-Version: 1.0 -Content-Type: text/plain; charset=UTF-8 -Content-Transfer-Encoding: 8bit - -From: Grygorii Strashko - -commit aa54ea903abb02303bf55855fb51e3fcee135d70 upstream. - -Fix build error for the case: - defined(CONFIG_SMP) && !defined(CONFIG_CPU_V6) - -config: keystone_defconfig - - CC arch/arm/kernel/signal.o - In file included from ../include/linux/random.h:14, - from ../arch/arm/kernel/signal.c:8: - ../arch/arm/include/asm/percpu.h: In function ‘__my_cpu_offset’: - ../arch/arm/include/asm/percpu.h:29:34: error: ‘current_stack_pointer’ undeclared (first use in this function); did you mean ‘user_stack_pointer’? - : "Q" (*(const unsigned long *)current_stack_pointer)); - ^~~~~~~~~~~~~~~~~~~~~ - user_stack_pointer - -Fixes: f227e3ec3b5c ("random32: update the net random state on interrupt and activity") -Signed-off-by: Grygorii Strashko -Signed-off-by: Linus Torvalds -Signed-off-by: Greg Kroah-Hartman - ---- - arch/arm/include/asm/percpu.h | 2 ++ - 1 file changed, 2 insertions(+) - ---- a/arch/arm/include/asm/percpu.h -+++ b/arch/arm/include/asm/percpu.h -@@ -16,6 +16,8 @@ - #ifndef _ASM_ARM_PERCPU_H_ - #define _ASM_ARM_PERCPU_H_ - -+#include -+ - /* - * Same as asm-generic/percpu.h, except that we store the per cpu offset - * in the TPIDRPRW. TPIDRPRW only exists on V6K and V7 diff --git a/queue-4.19/random-fix-circular-include-dependency-on-arm64-after-addition-of-percpu.h.patch b/queue-4.19/random-fix-circular-include-dependency-on-arm64-after-addition-of-percpu.h.patch deleted file mode 100644 index efe3af7d26c..00000000000 --- a/queue-4.19/random-fix-circular-include-dependency-on-arm64-after-addition-of-percpu.h.patch +++ /dev/null @@ -1,58 +0,0 @@ -From 1c9df907da83812e4f33b59d3d142c864d9da57f Mon Sep 17 00:00:00 2001 -From: Willy Tarreau -Date: Thu, 30 Jul 2020 07:59:24 +0200 -Subject: random: fix circular include dependency on arm64 after addition of percpu.h -MIME-Version: 1.0 -Content-Type: text/plain; charset=UTF-8 -Content-Transfer-Encoding: 8bit - -From: Willy Tarreau - -commit 1c9df907da83812e4f33b59d3d142c864d9da57f upstream. - -Daniel Díaz and Kees Cook independently reported that commit -f227e3ec3b5c ("random32: update the net random state on interrupt and -activity") broke arm64 due to a circular dependency on include files -since the addition of percpu.h in random.h. - -The correct fix would definitely be to move all the prandom32 stuff out -of random.h but for backporting, a smaller solution is preferred. - -This one replaces linux/percpu.h with asm/percpu.h, and this fixes the -problem on x86_64, arm64, arm, and mips. Note that moving percpu.h -around didn't change anything and that removing it entirely broke -differently. When backporting, such options might still be considered -if this patch fails to help. - -[ It turns out that an alternate fix seems to be to just remove the - troublesome remove from the arm64 - that causes the circular dependency. - - But we might as well do the whole belt-and-suspenders thing, and - minimize inclusion in too. Either will fix the - problem, and both are good changes. - Linus ] - -Reported-by: Daniel Díaz -Reported-by: Kees Cook -Tested-by: Marc Zyngier -Fixes: f227e3ec3b5c -Cc: Stephen Rothwell -Signed-off-by: Willy Tarreau -Signed-off-by: Linus Torvalds -Signed-off-by: Greg Kroah-Hartman - ---- - include/linux/random.h | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - ---- a/include/linux/random.h -+++ b/include/linux/random.h -@@ -9,7 +9,7 @@ - - #include - #include --#include -+#include - - #include - diff --git a/queue-4.19/random32-move-the-pseudo-random-32-bit-definitions-to-prandom.h.patch b/queue-4.19/random32-move-the-pseudo-random-32-bit-definitions-to-prandom.h.patch deleted file mode 100644 index ede9d1e3c0e..00000000000 --- a/queue-4.19/random32-move-the-pseudo-random-32-bit-definitions-to-prandom.h.patch +++ /dev/null @@ -1,213 +0,0 @@ -From c0842fbc1b18c7a044e6ff3e8fa78bfa822c7d1a Mon Sep 17 00:00:00 2001 -From: Linus Torvalds -Date: Fri, 31 Jul 2020 07:51:14 +0200 -Subject: random32: move the pseudo-random 32-bit definitions to prandom.h - -From: Linus Torvalds - -commit c0842fbc1b18c7a044e6ff3e8fa78bfa822c7d1a upstream. - -The addition of percpu.h to the list of includes in random.h revealed -some circular dependencies on arm64 and possibly other platforms. This -include was added solely for the pseudo-random definitions, which have -nothing to do with the rest of the definitions in this file but are -still there for legacy reasons. - -This patch moves the pseudo-random parts to linux/prandom.h and the -percpu.h include with it, which is now guarded by _LINUX_PRANDOM_H and -protected against recursive inclusion. - -A further cleanup step would be to remove this from -entirely, and make people who use the prandom infrastructure include -just the new header file. That's a bit of a churn patch, but grepping -for "prandom_" and "next_pseudo_random32" "struct rnd_state" should -catch most users. - -But it turns out that that nice cleanup step is fairly painful, because -a _lot_ of code currently seems to depend on the implicit include of -, which can currently come in a lot of ways, including -such fairly core headfers as . - -So the "nice cleanup" part may or may never happen. - -Fixes: 1c9df907da83 ("random: fix circular include dependency on arm64 after addition of percpu.h") -Tested-by: Guenter Roeck -Acked-by: Willy Tarreau -Signed-off-by: Linus Torvalds -Signed-off-by: Greg Kroah-Hartman - ---- - include/linux/prandom.h | 78 ++++++++++++++++++++++++++++++++++++++++++++++++ - include/linux/random.h | 66 ++-------------------------------------- - 2 files changed, 82 insertions(+), 62 deletions(-) - ---- /dev/null -+++ b/include/linux/prandom.h -@@ -0,0 +1,78 @@ -+/* SPDX-License-Identifier: GPL-2.0 */ -+/* -+ * include/linux/prandom.h -+ * -+ * Include file for the fast pseudo-random 32-bit -+ * generation. -+ */ -+#ifndef _LINUX_PRANDOM_H -+#define _LINUX_PRANDOM_H -+ -+#include -+#include -+ -+u32 prandom_u32(void); -+void prandom_bytes(void *buf, size_t nbytes); -+void prandom_seed(u32 seed); -+void prandom_reseed_late(void); -+ -+struct rnd_state { -+ __u32 s1, s2, s3, s4; -+}; -+ -+DECLARE_PER_CPU(struct rnd_state, net_rand_state); -+ -+u32 prandom_u32_state(struct rnd_state *state); -+void prandom_bytes_state(struct rnd_state *state, void *buf, size_t nbytes); -+void prandom_seed_full_state(struct rnd_state __percpu *pcpu_state); -+ -+#define prandom_init_once(pcpu_state) \ -+ DO_ONCE(prandom_seed_full_state, (pcpu_state)) -+ -+/** -+ * prandom_u32_max - returns a pseudo-random number in interval [0, ep_ro) -+ * @ep_ro: right open interval endpoint -+ * -+ * Returns a pseudo-random number that is in interval [0, ep_ro). Note -+ * that the result depends on PRNG being well distributed in [0, ~0U] -+ * u32 space. Here we use maximally equidistributed combined Tausworthe -+ * generator, that is, prandom_u32(). This is useful when requesting a -+ * random index of an array containing ep_ro elements, for example. -+ * -+ * Returns: pseudo-random number in interval [0, ep_ro) -+ */ -+static inline u32 prandom_u32_max(u32 ep_ro) -+{ -+ return (u32)(((u64) prandom_u32() * ep_ro) >> 32); -+} -+ -+/* -+ * Handle minimum values for seeds -+ */ -+static inline u32 __seed(u32 x, u32 m) -+{ -+ return (x < m) ? x + m : x; -+} -+ -+/** -+ * prandom_seed_state - set seed for prandom_u32_state(). -+ * @state: pointer to state structure to receive the seed. -+ * @seed: arbitrary 64-bit value to use as a seed. -+ */ -+static inline void prandom_seed_state(struct rnd_state *state, u64 seed) -+{ -+ u32 i = (seed >> 32) ^ (seed << 10) ^ seed; -+ -+ state->s1 = __seed(i, 2U); -+ state->s2 = __seed(i, 8U); -+ state->s3 = __seed(i, 16U); -+ state->s4 = __seed(i, 128U); -+} -+ -+/* Pseudo random number generator from numerical recipes. */ -+static inline u32 next_pseudo_random32(u32 seed) -+{ -+ return seed * 1664525 + 1013904223; -+} -+ -+#endif ---- a/include/linux/random.h -+++ b/include/linux/random.h -@@ -9,7 +9,6 @@ - - #include - #include --#include - - #include - -@@ -107,63 +106,12 @@ declare_get_random_var_wait(long) - - unsigned long randomize_page(unsigned long start, unsigned long range); - --u32 prandom_u32(void); --void prandom_bytes(void *buf, size_t nbytes); --void prandom_seed(u32 seed); --void prandom_reseed_late(void); -- --struct rnd_state { -- __u32 s1, s2, s3, s4; --}; -- --DECLARE_PER_CPU(struct rnd_state, net_rand_state); -- --u32 prandom_u32_state(struct