git.ipfire.org Git - thirdparty/openwrt.git/blob

   1 From 8405ec8e3c02df8b3720874c3e2169fef4553868 Mon Sep 17 00:00:00 2001
   2 From: =?UTF-8?q?Stephan=20M=C3=BCller?= <smueller@chronox.de>
   3 Date: Sat, 7 Oct 2023 09:10:43 +0200
   4 Subject: [PATCH] crypto: jitter - reuse allocated entropy collector
   5
   6 In case a health test error occurs during runtime, the power-up health
   7 tests are rerun to verify that the noise source is still good and
   8 that the reported health test error was an outlier. For performing this
   9 power-up health test, the already existing entropy collector instance
  10 is used instead of allocating a new one. This change has the following
  11 implications:
  12
  13 * The noise that is collected as part of the newly run health tests is
  14   inserted into the entropy collector and thus stirs the existing
  15   data present in there further. Thus, the entropy collected during
  16   the health test is not wasted. This is also allowed by SP800-90B.
  17
  18 * The power-on health test is not affected by the state of the entropy
  19   collector, because it resets the APT / RCT state. The remainder of
  20   the state is unrelated to the health test as it is only applied to
  21   newly obtained time stamps.
  22
  23 This change also fixes a bug report about an allocation while in an
  24 atomic lock (the lock is taken in jent_kcapi_random, jent_read_entropy
  25 is called and this can call jent_entropy_init).
  26
  27 Fixes: 04597c8dd6c4 ("jitter - add RCT/APT support for different OSRs")
  28 Reported-by: Dan Carpenter <dan.carpenter@linaro.org>
  29 Signed-off-by: Stephan Mueller <smueller@chronox.de>
  30 Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
  31 ---
  32  crypto/jitterentropy-kcapi.c |  2 +-
  33  crypto/jitterentropy.c       | 36 ++++++++++++++++++++++++++----------
  34  crypto/jitterentropy.h       |  2 +-
  35  3 files changed, 28 insertions(+), 12 deletions(-)
  36
  37 --- a/crypto/jitterentropy-kcapi.c
  38 +++ b/crypto/jitterentropy-kcapi.c
  39 @@ -347,7 +347,7 @@ static int __init jent_mod_init(void)
  40
  41         desc->tfm = tfm;
  42         crypto_shash_init(desc);
  43 -       ret = jent_entropy_init(CONFIG_CRYPTO_JITTERENTROPY_OSR, 0, desc);
  44 +       ret = jent_entropy_init(CONFIG_CRYPTO_JITTERENTROPY_OSR, 0, desc, NULL);
  45         shash_desc_zero(desc);
  46         crypto_free_shash(tfm);
  47         if (ret) {
  48 --- a/crypto/jitterentropy.c
  49 +++ b/crypto/jitterentropy.c
  50 @@ -611,8 +611,7 @@ int jent_read_entropy(struct rand_data *
  51                          * Perform startup health tests and return permanent
  52                          * error if it fails.
  53                          */
  54 -                       if (jent_entropy_init(ec->osr, ec->flags,
  55 -                                             ec->hash_state))
  56 +                       if (jent_entropy_init(0, 0, NULL, ec))
  57                                 return -3;
  58
  59                         return -2;
  60 @@ -686,14 +685,30 @@ void jent_entropy_collector_free(struct
  61         jent_zfree(entropy_collector);
  62  }
  63
  64 -int jent_entropy_init(unsigned int osr, unsigned int flags, void *hash_state)
  65 +int jent_entropy_init(unsigned int osr, unsigned int flags, void *hash_state,
  66 +                     struct rand_data *p_ec)
  67  {
  68 -       struct rand_data *ec;
  69 -       int i, time_backwards = 0, ret = 0;
  70 +       /*
  71 +        * If caller provides an allocated ec, reuse it which implies that the
  72 +        * health test entropy data is used to further still the available
  73 +        * entropy pool.
  74 +        */
  75 +       struct rand_data *ec = p_ec;
  76 +       int i, time_backwards = 0, ret = 0, ec_free = 0;
  77
  78 -       ec = jent_entropy_collector_alloc(osr, flags, hash_state);
  79 -       if (!ec)
  80 -               return JENT_EMEM;
  81 +       if (!ec) {
  82 +               ec = jent_entropy_collector_alloc(osr, flags, hash_state);
  83 +               if (!ec)
  84 +                       return JENT_EMEM;
  85 +               ec_free = 1;
  86 +       } else {
  87 +               /* Reset the APT */
  88 +               jent_apt_reset(ec, 0);
  89 +               /* Ensure that a new APT base is obtained */
  90 +               ec->apt_base_set = 0;
  91 +               /* Reset the RCT */
  92 +               ec->rct_count = 0;
  93 +       }
  94
  95         /* We could perform statistical tests here, but the problem is
  96          * that we only have a few loop counts to do testing. These
  97 @@ -783,7 +798,8 @@ int jent_entropy_init(unsigned int osr,
  98         }
  99
 100  out:
 101 -       jent_entropy_collector_free(ec);
 102 +       if (ec_free)
 103 +               jent_entropy_collector_free(ec);
 104
 105         return ret;
 106  }
 107 --- a/crypto/jitterentropy.h
 108 +++ b/crypto/jitterentropy.h
 109 @@ -12,7 +12,7 @@ int jent_read_random_block(void *hash_st
 110
 111  struct rand_data;
 112  extern int jent_entropy_init(unsigned int osr, unsigned int flags,
 113 -                            void *hash_state);
 114 +                            void *hash_state, struct rand_data *p_ec);
 115  extern int jent_read_entropy(struct rand_data *ec, unsigned char *data,
 116                              unsigned int len);
 117