rnd_state *state); --void prandom_bytes_state(struct rnd_state *state, void *buf, size_t nbytes); --void prandom_seed_full_state(struct rnd_state __percpu *pcpu_state); -- --#define prandom_init_once(pcpu_state) \ -- DO_ONCE(prandom_seed_full_state, (pcpu_state)) -- --/** -- * prandom_u32_max - returns a pseudo-random number in interval [0, ep_ro) -- * @ep_ro: right open interval endpoint -- * -- * Returns a pseudo-random number that is in interval [0, ep_ro). Note -- * that the result depends on PRNG being well distributed in [0, ~0U] -- * u32 space. Here we use maximally equidistributed combined Tausworthe -- * generator, that is, prandom_u32(). This is useful when requesting a -- * random index of an array containing ep_ro elements, for example. -- * -- * Returns: pseudo-random number in interval [0, ep_ro) -- */ --static inline u32 prandom_u32_max(u32 ep_ro) --{ -- return (u32)(((u64) prandom_u32() * ep_ro) >> 32); --} -- - /* -- * Handle minimum values for seeds -- */ --static inline u32 __seed(u32 x, u32 m) --{ -- return (x < m) ? x + m : x; --} -- --/** -- * prandom_seed_state - set seed for prandom_u32_state(). -- * @state: pointer to state structure to receive the seed. -- * @seed: arbitrary 64-bit value to use as a seed. -+ * This is designed to be standalone for just prandom -+ * users, but for now we include it from -+ * for legacy reasons. - */ --static inline void prandom_seed_state(struct rnd_state *state, u64 seed) --{ -- u32 i = (seed >> 32) ^ (seed << 10) ^ seed; -- -- state->s1 = __seed(i, 2U); -- state->s2 = __seed(i, 8U); -- state->s3 = __seed(i, 16U); -- state->s4 = __seed(i, 128U); --} -+#include - - #ifdef CONFIG_ARCH_RANDOM - # include -@@ -194,10 +142,4 @@ static inline bool arch_has_random_seed( - } - #endif - --/* Pseudo random number generator from numerical recipes. */ --static inline u32 next_pseudo_random32(u32 seed) --{ -- return seed * 1664525 + 1013904223; --} -- - #endif /* _LINUX_RANDOM_H */ diff --git a/queue-4.19/random32-remove-net_rand_state-from-the-latent-entropy-gcc-plugin.patch b/queue-4.19/random32-remove-net_rand_state-from-the-latent-entropy-gcc-plugin.patch deleted file mode 100644 index 277336fee8d..00000000000 --- a/queue-4.19/random32-remove-net_rand_state-from-the-latent-entropy-gcc-plugin.patch +++ /dev/null @@ -1,52 +0,0 @@ -From 83bdc7275e6206f560d247be856bceba3e1ed8f2 Mon Sep 17 00:00:00 2001 -From: Linus Torvalds -Date: Wed, 29 Jul 2020 19:11:00 -0700 -Subject: random32: remove net_rand_state from the latent entropy gcc plugin - -From: Linus Torvalds - -commit 83bdc7275e6206f560d247be856bceba3e1ed8f2 upstream. - -It turns out that the plugin right now ends up being really unhappy -about the change from 'static' to 'extern' storage that happened in -commit f227e3ec3b5c ("random32: update the net random state on interrupt -and activity"). - -This is probably a trivial fix for the latent_entropy plugin, but for -now, just remove net_rand_state from the list of things the plugin -worries about. - -Reported-by: Stephen Rothwell -Cc: Emese Revfy -Cc: Kees Cook -Cc: Willy Tarreau -Signed-off-by: Linus Torvalds -Signed-off-by: Greg Kroah-Hartman - ---- - include/linux/random.h | 2 +- - lib/random32.c | 2 +- - 2 files changed, 2 insertions(+), 2 deletions(-) - ---- a/include/linux/random.h -+++ b/include/linux/random.h -@@ -116,7 +116,7 @@ struct rnd_state { - __u32 s1, s2, s3, s4; - }; - --DECLARE_PER_CPU(struct rnd_state, net_rand_state) __latent_entropy; -+DECLARE_PER_CPU(struct rnd_state, net_rand_state); - - u32 prandom_u32_state(struct rnd_state *state); - void prandom_bytes_state(struct rnd_state *state, void *buf, size_t nbytes); ---- a/lib/random32.c -+++ b/lib/random32.c -@@ -48,7 +48,7 @@ static inline void prandom_state_selftes - } - #endif - --DEFINE_PER_CPU(struct rnd_state, net_rand_state) __latent_entropy; -+DEFINE_PER_CPU(struct rnd_state, net_rand_state); - - /** - * prandom_u32_state - seeded pseudo-random number generator. diff --git a/queue-4.19/random32-update-the-net-random-state-on-interrupt-and-activity.patch b/queue-4.19/random32-update-the-net-random-state-on-interrupt-and-activity.patch deleted file mode 100644 index d814581dd2e..00000000000 --- a/queue-4.19/random32-update-the-net-random-state-on-interrupt-and-activity.patch +++ /dev/null @@ -1,109 +0,0 @@ -From f227e3ec3b5cad859ad15666874405e8c1bbc1d4 Mon Sep 17 00:00:00 2001 -From: Willy Tarreau -Date: Fri, 10 Jul 2020 15:23:19 +0200 -Subject: random32: update the net random state on interrupt and activity - -From: Willy Tarreau - -commit f227e3ec3b5cad859ad15666874405e8c1bbc1d4 upstream. - -This modifies the first 32 bits out of the 128 bits of a random CPU's -net_rand_state on interrupt or CPU activity to complicate remote -observations that could lead to guessing the network RNG's internal -state. - -Note that depending on some network devices' interrupt rate moderation -or binding, this re-seeding might happen on every packet or even almost -never. - -In addition, with NOHZ some CPUs might not even get timer interrupts, -leaving their local state rarely updated, while they are running -networked processes making use of the random state. For this reason, we -also perform this update in update_process_times() in order to at least -update the state when there is user or system activity, since it's the -only case we care about. - -Reported-by: Amit Klein -Suggested-by: Linus Torvalds -Cc: Eric Dumazet -Cc: "Jason A. Donenfeld" -Cc: Andy Lutomirski -Cc: Kees Cook -Cc: Thomas Gleixner -Cc: Peter Zijlstra -Cc: -Signed-off-by: Willy Tarreau -Signed-off-by: Linus Torvalds -Signed-off-by: Greg Kroah-Hartman - ---- - drivers/char/random.c | 1 + - include/linux/random.h | 3 +++ - kernel/time/timer.c | 8 ++++++++ - lib/random32.c | 2 +- - 4 files changed, 13 insertions(+), 1 deletion(-) - ---- a/drivers/char/random.c -+++ b/drivers/char/random.c -@@ -1257,6 +1257,7 @@ void add_interrupt_randomness(int irq, i - - fast_mix(fast_pool); - add_interrupt_bench(cycles); -+ this_cpu_add(net_rand_state.s1, fast_pool->pool[cycles & 3]); - - if (unlikely(crng_init == 0)) { - if ((fast_pool->count >= 64) && ---- a/include/linux/random.h -+++ b/include/linux/random.h -@@ -9,6 +9,7 @@ - - #include - #include -+#include - - #include - -@@ -115,6 +116,8 @@ struct rnd_state { - __u32 s1, s2, s3, s4; - }; - -+DECLARE_PER_CPU(struct rnd_state, net_rand_state) __latent_entropy; -+ - u32 prandom_u32_state(struct rnd_state *state); - void prandom_bytes_state(struct rnd_state *state, void *buf, size_t nbytes); - void prandom_seed_full_state(struct rnd_state __percpu *pcpu_state); ---- a/kernel/time/timer.c -+++ b/kernel/time/timer.c -@@ -44,6 +44,7 @@ - #include - #include - #include -+#include - - #include - #include -@@ -1654,6 +1655,13 @@ void update_process_times(int user_tick) - scheduler_tick(); - if (IS_ENABLED(CONFIG_POSIX_TIMERS)) - run_posix_cpu_timers(p); -+ -+ /* The current CPU might make use of net randoms without receiving IRQs -+ * to renew them often enough. Let's update the net_rand_state from a -+ * non-constant value that's not affine to the number of calls to make -+ * sure it's updated when there's some activity (we don't care in idle). -+ */ -+ this_cpu_add(net_rand_state.s1, rol32(jiffies, 24) + user_tick); - } - - /** ---- a/lib/random32.c -+++ b/lib/random32.c -@@ -48,7 +48,7 @@ static inline void prandom_state_selftes - } - #endif - --static DEFINE_PER_CPU(struct rnd_state, net_rand_state) __latent_entropy; -+DEFINE_PER_CPU(struct rnd_state, net_rand_state) __latent_entropy; - - /** - * prandom_u32_state - seeded pseudo-random number generator. diff --git a/queue-4.19/series b/queue-4.19/series index 3e2788b459c..5a39ef7a8f7 100644 --- a/queue-4.19/series +++ b/queue-4.19/series @@ -13,13 +13,9 @@ pci-aspm-disable-aspm-on-asmedia-asm1083-1085-pcie-to-pci-bridge.patch 9p-trans_fd-fix-concurrency-del-of-req_list-in-p9_fd_cancelled-p9_read_work.patch wireless-use-offsetof-instead-of-custom-macro.patch arm-8986-1-hw_breakpoint-don-t-invoke-overflow-handler-on-uaccess-watchpoints.patch -random32-update-the-net-random-state-on-interrupt-and-activity.patch -arm-percpu.h-fix-build-error.patch revert-drm-amdgpu-fix-null-dereference-in-dpm-sysfs-handlers.patch drm-amdgpu-prevent-kernel-infoleak-in-amdgpu_info_ioctl.patch drm-hold-gem-reference-until-object-is-no-longer-accessed.patch -random-fix-circular-include-dependency-on-arm64-after-addition-of-percpu.h.patch -random32-remove-net_rand_state-from-the-latent-entropy-gcc-plugin.patch rds-prevent-kernel-infoleak-in-rds_notify_queue_get.patch xfs-fix-missed-wakeup-on-l_flush_wait.patch net-x25-fix-x25_neigh-refcnt-leak-when-x25-disconnect.patch @@ -54,4 +50,3 @@ cxgb4-add-missing-release-on-skb-in-uld_send.patch xen-netfront-fix-potential-deadlock-in-xennet_remove.patch kvm-lapic-prevent-setting-the-tscdeadline-timer-if-the-lapic-is-hw-disabled.patch x86-i8259-use-printk_deferred-to-prevent-deadlock.patch -random32-move-the-pseudo-random-32-bit-definitions-to-prandom.h.patch diff --git a/queue-4.4/arm-percpu.h-fix-build-error.patch b/queue-4.4/arm-percpu.h-fix-build-error.patch deleted file mode 100644 index 588ad9ec5b4..00000000000 --- a/queue-4.4/arm-percpu.h-fix-build-error.patch +++ /dev/null @@ -1,46 +0,0 @@ -From aa54ea903abb02303bf55855fb51e3fcee135d70 Mon Sep 17 00:00:00 2001 -From: Grygorii Strashko -Date: Thu, 30 Jul 2020 22:05:01 +0300 -Subject: ARM: percpu.h: fix build error -MIME-Version: 1.0 -Content-Type: text/plain; charset=UTF-8 -Content-Transfer-Encoding: 8bit - -From: Grygorii Strashko - -commit aa54ea903abb02303bf55855fb51e3fcee135d70 upstream. - -Fix build error for the case: - defined(CONFIG_SMP) && !defined(CONFIG_CPU_V6) - -config: keystone_defconfig - - CC arch/arm/kernel/signal.o - In file included from ../include/linux/random.h:14, - from ../arch/arm/kernel/signal.c:8: - ../arch/arm/include/asm/percpu.h: In function ‘__my_cpu_offset’: - ../arch/arm/include/asm/percpu.h:29:34: error: ‘current_stack_pointer’ undeclared (first use in this function); did you mean ‘user_stack_pointer’? - : "Q" (*(const unsigned long *)current_stack_pointer)); - ^~~~~~~~~~~~~~~~~~~~~ - user_stack_pointer - -Fixes: f227e3ec3b5c ("random32: update the net random state on interrupt and activity") -Signed-off-by: Grygorii Strashko -Signed-off-by: Linus Torvalds -Signed-off-by: Greg Kroah-Hartman - ---- - arch/arm/include/asm/percpu.h | 2 ++ - 1 file changed, 2 insertions(+) - ---- a/arch/arm/include/asm/percpu.h -+++ b/arch/arm/include/asm/percpu.h -@@ -16,6 +16,8 @@ - #ifndef _ASM_ARM_PERCPU_H_ - #define _ASM_ARM_PERCPU_H_ - -+#include -+ - /* - * Same as asm-generic/percpu.h, except that we store the per cpu offset - * in the TPIDRPRW. TPIDRPRW only exists on V6K and V7 diff --git a/queue-4.4/random32-update-the-net-random-state-on-interrupt-and-activity.patch b/queue-4.4/random32-update-the-net-random-state-on-interrupt-and-activity.patch deleted file mode 100644 index 2566759585b..00000000000 --- a/queue-4.4/random32-update-the-net-random-state-on-interrupt-and-activity.patch +++ /dev/null @@ -1,109 +0,0 @@ -From f227e3ec3b5cad859ad15666874405e8c1bbc1d4 Mon Sep 17 00:00:00 2001 -From: Willy Tarreau -Date: Fri, 10 Jul 2020 15:23:19 +0200 -Subject: random32: update the net random state on interrupt and activity - -From: Willy Tarreau - -commit f227e3ec3b5cad859ad15666874405e8c1bbc1d4 upstream. - -This modifies the first 32 bits out of the 128 bits of a random CPU's -net_rand_state on interrupt or CPU activity to complicate remote -observations that could lead to guessing the network RNG's internal -state. - -Note that depending on some network devices' interrupt rate moderation -or binding, this re-seeding might happen on every packet or even almost -never. - -In addition, with NOHZ some CPUs might not even get timer interrupts, -leaving their local state rarely updated, while they are running -networked processes making use of the random state. For this reason, we -also perform this update in update_process_times() in order to at least -update the state when there is user or system activity, since it's the -only case we care about. - -Reported-by: Amit Klein -Suggested-by: Linus Torvalds -Cc: Eric Dumazet -Cc: "Jason A. Donenfeld" -Cc: Andy Lutomirski -Cc: Kees Cook -Cc: Thomas Gleixner -Cc: Peter Zijlstra -Cc: -Signed-off-by: Willy Tarreau -Signed-off-by: Linus Torvalds -Signed-off-by: Greg Kroah-Hartman - ---- - drivers/char/random.c | 1 + - include/linux/random.h | 3 +++ - kernel/time/timer.c | 8 ++++++++ - lib/random32.c | 2 +- - 4 files changed, 13 insertions(+), 1 deletion(-) - ---- a/drivers/char/random.c -+++ b/drivers/char/random.c -@@ -923,6 +923,7 @@ void add_interrupt_randomness(int irq, i - - fast_mix(fast_pool); - add_interrupt_bench(cycles); -+ this_cpu_add(net_rand_state.s1, fast_pool->pool[cycles & 3]); - - if ((fast_pool->count < 64) && - !time_after(now, fast_pool->last + HZ)) ---- a/include/linux/random.h -+++ b/include/linux/random.h -@@ -8,6 +8,7 @@ - - #include - #include -+#include - - #include - -@@ -46,6 +47,8 @@ struct rnd_state { - __u32 s1, s2, s3, s4; - }; - -+DECLARE_PER_CPU(struct rnd_state, net_rand_state); -+ - u32 prandom_u32_state(struct rnd_state *state); - void prandom_bytes_state(struct rnd_state *state, void *buf, size_t nbytes); - void prandom_seed_full_state(struct rnd_state __percpu *pcpu_state); ---- a/kernel/time/timer.c -+++ b/kernel/time/timer.c -@@ -42,6 +42,7 @@ - #include - #include - #include -+#include - - #include - #include -@@ -1431,6 +1432,13 @@ void update_process_times(int user_tick) - #endif - scheduler_tick(); - run_posix_cpu_timers(p); -+ -+ /* The current CPU might make use of net randoms without receiving IRQs -+ * to renew them often enough. Let's update the net_rand_state from a -+ * non-constant value that's not affine to the number of calls to make -+ * sure it's updated when there's some activity (we don't care in idle). -+ */ -+ this_cpu_add(net_rand_state.s1, rol32(jiffies, 24) + user_tick); - } - - /* ---- a/lib/random32.c -+++ b/lib/random32.c -@@ -47,7 +47,7 @@ static inline void prandom_state_selftes - } - #endif - --static DEFINE_PER_CPU(struct rnd_state, net_rand_state); -+DEFINE_PER_CPU(struct rnd_state, net_rand_state); - - /** - * prandom_u32_state - seeded pseudo-random number generator. diff --git a/queue-4.4/series b/queue-4.4/series index 8f3a5dbe60b..89d9cbc6f62 100644 --- a/queue-4.4/series +++ b/queue-4.4/series @@ -6,10 +6,8 @@ ath9k-release-allocated-buffer-if-timed-out.patch nfs-move-call-to-security_inode_listsecurity-into-nf.patch scsi-libsas-direct-call-probe-and-destruct.patch pci-aspm-disable-aspm-on-asmedia-asm1083-1085-pcie-to-pci-bridge.patch -random32-update-the-net-random-state-on-interrupt-and-activity.patch drm-amdgpu-prevent-kernel-infoleak-in-amdgpu_info_ioctl.patch drm-hold-gem-reference-until-object-is-no-longer-accessed.patch -arm-percpu.h-fix-build-error.patch f2fs-check-memory-boundary-by-insane-namelen.patch f2fs-check-if-file-namelen-exceeds-max-value.patch arm-8986-1-hw_breakpoint-don-t-invoke-overflow-handl.patch diff --git a/queue-4.9/arm-percpu.h-fix-build-error.patch b/queue-4.9/arm-percpu.h-fix-build-error.patch deleted file mode 100644 index 588ad9ec5b4..00000000000 --- a/queue-4.9/arm-percpu.h-fix-build-error.patch +++ /dev/null @@ -1,46 +0,0 @@ -From aa54ea903abb02303bf55855fb51e3fcee135d70 Mon Sep 17 00:00:00 2001 -From: Grygorii Strashko -Date: Thu, 30 Jul 2020 22:05:01 +0300 -Subject: ARM: percpu.h: fix build error -MIME-Version: 1.0 -Content-Type: text/plain; charset=UTF-8 -Content-Transfer-Encoding: 8bit - -From: Grygorii Strashko - -commit aa54ea903abb02303bf55855fb51e3fcee135d70 upstream. - -Fix build error for the case: - defined(CONFIG_SMP) && !defined(CONFIG_CPU_V6) - -config: keystone_defconfig - - CC arch/arm/kernel/signal.o - In file included from ../include/linux/random.h:14, - from ../arch/arm/kernel/signal.c:8: - ../arch/arm/include/asm/percpu.h: In function ‘__my_cpu_offset’: - ../arch/arm/include/asm/percpu.h:29:34: error: ‘current_stack_pointer’ undeclared (first use in this function); did you mean ‘user_stack_pointer’? - : "Q" (*(const unsigned long *)current_stack_pointer)); - ^~~~~~~~~~~~~~~~~~~~~ - user_stack_pointer - -Fixes: f227e3ec3b5c ("random32: update the net random state on interrupt and activity") -Signed-off-by: Grygorii Strashko -Signed-off-by: Linus Torvalds -Signed-off-by: Greg Kroah-Hartman - ---- - arch/arm/include/asm/percpu.h | 2 ++ - 1 file changed, 2 insertions(+) - ---- a/arch/arm/include/asm/percpu.h -+++ b/arch/arm/include/asm/percpu.h -@@ -16,6 +16,8 @@ - #ifndef _ASM_ARM_PERCPU_H_ - #define _ASM_ARM_PERCPU_H_ - -+#include -+ - /* - * Same as asm-generic/percpu.h, except that we store the per cpu offset - * in the TPIDRPRW. TPIDRPRW only exists on V6K and V7 diff --git a/queue-4.9/random32-remove-net_rand_state-from-the-latent-entropy-gcc-plugin.patch b/queue-4.9/random32-remove-net_rand_state-from-the-latent-entropy-gcc-plugin.patch deleted file mode 100644 index feba85978c3..00000000000 --- a/queue-4.9/random32-remove-net_rand_state-from-the-latent-entropy-gcc-plugin.patch +++ /dev/null @@ -1,52 +0,0 @@ -From 83bdc7275e6206f560d247be856bceba3e1ed8f2 Mon Sep 17 00:00:00 2001 -From: Linus Torvalds -Date: Wed, 29 Jul 2020 19:11:00 -0700 -Subject: random32: remove net_rand_state from the latent entropy gcc plugin - -From: Linus Torvalds - -commit 83bdc7275e6206f560d247be856bceba3e1ed8f2 upstream. - -It turns out that the plugin right now ends up being really unhappy -about the change from 'static' to 'extern' storage that happened in -commit f227e3ec3b5c ("random32: update the net random state on interrupt -and activity"). - -This is probably a trivial fix for the latent_entropy plugin, but for -now, just remove net_rand_state from the list of things the plugin -worries about. - -Reported-by: Stephen Rothwell -Cc: Emese Revfy -Cc: Kees Cook -Cc: Willy Tarreau -Signed-off-by: Linus Torvalds -Signed-off-by: Greg Kroah-Hartman - ---- - include/linux/random.h | 2 +- - lib/random32.c | 2 +- - 2 files changed, 2 insertions(+), 2 deletions(-) - ---- a/include/linux/random.h -+++ b/include/linux/random.h -@@ -56,7 +56,7 @@ struct rnd_state { - __u32 s1, s2, s3, s4; - }; - --DECLARE_PER_CPU(struct rnd_state, net_rand_state) __latent_entropy; -+DECLARE_PER_CPU(struct rnd_state, net_rand_state); - - u32 prandom_u32_state(struct rnd_state *state); - void prandom_bytes_state(struct rnd_state *state, void *buf, size_t nbytes); ---- a/lib/random32.c -+++ b/lib/random32.c -@@ -47,7 +47,7 @@ static inline void prandom_state_selftes - } - #endif - --DEFINE_PER_CPU(struct rnd_state, net_rand_state) __latent_entropy; -+DEFINE_PER_CPU(struct rnd_state, net_rand_state); - - /** - * prandom_u32_state - seeded pseudo-random number generator. diff --git a/queue-4.9/random32-update-the-net-random-state-on-interrupt-and-activity.patch b/queue-4.9/random32-update-the-net-random-state-on-interrupt-and-activity.patch deleted file mode 100644 index 922de66be7b..00000000000 --- a/queue-4.9/random32-update-the-net-random-state-on-interrupt-and-activity.patch +++ /dev/null @@ -1,109 +0,0 @@ -From f227e3ec3b5cad859ad15666874405e8c1bbc1d4 Mon Sep 17 00:00:00 2001 -From: Willy Tarreau -Date: Fri, 10 Jul 2020 15:23:19 +0200 -Subject: random32: update the net random state on interrupt and activity - -From: Willy Tarreau - -commit f227e3ec3b5cad859ad15666874405e8c1bbc1d4 upstream. - -This modifies the first 32 bits out of the 128 bits of a random CPU's -net_rand_state on interrupt or CPU activity to complicate remote -observations that could lead to guessing the network RNG's internal -state. - -Note that depending on some network devices' interrupt rate moderation -or binding, this re-seeding might happen on every packet or even almost -never. - -In addition, with NOHZ some CPUs might not even get timer interrupts, -leaving their local state rarely updated, while they are running -networked processes making use of the random state. For this reason, we -also perform this update in update_process_times() in order to at least -update the state when there is user or system activity, since it's the -only case we care about. - -Reported-by: Amit Klein -Suggested-by: Linus Torvalds -Cc: Eric Dumazet -Cc: "Jason A. Donenfeld" -Cc: Andy Lutomirski -Cc: Kees Cook -Cc: Thomas Gleixner -Cc: Peter Zijlstra -Cc: -Signed-off-by: Willy Tarreau -Signed-off-by: Linus Torvalds -Signed-off-by: Greg Kroah-Hartman - ---- - drivers/char/random.c | 1 + - include/linux/random.h | 3 +++ - kernel/time/timer.c | 8 ++++++++ - lib/random32.c | 2 +- - 4 files changed, 13 insertions(+), 1 deletion(-) - ---- a/drivers/char/random.c -+++ b/drivers/char/random.c -@@ -1211,6 +1211,7 @@ void add_interrupt_randomness(int irq, i - - fast_mix(fast_pool); - add_interrupt_bench(cycles); -+ this_cpu_add(net_rand_state.s1, fast_pool->pool[cycles & 3]); - - if (unlikely(crng_init == 0)) { - if ((fast_pool->count >= 64) && ---- a/include/linux/random.h -+++ b/include/linux/random.h -@@ -8,6 +8,7 @@ - - #include - #include -+#include - - #include - -@@ -55,6 +56,8 @@ struct rnd_state { - __u32 s1, s2, s3, s4; - }; - -+DECLARE_PER_CPU(struct rnd_state, net_rand_state) __latent_entropy; -+ - u32 prandom_u32_state(struct rnd_state *state); - void prandom_bytes_state(struct rnd_state *state, void *buf, size_t nbytes); - void prandom_seed_full_state(struct rnd_state __percpu *pcpu_state); ---- a/kernel/time/timer.c -+++ b/kernel/time/timer.c -@@ -42,6 +42,7 @@ - #include - #include - #include -+#include - - #include - #include -@@ -1635,6 +1636,13 @@ void update_process_times(int user_tick) - #endif - scheduler_tick(); - run_posix_cpu_timers(p); -+ -+ /* The current CPU might make use of net randoms without receiving IRQs -+ * to renew them often enough. Let's update the net_rand_state from a -+ * non-constant value that's not affine to the number of calls to make -+ * sure it's updated when there's some activity (we don't care in idle). -+ */ -+ this_cpu_add(net_rand_state.s1, rol32(jiffies, 24) + user_tick); - } - - /** ---- a/lib/random32.c -+++ b/lib/random32.c -@@ -47,7 +47,7 @@ static inline void prandom_state_selftes - } - #endif - --static DEFINE_PER_CPU(struct rnd_state, net_rand_state) __latent_entropy; -+DEFINE_PER_CPU(struct rnd_state, net_rand_state) __latent_entropy; - - /** - * prandom_u32_state - seeded pseudo-random number generator. diff --git a/queue-4.9/series b/queue-4.9/series index dadbfedd668..c2bf9567bf0 100644 --- a/queue-4.9/series +++ b/queue-4.9/series @@ -9,13 +9,10 @@ ath9k-release-allocated-buffer-if-timed-out.patch scsi-libsas-direct-call-probe-and-destruct.patch pci-aspm-disable-aspm-on-asmedia-asm1083-1085-pcie-to-pci-bridge.patch arm-8986-1-hw_breakpoint-don-t-invoke-overflow-handler-on-uaccess-watchpoints.patch -random32-update-the-net-random-state-on-interrupt-and-activity.patch -arm-percpu.h-fix-build-error.patch drm-amdgpu-prevent-kernel-infoleak-in-amdgpu_info_ioctl.patch drm-hold-gem-reference-until-object-is-no-longer-accessed.patch f2fs-check-memory-boundary-by-insane-namelen.patch f2fs-check-if-file-namelen-exceeds-max-value.patch -random32-remove-net_rand_state-from-the-latent-entropy-gcc-plugin.patch 9p-trans_fd-abort-p9_read_work-if-req-status-changed.patch 9p-trans_fd-fix-concurrency-del-of-req_list-in-p9_fd.patch x86-build-lto-fix-truncated-.bss-with-fdata-sections.patch diff --git a/queue-5.4/arm-percpu.h-fix-build-error.patch b/queue-5.4/arm-percpu.h-fix-build-error.patch deleted file mode 100644 index ee5f3493df7..00000000000 --- a/queue-5.4/arm-percpu.h-fix-build-error.patch +++ /dev/null @@ -1,46 +0,0 @@ -From aa54ea903abb02303bf55855fb51e3fcee135d70 Mon Sep 17 00:00:00 2001 -From: Grygorii Strashko -Date: Thu, 30 Jul 2020 22:05:01 +0300 -Subject: ARM: percpu.h: fix build error -MIME-Version: 1.0 -Content-Type: text/plain; charset=UTF-8 -Content-Transfer-Encoding: 8bit - -From: Grygorii Strashko - -commit aa54ea903abb02303bf55855fb51e3fcee135d70 upstream. - -Fix build error for the case: - defined(CONFIG_SMP) && !defined(CONFIG_CPU_V6) - -config: keystone_defconfig - - CC arch/arm/kernel/signal.o - In file included from ../include/linux/random.h:14, - from ../arch/arm/kernel/signal.c:8: - ../arch/arm/include/asm/percpu.h: In function ‘__my_cpu_offset’: - ../arch/arm/include/asm/percpu.h:29:34: error: ‘current_stack_pointer’ undeclared (first use in this function); did you mean ‘user_stack_pointer’? - : "Q" (*(const unsigned long *)current_stack_pointer)); - ^~~~~~~~~~~~~~~~~~~~~ - user_stack_pointer - -Fixes: f227e3ec3b5c ("random32: update the net random state on interrupt and activity") -Signed-off-by: Grygorii Strashko -Signed-off-by: Linus Torvalds -Signed-off-by: Greg Kroah-Hartman - ---- - arch/arm/include/asm/percpu.h | 2 ++ - 1 file changed, 2 insertions(+) - ---- a/arch/arm/include/asm/percpu.h -+++ b/arch/arm/include/asm/percpu.h -@@ -5,6 +5,8 @@ - #ifndef _ASM_ARM_PERCPU_H_ - #define _ASM_ARM_PERCPU_H_ - -+#include -+ - /* - * Same as asm-generic/percpu.h, except that we store the per cpu offset - * in the TPIDRPRW. TPIDRPRW only exists on V6K and V7 diff --git a/queue-5.4/random-fix-circular-include-dependency-on-arm64-after-addition-of-percpu.h.patch b/queue-5.4/random-fix-circular-include-dependency-on-arm64-after-addition-of-percpu.h.patch deleted file mode 100644 index efe3af7d26c..00000000000 --- a/queue-5.4/random-fix-circular-include-dependency-on-arm64-after-addition-of-percpu.h.patch +++ /dev/null @@ -1,58 +0,0 @@ -From 1c9df907da83812e4f33b59d3d142c864d9da57f Mon Sep 17 00:00:00 2001 -From: Willy Tarreau -Date: Thu, 30 Jul 2020 07:59:24 +0200 -Subject: random: fix circular include dependency on arm64 after addition of percpu.h -MIME-Version: 1.0 -Content-Type: text/plain; charset=UTF-8 -Content-Transfer-Encoding: 8bit - -From: Willy Tarreau - -commit 1c9df907da83812e4f33b59d3d142c864d9da57f upstream. - -Daniel Díaz and Kees Cook independently reported that commit -f227e3ec3b5c ("random32: update the net random state on interrupt and -activity") broke arm64 due to a circular dependency on include files -since the addition of percpu.h in random.h. - -The correct fix would definitely be to move all the prandom32 stuff out -of random.h but for backporting, a smaller solution is preferred. - -This one replaces linux/percpu.h with asm/percpu.h, and this fixes the -problem on x86_64, arm64, arm, and mips. Note that moving percpu.h -around didn't change anything and that removing it entirely broke -differently. When backporting, such options might still be considered -if this patch fails to help. - -[ It turns out that an alternate fix seems to be to just remove the - troublesome remove from the arm64 - that causes the circular dependency. - - But we might as well do the whole belt-and-suspenders thing, and - minimize inclusion in too. Either will fix the - problem, and both are good changes. - Linus ] - -Reported-by: Daniel Díaz -Reported-by: Kees Cook -Tested-by: Marc Zyngier -Fixes: f227e3ec3b5c -Cc: Stephen Rothwell -Signed-off-by: Willy Tarreau -Signed-off-by: Linus Torvalds -Signed-off-by: Greg Kroah-Hartman - ---- - include/linux/random.h | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - ---- a/include/linux/random.h -+++ b/include/linux/random.h -@@ -9,7 +9,7 @@ - - #include - #include --#include -+#include - - #include - diff --git a/queue-5.4/random32-move-the-pseudo-random-32-bit-definitions-to-prandom.h.patch b/queue-5.4/random32-move-the-pseudo-random-32-bit-definitions-to-prandom.h.patch deleted file mode 100644 index f7174ea4801..00000000000 --- a/queue-5.4/random32-move-the-pseudo-random-32-bit-definitions-to-prandom.h.patch +++ /dev/null @@ -1,213 +0,0 @@ -From c0842fbc1b18c7a044e6ff3e8fa78bfa822c7d1a Mon Sep 17 00:00:00 2001 -From: Linus Torvalds -Date: Fri, 31 Jul 2020 07:51:14 +0200 -Subject: random32: move the pseudo-random 32-bit definitions to prandom.h - -From: Linus Torvalds - -commit c0842fbc1b18c7a044e6ff3e8fa78bfa822c7d1a upstream. - -The addition of percpu.h to the list of includes in random.h revealed -some circular dependencies on arm64 and possibly other platforms. This -include was added solely for the pseudo-random definitions, which have -nothing to do with the rest of the definitions in this file but are -still there for legacy reasons. - -This patch moves the pseudo-random parts to linux/prandom.h and the -percpu.h include with it, which is now guarded by _LINUX_PRANDOM_H and -protected against recursive inclusion. - -A further cleanup step would be to remove this from -entirely, and make people who use the prandom infrastructure include -just the new header file. That's a bit of a churn patch, but grepping -for "prandom_" and "next_pseudo_random32" "struct rnd_state" should -catch most users. - -But it turns out that that nice cleanup step is fairly painful, because -a _lot_ of code currently seems to depend on the implicit include of -, which can currently come in a lot of ways, including -such fairly core headfers as . - -So the "nice cleanup" part may or may never happen. - -Fixes: 1c9df907da83 ("random: fix circular include dependency on arm64 after addition of percpu.h") -Tested-by: Guenter Roeck -Acked-by: Willy Tarreau -Signed-off-by: Linus Torvalds -Signed-off-by: Greg Kroah-Hartman - ---- - include/linux/prandom.h | 78 ++++++++++++++++++++++++++++++++++++++++++++++++ - include/linux/random.h | 66 ++-------------------------------------- - 2 files changed, 82 insertions(+), 62 deletions(-) - ---- /dev/null -+++ b/include/linux/prandom.h -@@ -0,0 +1,78 @@ -+/* SPDX-License-Identifier: GPL-2.0 */ -+/* -+ * include/linux/prandom.h -+ * -+ * Include file for the fast pseudo-random 32-bit -+ * generation. -+ */ -+#ifndef _LINUX_PRANDOM_H -+#define _LINUX_PRANDOM_H -+ -+#include -+#include -+ -+u32 prandom_u32(void); -+void prandom_bytes(void *buf, size_t nbytes); -+void prandom_seed(u32 seed); -+void prandom_reseed_late(void); -+ -+struct rnd_state { -+ __u32 s1, s2, s3, s4; -+}; -+ -+DECLARE_PER_CPU(struct rnd_state, net_rand_state); -+ -+u32 prandom_u32_state(struct rnd_state *state); -+void prandom_bytes_state(struct rnd_state *state, void *buf, size_t nbytes); -+void prandom_seed_full_state(struct rnd_state __percpu *pcpu_state); -+ -+#define prandom_init_once(pcpu_state) \ -+ DO_ONCE(prandom_seed_full_state, (pcpu_state)) -+ -+/** -+ * prandom_u32_max - returns a pseudo-random number in interval [0, ep_ro) -+ * @ep_ro: right open interval endpoint -+ * -+ * Returns a pseudo-random number that is in interval [0, ep_ro). Note -+ * that the result depends on PRNG being well distributed in [0, ~0U] -+ * u32 space. Here we use maximally equidistributed combined Tausworthe -+ * generator, that is, prandom_u32(). This is useful when requesting a -+ * random index of an array containing ep_ro elements, for example. -+ * -+ * Returns: pseudo-random number in interval [0, ep_ro) -+ */ -+static inline u32 prandom_u32_max(u32 ep_ro) -+{ -+ return (u32)(((u64) prandom_u32() * ep_ro) >> 32); -+} -+ -+/* -+ * Handle minimum values for seeds -+ */ -+static inline u32 __seed(u32 x, u32 m) -+{ -+ return (x < m) ? x + m : x; -+} -+ -+/** -+ * prandom_seed_state - set seed for prandom_u32_state(). -+ * @state: pointer to state structure to receive the seed. -+ * @seed: arbitrary 64-bit value to use as a seed. -+ */ -+static inline void prandom_seed_state(struct rnd_state *state, u64 seed) -+{ -+ u32 i = (seed >> 32) ^ (seed << 10) ^ seed; -+ -+ state->s1 = __seed(i, 2U); -+ state->s2 = __seed(i, 8U); -+ state->s3 = __seed(i, 16U); -+ state->s4 = __seed(i, 128U); -+} -+ -+/* Pseudo random number generator from numerical recipes. */ -+static inline u32 next_pseudo_random32(u32 seed) -+{ -+ return seed * 1664525 + 1013904223; -+} -+ -+#endif ---- a/include/linux/random.h -+++ b/include/linux/random.h -@@ -9,7 +9,6 @@ - - #include - #include --#include - - #include - -@@ -109,63 +108,12 @@ declare_get_random_var_wait(long) - - unsigned long randomize_page(unsigned long start, unsigned long range); - --u32 prandom_u32(void); --void prandom_bytes(void *buf, size_t nbytes); --void prandom_seed(u32 seed); --void prandom_reseed_late(void); -- --struct rnd_state { -- __u32 s1, s2, s3, s4; --}; -- --DECLARE_PER_CPU(struct rnd_state, net_rand_state); -- --u32 prandom_u32_state(struct rnd_state *state); --void prandom_bytes_state(struct rnd_state *state, void *buf, size_t nbytes); --void prandom_seed_full_state(struct rnd_state __percpu *pcpu_state); -- --#define prandom_init_once(pcpu_state) \ -- DO_ONCE(prandom_seed_full_state, (pcpu_state)) -- --/** -- * prandom_u32_max - returns a pseudo-random number in interval [0, ep_ro) -- * @ep_ro: right open interval endpoint -- * -- * Returns a pseudo-random number that is in interval [0, ep_ro). Note -- * that the result depends on PRNG being well distributed in [0, ~0U] -- * u32 space. Here we use maximally equidistributed combined Tausworthe -- * generator, that is, prandom_u32(). This is useful when requesting a -- * random index of an array containing ep_ro elements, for example. -- * -- * Returns: pseudo-random number in interval [0, ep_ro) -- */ --static inline u32 prandom_u32_max(u32 ep_ro) --{ -- return (u32)(((u64) prandom_u32() * ep_ro) >> 32); --} -- - /* -- * Handle minimum values for seeds -- */ --static inline u32 __seed(u32 x, u32 m) --{ -- return (x < m) ? x + m : x; --} -- --/** -- * prandom_seed_state - set seed for prandom_u32_state(). -- * @state: pointer to state structure to receive the seed. -- * @seed: arbitrary 64-bit value to use as a seed. -+ * This is designed to be standalone for just prandom -+ * users, but for now we include it from -+ * for legacy reasons. - */ --static inline void prandom_seed_state(struct rnd_state *state, u64 seed) --{ -- u32 i = (seed >> 32) ^ (seed << 10) ^ seed; -- -- state->s1 = __seed(i, 2U); -- state->s2 = __seed(i, 8U); -- state->s3 = __seed(i, 16U); -- state->s4 = __seed(i, 128U); --} -+#include - - #ifdef CONFIG_ARCH_RANDOM - # include -@@ -196,10 +144,4 @@ static inline bool arch_has_random_seed( - } - #endif - --/* Pseudo random number generator from numerical recipes. */ --static inline u32 next_pseudo_random32(u32 seed) --{ -- return seed * 1664525 + 1013904223; --} -- - #endif /* _LINUX_RANDOM_H */ diff --git a/queue-5.4/random32-remove-net_rand_state-from-the-latent-entropy-gcc-plugin.patch b/queue-5.4/random32-remove-net_rand_state-from-the-latent-entropy-gcc-plugin.patch deleted file mode 100644 index 18e75012a9b..00000000000 --- a/queue-5.4/random32-remove-net_rand_state-from-the-latent-entropy-gcc-plugin.patch +++ /dev/null @@ -1,52 +0,0 @@ -From 83bdc7275e6206f560d247be856bceba3e1ed8f2 Mon Sep 17 00:00:00 2001 -From: Linus Torvalds -Date: Wed, 29 Jul 2020 19:11:00 -0700 -Subject: random32: remove net_rand_state from the latent entropy gcc plugin - -From: Linus Torvalds - -commit 83bdc7275e6206f560d247be856bceba3e1ed8f2 upstream. - -It turns out that the plugin right now ends up being really unhappy -about the change from 'static' to 'extern' storage that happened in -commit f227e3ec3b5c ("random32: update the net random state on interrupt -and activity"). - -This is probably a trivial fix for the latent_entropy plugin, but for -now, just remove net_rand_state from the list of things the plugin -worries about. - -Reported-by: Stephen Rothwell -Cc: Emese Revfy -Cc: Kees Cook -Cc: Willy Tarreau -Signed-off-by: Linus Torvalds -Signed-off-by: Greg Kroah-Hartman - ---- - include/linux/random.h | 2 +- - lib/random32.c | 2 +- - 2 files changed, 2 insertions(+), 2 deletions(-) - ---- a/include/linux/random.h -+++ b/include/linux/random.h -@@ -118,7 +118,7 @@ struct rnd_state { - __u32 s1, s2, s3, s4; - }; - --DECLARE_PER_CPU(struct rnd_state, net_rand_state) __latent_entropy; -+DECLARE_PER_CPU(struct rnd_state, net_rand_state); - - u32 prandom_u32_state(struct rnd_state *state); - void prandom_bytes_state(struct rnd_state *state, void *buf, size_t nbytes); ---- a/lib/random32.c -+++ b/lib/random32.c -@@ -48,7 +48,7 @@ static inline void prandom_state_selftes - } - #endif - --DEFINE_PER_CPU(struct rnd_state, net_rand_state) __latent_entropy; -+DEFINE_PER_CPU(struct rnd_state, net_rand_state); - - /** - * prandom_u32_state - seeded pseudo-random number generator. diff --git a/queue-5.4/random32-update-the-net-random-state-on-interrupt-and-activity.patch b/queue-5.4/random32-update-the-net-random-state-on-interrupt-and-activity.patch deleted file mode 100644 index a7dc7208923..00000000000 --- a/queue-5.4/random32-update-the-net-random-state-on-interrupt-and-activity.patch +++ /dev/null @@ -1,109 +0,0 @@ -From f227e3ec3b5cad859ad15666874405e8c1bbc1d4 Mon Sep 17 00:00:00 2001 -From: Willy Tarreau -Date: Fri, 10 Jul 2020 15:23:19 +0200 -Subject: random32: update the net random state on interrupt and activity - -From: Willy Tarreau - -commit f227e3ec3b5cad859ad15666874405e8c1bbc1d4 upstream. - -This modifies the first 32 bits out of the 128 bits of a random CPU's -net_rand_state on interrupt or CPU activity to complicate remote -observations that could lead to guessing the network RNG's internal -state. - -Note that depending on some network devices' interrupt rate moderation -or binding, this re-seeding might happen on every packet or even almost -never. - -In addition, with NOHZ some CPUs might not even get timer interrupts, -leaving their local state rarely updated, while they are running -networked processes making use of the random state. For this reason, we -also perform this update in update_process_times() in order to at least -update the state when there is user or system activity, since it's the -only case we care about. - -Reported-by: Amit Klein -Suggested-by: Linus Torvalds -Cc: Eric Dumazet -Cc: "Jason A. Donenfeld" -Cc: Andy Lutomirski -Cc: Kees Cook -Cc: Thomas Gleixner -Cc: Peter Zijlstra -Cc: -Signed-off-by: Willy Tarreau -Signed-off-by: Linus Torvalds -Signed-off-by: Greg Kroah-Hartman - ---- - drivers/char/random.c | 1 + - include/linux/random.h | 3 +++ - kernel/time/timer.c | 8 ++++++++ - lib/random32.c | 2 +- - 4 files changed, 13 insertions(+), 1 deletion(-) - ---- a/drivers/char/random.c -+++ b/drivers/char/random.c -@@ -1330,6 +1330,7 @@ void add_interrupt_randomness(int irq, i - - fast_mix(fast_pool); - add_interrupt_bench(cycles); -+ this_cpu_add(net_rand_state.s1, fast_pool->pool[cycles & 3]); - - if (unlikely(crng_init == 0)) { - if ((fast_pool->count >= 64) && ---- a/include/linux/random.h -+++ b/include/linux/random.h -@@ -9,6 +9,7 @@ - - #include - #include -+#include - - #include - -@@ -117,6 +118,8 @@ struct rnd_state { - __u32 s1, s2, s3, s4; - }; - -+DECLARE_PER_CPU(struct rnd_state, net_rand_state) __latent_entropy; -+ - u32 prandom_u32_state(struct rnd_state *state); - void prandom_bytes_state(struct rnd_state *state, void *buf, size_t nbytes); - void prandom_seed_full_state(struct rnd_state __percpu *pcpu_state); ---- a/kernel/time/timer.c -+++ b/kernel/time/timer.c -@@ -43,6 +43,7 @@ - #include - #include - #include -+#include - - #include - #include -@@ -1742,6 +1743,13 @@ void update_process_times(int user_tick) - scheduler_tick(); - if (IS_ENABLED(CONFIG_POSIX_TIMERS)) - run_posix_cpu_timers(); -+ -+ /* The current CPU might make use of net randoms without receiving IRQs -+ * to renew them often enough. Let's update the net_rand_state from a -+ * non-constant value that's not affine to the number of calls to make -+ * sure it's updated when there's some activity (we don't care in idle). -+ */ -+ this_cpu_add(net_rand_state.s1, rol32(jiffies, 24) + user_tick); - } - - /** ---- a/lib/random32.c -+++ b/lib/random32.c -@@ -48,7 +48,7 @@ static inline void prandom_state_selftes - } - #endif - --static DEFINE_PER_CPU(struct rnd_state, net_rand_state) __latent_entropy; -+DEFINE_PER_CPU(struct rnd_state, net_rand_state) __latent_entropy; - - /** - * prandom_u32_state - seeded pseudo-random number generator. diff --git a/queue-5.4/series b/queue-5.4/series index ba09117eccf..cc654e3554d 100644 --- a/queue-5.4/series +++ b/queue-5.4/series @@ -19,15 +19,11 @@ arm-dts-imx6sx-sabreauto-fix-the-phy-mode-on-fec2.patch arm-dts-imx6sx-sdb-fix-the-phy-mode-on-fec2.patch arm-dts-imx6qdl-icore-fix-otg_id-pin-and-sdcard-detect.patch virtio_balloon-fix-up-endian-ness-for-free-cmd-id.patch -random32-update-the-net-random-state-on-interrupt-and-activity.patch -arm-percpu.h-fix-build-error.patch revert-drm-amdgpu-fix-null-dereference-in-dpm-sysfs-handlers.patch drm-amd-display-clear-dm_state-for-fast-updates.patch drm-amdgpu-prevent-kernel-infoleak-in-amdgpu_info_ioctl.patch drm-dbi-fix-spi-type-1-9-bit-transfer.patch drm-hold-gem-reference-until-object-is-no-longer-accessed.patch -random-fix-circular-include-dependency-on-arm64-after-addition-of-percpu.h.patch -random32-remove-net_rand_state-from-the-latent-entropy-gcc-plugin.patch rds-prevent-kernel-infoleak-in-rds_notify_queue_get.patch libtraceevent-fix-build-with-binutils-2.35.patch net-x25-fix-x25_neigh-refcnt-leak-when-x25-disconnect.patch @@ -88,4 +84,3 @@ x86-i8259-use-printk_deferred-to-prevent-deadlock.patch perf-tests-bp_account-make-global-variable-static.patch perf-env-do-not-return-pointers-to-local-variables.patch perf-bench-share-some-global-variables-to-fix-build-with-gcc-10.patch -random32-move-the-pseudo-random-32-bit-definitions-to-prandom.h.patch diff --git a/queue-5.7/arm-percpu.h-fix-build-error.patch b/queue-5.7/arm-percpu.h-fix-build-error.patch deleted file mode 100644 index ee5f3493df7..00000000000 --- a/queue-5.7/arm-percpu.h-fix-build-error.patch +++ /dev/null @@ -1,46 +0,0 @@ -From aa54ea903abb02303bf55855fb51e3fcee135d70 Mon Sep 17 00:00:00 2001 -From: Grygorii Strashko -Date: Thu, 30 Jul 2020 22:05:01 +0300 -Subject: ARM: percpu.h: fix build error -MIME-Version: 1.0 -Content-Type: text/plain; charset=UTF-8 -Content-Transfer-Encoding: 8bit - -From: Grygorii Strashko - -commit aa54ea903abb02303bf55855fb51e3fcee135d70 upstream. - -Fix build error for the case: - defined(CONFIG_SMP) && !defined(CONFIG_CPU_V6) - -config: keystone_defconfig - - CC arch/arm/kernel/signal.o - In file included from ../include/linux/random.h:14, - from ../arch/arm/kernel/signal.c:8: - ../arch/arm/include/asm/percpu.h: In function ‘__my_cpu_offset’: - ../arch/arm/include/asm/percpu.h:29:34: error: ‘current_stack_pointer’ undeclared (first use in this function); did you mean ‘user_stack_pointer’? - : "Q" (*(const unsigned long *)current_stack_pointer)); - ^~~~~~~~~~~~~~~~~~~~~ - user_stack_pointer - -Fixes: f227e3ec3b5c ("random32: update the net random state on interrupt and activity") -Signed-off-by: Grygorii Strashko -Signed-off-by: Linus Torvalds -Signed-off-by: Greg Kroah-Hartman - ---- - arch/arm/include/asm/percpu.h | 2 ++ - 1 file changed, 2 insertions(+) - ---- a/arch/arm/include/asm/percpu.h -+++ b/arch/arm/include/asm/percpu.h -@@ -5,6 +5,8 @@ - #ifndef _ASM_ARM_PERCPU_H_ - #define _ASM_ARM_PERCPU_H_ - -+#include -+ - /* - * Same as asm-generic/percpu.h, except that we store the per cpu offset - * in the TPIDRPRW. TPIDRPRW only exists on V6K and V7 diff --git a/queue-5.7/random-fix-circular-include-dependency-on-arm64-after-addition-of-percpu.h.patch b/queue-5.7/random-fix-circular-include-dependency-on-arm64-after-addition-of-percpu.h.patch deleted file mode 100644 index 7a9cbef1a7b..00000000000 --- a/queue-5.7/random-fix-circular-include-dependency-on-arm64-after-addition-of-percpu.h.patch +++ /dev/null @@ -1,58 +0,0 @@ -From 1c9df907da83812e4f33b59d3d142c864d9da57f Mon Sep 17 00:00:00 2001 -From: Willy Tarreau -Date: Thu, 30 Jul 2020 07:59:24 +0200 -Subject: random: fix circular include dependency on arm64 after addition of percpu.h -MIME-Version: 1.0 -Content-Type: text/plain; charset=UTF-8 -Content-Transfer-Encoding: 8bit - -From: Willy Tarreau - -commit 1c9df907da83812e4f33b59d3d142c864d9da57f upstream. - -Daniel Díaz and Kees Cook independently reported that commit -f227e3ec3b5c ("random32: update the net random state on interrupt and -activity") broke arm64 due to a circular dependency on include files -since the addition of percpu.h in random.h. - -The correct fix would definitely be to move all the prandom32 stuff out -of random.h but for backporting, a smaller solution is preferred. - -This one replaces linux/percpu.h with asm/percpu.h, and this fixes the -problem on x86_64, arm64, arm, and mips. Note that moving percpu.h -around didn't change anything and that removing it entirely broke -differently. When backporting, such options might still be considered -if this patch fails to help. - -[ It turns out that an alternate fix seems to be to just remove the - troublesome remove from the arm64 - that causes the circular dependency. - - But we might as well do the whole belt-and-suspenders thing, and - minimize inclusion in too. Either will fix the - problem, and both are good changes. - Linus ] - -Reported-by: Daniel Díaz -Reported-by: Kees Cook -Tested-by: Marc Zyngier -Fixes: f227e3ec3b5c -Cc: Stephen Rothwell -Signed-off-by: Willy Tarreau -Signed-off-by: Linus Torvalds -Signed-off-by: Greg Kroah-Hartman - ---- - include/linux/random.h | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - ---- a/include/linux/random.h -+++ b/include/linux/random.h -@@ -11,7 +11,7 @@ - #include - #include - #include --#include -+#include - - #include - diff --git a/queue-5.7/random32-move-the-pseudo-random-32-bit-definitions-to-prandom.h.patch b/queue-5.7/random32-move-the-pseudo-random-32-bit-definitions-to-prandom.h.patch deleted file mode 100644 index 358e8031b53..00000000000 --- a/queue-5.7/random32-move-the-pseudo-random-32-bit-definitions-to-prandom.h.patch +++ /dev/null @@ -1,213 +0,0 @@ -From c0842fbc1b18c7a044e6ff3e8fa78bfa822c7d1a Mon Sep 17 00:00:00 2001 -From: Linus Torvalds -Date: Fri, 31 Jul 2020 07:51:14 +0200 -Subject: random32: move the pseudo-random 32-bit definitions to prandom.h - -From: Linus Torvalds - -commit c0842fbc1b18c7a044e6ff3e8fa78bfa822c7d1a upstream. - -The addition of percpu.h to the list of includes in random.h revealed -some circular dependencies on arm64 and possibly other platforms. This -include was added solely for the pseudo-random definitions, which have -nothing to do with the rest of the definitions in this file but are -still there for legacy reasons. - -This patch moves the pseudo-random parts to linux/prandom.h and the -percpu.h include with it, which is now guarded by _LINUX_PRANDOM_H and -protected against recursive inclusion. - -A further cleanup step would be to remove this from -entirely, and make people who use the prandom infrastructure include -just the new header file. That's a bit of a churn patch, but grepping -for "prandom_" and "next_pseudo_random32" "struct rnd_state" should -catch most users. - -But it turns out that that nice cleanup step is fairly painful, because -a _lot_ of code currently seems to depend on the implicit include of -, which can currently come in a lot of ways, including -such fairly core headfers as . - -So the "nice cleanup" part may or may never happen. - -Fixes: 1c9df907da83 ("random: fix circular include dependency on arm64 after addition of percpu.h") -Tested-by: Guenter Roeck -Acked-by: Willy Tarreau -Signed-off-by: Linus Torvalds -Signed-off-by: Greg Kroah-Hartman - ---- - include/linux/prandom.h | 78 ++++++++++++++++++++++++++++++++++++++++++++++++ - include/linux/random.h | 66 ++-------------------------------------- - 2 files changed, 82 insertions(+), 62 deletions(-) - ---- /dev/null -+++ b/include/linux/prandom.h -@@ -0,0 +1,78 @@ -+/* SPDX-License-Identifier: GPL-2.0 */ -+/* -+ * include/linux/prandom.h -+ * -+ * Include file for the fast pseudo-random 32-bit -+ * generation. -+ */ -+#ifndef _LINUX_PRANDOM_H -+#define _LINUX_PRANDOM_H -+ -+#include -+#include -+ -+u32 prandom_u32(void); -+void prandom_bytes(void *buf, size_t nbytes); -+void prandom_seed(u32 seed); -+void prandom_reseed_late(void); -+ -+struct rnd_state { -+ __u32 s1, s2, s3, s4; -+}; -+ -+DECLARE_PER_CPU(struct rnd_state, net_rand_state); -+ -+u32 prandom_u32_state(struct rnd_state *state); -+void prandom_bytes_state(struct rnd_state *state, void *buf, size_t nbytes); -+void prandom_seed_full_state(struct rnd_state __percpu *pcpu_state); -+ -+#define prandom_init_once(pcpu_state) \ -+ DO_ONCE(prandom_seed_full_state, (pcpu_state)) -+ -+/** -+ * prandom_u32_max - returns a pseudo-random number in interval [0, ep_ro) -+ * @ep_ro: right open interval endpoint -+ * -+ * Returns a pseudo-random number that is in interval [0, ep_ro). Note -+ * that the result depends on PRNG being well distributed in [0, ~0U] -+ * u32 space. Here we use maximally equidistributed combined Tausworthe -+ * generator, that is, prandom_u32(). This is useful when requesting a -+ * random index of an array containing ep_ro elements, for example. -+ * -+ * Returns: pseudo-random number in interval [0, ep_ro) -+ */ -+static inline u32 prandom_u32_max(u32 ep_ro) -+{ -+ return (u32)(((u64) prandom_u32() * ep_ro) >> 32); -+} -+ -+/* -+ * Handle minimum values for seeds -+ */ -+static inline u32 __seed(u32 x, u32 m) -+{ -+ return (x < m) ? x + m : x; -+} -+ -+/** -+ * prandom_seed_state - set seed for prandom_u32_state(). -+ * @state: pointer to state structure to receive the seed. -+ * @seed: arbitrary 64-bit value to use as a seed. -+ */ -+static inline void prandom_seed_state(struct rnd_state *state, u64 seed) -+{ -+ u32 i = (seed >> 32) ^ (seed << 10) ^ seed; -+ -+ state->s1 = __seed(i, 2U); -+ state->s2 = __seed(i, 8U); -+ state->s3 = __seed(i, 16U); -+ state->s4 = __seed(i, 128U); -+} -+ -+/* Pseudo random number generator from numerical recipes. */ -+static inline u32 next_pseudo_random32(u32 seed) -+{ -+ return seed * 1664525 + 1013904223; -+} -+ -+#endif ---- a/include/linux/random.h -+++ b/include/linux/random.h -@@ -11,7 +11,6 @@ - #include - #include - #include --#include - - #include - -@@ -111,63 +110,12 @@ declare_get_random_var_wait(long) - - unsigned long randomize_page(unsigned long start, unsigned long range); - --u32 prandom_u32(void); --void prandom_bytes(void *buf, size_t nbytes); --void prandom_seed(u32 seed); --void prandom_reseed_late(void); -- --struct rnd_state { -- __u32 s1, s2, s3, s4; --}; -- --DECLARE_PER_CPU(struct rnd_state, net_rand_state); -- --u32 prandom_u32_state(struct rnd_state *state); --void prandom_bytes_state(struct rnd_state *state, void *buf, size_t nbytes); --void prandom_seed_full_state(struct rnd_state __percpu *pcpu_state); -- --#define prandom_init_once(pcpu_state) \ -- DO_ONCE(prandom_seed_full_state, (pcpu_state)) -- --/** -- * prandom_u32_max - returns a pseudo-random number in interval [0, ep_ro) -- * @ep_ro: right open interval endpoint -- * -- * Returns a pseudo-random number that is in interval [0, ep_ro). Note -- * that the result depends on PRNG being well distributed in [0, ~0U] -- * u32 space. Here we use maximally equidistributed combined Tausworthe -- * generator, that is, prandom_u32(). This is useful when requesting a -- * random index of an array containing ep_ro elements, for example. -- * -- * Returns: pseudo-random number in interval [0, ep_ro) -- */ --static inline u32 prandom_u32_max(u32 ep_ro) --{ -- return (u32)(((u64) prandom_u32() * ep_ro) >> 32); --} -- - /* -- * Handle minimum values for seeds -- */ --static inline u32 __seed(u32 x, u32 m) --{ -- return (x < m) ? x + m : x; --} -- --/** -- * prandom_seed_state - set seed for prandom_u32_state(). -- * @state: pointer to state structure to receive the seed. -- * @seed: arbitrary 64-bit value to use as a seed. -+ * This is designed to be standalone for just prandom -+ * users, but for now we include it from -+ * for legacy reasons. - */ --static inline void prandom_seed_state(struct rnd_state *state, u64 seed) --{ -- u32 i = (seed >> 32) ^ (seed << 10) ^ seed; -- -- state->s1 = __seed(i, 2U); -- state->s2 = __seed(i, 8U); -- state->s3 = __seed(i, 16U); -- state->s4 = __seed(i, 128U); --} -+#include - - #ifdef CONFIG_ARCH_RANDOM - # include -@@ -210,10 +158,4 @@ static inline bool __init arch_get_rando - } - #endif - --/* Pseudo random number generator from numerical recipes. */ --static inline u32 next_pseudo_random32(u32 seed) --{ -- return seed * 1664525 + 1013904223; --} -- - #endif /* _LINUX_RANDOM_H */ diff --git a/queue-5.7/random32-remove-net_rand_state-from-the-latent-entropy-gcc-plugin.patch b/queue-5.7/random32-remove-net_rand_state-from-the-latent-entropy-gcc-plugin.patch deleted file mode 100644 index f1db07b7201..00000000000 --- a/queue-5.7/random32-remove-net_rand_state-from-the-latent-entropy-gcc-plugin.patch +++ /dev/null @@ -1,52 +0,0 @@ -From 83bdc7275e6206f560d247be856bceba3e1ed8f2 Mon Sep 17 00:00:00 2001 -From: Linus Torvalds -Date: Wed, 29 Jul 2020 19:11:00 -0700 -Subject: random32: remove net_rand_state from the latent entropy gcc plugin - -From: Linus Torvalds - -commit 83bdc7275e6206f560d247be856bceba3e1ed8f2 upstream. - -It turns out that the plugin right now ends up being really unhappy -about the change from 'static' to 'extern' storage that happened in -commit f227e3ec3b5c ("random32: update the net random state on interrupt -and activity"). - -This is probably a trivial fix for the latent_entropy plugin, but for -now, just remove net_rand_state from the list of things the plugin -worries about. - -Reported-by: Stephen Rothwell -Cc: Emese Revfy -Cc: Kees Cook -Cc: Willy Tarreau -Signed-off-by: Linus Torvalds -Signed-off-by: Greg Kroah-Hartman - ---- - include/linux/random.h | 2 +- - lib/random32.c | 2 +- - 2 files changed, 2 insertions(+), 2 deletions(-) - ---- a/include/linux/random.h -+++ b/include/linux/random.h -@@ -120,7 +120,7 @@ struct rnd_state { - __u32 s1, s2, s3, s4; - }; - --DECLARE_PER_CPU(struct rnd_state, net_rand_state) __latent_entropy; -+DECLARE_PER_CPU(struct rnd_state, net_rand_state); - - u32 prandom_u32_state(struct rnd_state *state); - void prandom_bytes_state(struct rnd_state *state, void *buf, size_t nbytes); ---- a/lib/random32.c -+++ b/lib/random32.c -@@ -48,7 +48,7 @@ static inline void prandom_state_selftes - } - #endif - --DEFINE_PER_CPU(struct rnd_state, net_rand_state) __latent_entropy; -+DEFINE_PER_CPU(struct rnd_state, net_rand_state); - - /** - * prandom_u32_state - seeded pseudo-random number generator. diff --git a/queue-5.7/random32-update-the-net-random-state-on-interrupt-and-activity.patch b/queue-5.7/random32-update-the-net-random-state-on-interrupt-and-activity.patch deleted file mode 100644 index e929c9976e5..00000000000 --- a/queue-5.7/random32-update-the-net-random-state-on-interrupt-and-activity.patch +++ /dev/null @@ -1,109 +0,0 @@ -From f227e3ec3b5cad859ad15666874405e8c1bbc1d4 Mon Sep 17 00:00:00 2001 -From: Willy Tarreau -Date: Fri, 10 Jul 2020 15:23:19 +0200 -Subject: random32: update the net random state on interrupt and activity - -From: Willy Tarreau - -commit f227e3ec3b5cad859ad15666874405e8c1bbc1d4 upstream. - -This modifies the first 32 bits out of the 128 bits of a random CPU's -net_rand_state on interrupt or CPU activity to complicate remote -observations that could lead to guessing the network RNG's internal -state. - -Note that depending on some network devices' interrupt rate moderation -or binding, this re-seeding might happen on every packet or even almost -never. - -In addition, with NOHZ some CPUs might not even get timer interrupts, -leaving their local state rarely updated, while they are running -networked processes making use of the random state. For this reason, we -also perform this update in update_process_times() in order to at least -update the state when there is user or system activity, since it's the -only case we care about. - -Reported-by: Amit Klein -Suggested-by: Linus Torvalds -Cc: Eric Dumazet -Cc: "Jason A. Donenfeld" -Cc: Andy Lutomirski -Cc: Kees Cook -Cc: Thomas Gleixner -Cc: Peter Zijlstra -Cc: -Signed-off-by: Willy Tarreau -Signed-off-by: Linus Torvalds -Signed-off-by: Greg Kroah-Hartman - ---- - drivers/char/random.c | 1 + - include/linux/random.h | 3 +++ - kernel/time/timer.c | 8 ++++++++ - lib/random32.c | 2 +- - 4 files changed, 13 insertions(+), 1 deletion(-) - ---- a/drivers/char/random.c -+++ b/drivers/char/random.c -@@ -1277,6 +1277,7 @@ void add_interrupt_randomness(int irq, i - - fast_mix(fast_pool); - add_interrupt_bench(cycles); -+ this_cpu_add(net_rand_state.s1, fast_pool->pool[cycles & 3]); - - if (unlikely(crng_init == 0)) { - if ((fast_pool->count >= 64) && ---- a/include/linux/random.h -+++ b/include/linux/random.h -@@ -11,6 +11,7 @@ - #include - #include - #include -+#include - - #include - -@@ -119,6 +120,8 @@ struct rnd_state { - __u32 s1, s2, s3, s4; - }; - -+DECLARE_PER_CPU(struct rnd_state, net_rand_state) __latent_entropy; -+ - u32 prandom_u32_state(struct rnd_state *state); - void prandom_bytes_state(struct rnd_state *state, void *buf, size_t nbytes); - void prandom_seed_full_state(struct rnd_state __percpu *pcpu_state); ---- a/kernel/time/timer.c -+++ b/kernel/time/timer.c -@@ -43,6 +43,7 @@ - #include - #include - #include -+#include - - #include - #include -@@ -1743,6 +1744,13 @@ void update_process_times(int user_tick) - scheduler_tick(); - if (IS_ENABLED(CONFIG_POSIX_TIMERS)) - run_posix_cpu_timers(); -+ -+ /* The current CPU might make use of net randoms without receiving IRQs -+ * to renew them often enough. Let's update the net_rand_state from a -+ * non-constant value that's not affine to the number of calls to make -+ * sure it's updated when there's some activity (we don't care in idle). -+ */ -+ this_cpu_add(net_rand_state.s1, rol32(jiffies, 24) + user_tick); - } - - /** ---- a/lib/random32.c -+++ b/lib/random32.c -@@ -48,7 +48,7 @@ static inline void prandom_state_selftes - } - #endif - --static DEFINE_PER_CPU(struct rnd_state, net_rand_state) __latent_entropy; -+DEFINE_PER_CPU(struct rnd_state, net_rand_state) __latent_entropy; - - /** - * prandom_u32_state - seeded pseudo-random number generator. diff --git a/queue-5.7/series b/queue-5.7/series index f6cc1dbd8cc..528bbcabd37 100644 --- a/queue-5.7/series +++ b/queue-5.7/series @@ -18,8 +18,6 @@ arm-dts-imx6sx-sabreauto-fix-the-phy-mode-on-fec2.patch arm-dts-imx6sx-sdb-fix-the-phy-mode-on-fec2.patch arm-dts-imx6qdl-icore-fix-otg_id-pin-and-sdcard-detect.patch virtio_balloon-fix-up-endian-ness-for-free-cmd-id.patch -random32-update-the-net-random-state-on-interrupt-and-activity.patch -arm-percpu.h-fix-build-error.patch revert-drm-amdgpu-fix-null-dereference-in-dpm-sysfs-handlers.patch drm-amd-display-clear-dm_state-for-fast-updates.patch drm-amdgpu-prevent-kernel-infoleak-in-amdgpu_info_ioctl.patch @@ -27,8 +25,6 @@ drm-dbi-fix-spi-type-1-9-bit-transfer.patch drm-mcde-fix-stability-issue.patch drm-hold-gem-reference-until-object-is-no-longer-accessed.patch drm-of-fix-double-free-bug.patch -random-fix-circular-include-dependency-on-arm64-after-addition-of-percpu.h.patch -random32-remove-net_rand_state-from-the-latent-entropy-gcc-plugin.patch rds-prevent-kernel-infoleak-in-rds_notify_queue_get.patch libtraceevent-fix-build-with-binutils-2.35.patch net-x25-fix-x25_neigh-refcnt-leak-when-x25-disconnect.patch @@ -118,4 +114,3 @@ kvm-arm64-don-t-inherit-exec-permission-across-page-table-levels.patch kvm-lapic-prevent-setting-the-tscdeadline-timer-if-the-lapic-is-hw-disabled.patch kvm-svm-fix-disable-pause-loop-exit-pause-filtering-capability-on-svm.patch x86-i8259-use-printk_deferred-to-prevent-deadlock.patch -random32-move-the-pseudo-random-32-bit-definitions-to-prandom.h.patch -- 2.47.3