| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Mon, 11 Aug 2014 15:56:11 +0200
From: Torsten Duwe <duwe@....de>
To: Ingo Tuchscherer <ingo.tuchscherer@...ibm.com>
Cc: linux-kernel@...r.kernel.org, Theodore Ts'o <tytso@....edu>,
Martin Schwidefsky <schwidefsky@...ibm.com>,
Gerald Schaefer <gerald.schaefer@...ibm.com>,
Heiko Carstens <heicars2@...ux.vnet.ibm.com>,
Hendrik Brueckner <brueckner@...ibm.com>,
Matt Mackall <mpm@...enic.com>,
Herbert Xu <herbert@...dor.apana.org.au>,
Harald Freudenberger <freude@...ibm.com>,
Ingo Tuchscherer <ingo.tuchscherer@...ux.vnet.ibm.com>
Subject: Re: [PATCH] s390/zcrypt: enable s390 hwrng to seed kernel entropy
On Wed, Jul 30, 2014 at 02:17:36PM +0200, Ingo Tuchscherer wrote:
> Set the 'quality' property in the zcrypt rng device structure to enable the
> zcrypt hwrng device to take part in the kernel entropy seeding process.
> A module parameter named hwrng_seed will be introduced to disable the
> participation. By default this parameter is set to 1 (enabled).
I only had a one-liner that simply enabled it. I guess the extra switch
is for certification scenarios? Anyway,
Acked-by: Torsten Duwe <duwe@...e.de>
>
> Signed-off-by: Ingo Tuchscherer <ingo.tuchscherer@...ibm.com>
> ---
> drivers/s390/crypto/ap_bus.c | 5 +++++
> drivers/s390/crypto/ap_bus.h | 1 +
> drivers/s390/crypto/zcrypt_api.c | 3 +++
> 3 files changed, 9 insertions(+)
>
> diff --git a/drivers/s390/crypto/ap_bus.c b/drivers/s390/crypto/ap_bus.c
> index 4038437..19fac5f 100644
> --- a/drivers/s390/crypto/ap_bus.c
> +++ b/drivers/s390/crypto/ap_bus.c
> @@ -85,6 +85,11 @@ static int ap_thread_flag = 0;
> module_param_named(poll_thread, ap_thread_flag, int, S_IRUSR|S_IRGRP);
> MODULE_PARM_DESC(poll_thread, "Turn on/off poll thread, default is 0 (off).");
>
> +int ap_hwrng_seed = 1;
> +EXPORT_SYMBOL(ap_hwrng_seed);
> +module_param_named(hwrng_seed, ap_hwrng_seed, int, S_IRUSR|S_IRGRP);
> +MODULE_PARM_DESC(hwrng_seed, "Turn on/off hwrng auto seed, default is 1 (on).");
> +
> static struct device *ap_root_device = NULL;
> static struct ap_config_info *ap_configuration;
> static DEFINE_SPINLOCK(ap_device_list_lock);
> diff --git a/drivers/s390/crypto/ap_bus.h b/drivers/s390/crypto/ap_bus.h
> index 6405ae2..b0be09a 100644
> --- a/drivers/s390/crypto/ap_bus.h
> +++ b/drivers/s390/crypto/ap_bus.h
> @@ -38,6 +38,7 @@
> #define AP_POLL_TIME 1 /* Time in ticks between receive polls. */
>
> extern int ap_domain_index;
> +extern int ap_hwrng_seed;
>
> /**
> * The ap_qid_t identifier of an ap queue. It contains a
> diff --git a/drivers/s390/crypto/zcrypt_api.c b/drivers/s390/crypto/zcrypt_api.c
> index 0e18c5d..ed91665 100644
> --- a/drivers/s390/crypto/zcrypt_api.c
> +++ b/drivers/s390/crypto/zcrypt_api.c
> @@ -1374,6 +1374,7 @@ static int zcrypt_rng_data_read(struct hwrng *rng, u32 *data)
> static struct hwrng zcrypt_rng_dev = {
> .name = "zcrypt",
> .data_read = zcrypt_rng_data_read,
> + .quality = 990,
> };
>
> static int zcrypt_rng_device_add(void)
> @@ -1388,6 +1389,8 @@ static int zcrypt_rng_device_add(void)
> goto out;
> }
> zcrypt_rng_buffer_index = 0;
> + if (!ap_hwrng_seed)
> + zcrypt_rng_dev.quality = 0;
> rc = hwrng_register(&zcrypt_rng_dev);
> if (rc)
> goto out_free;
> --
> 1.8.5.5
>
> --
> To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
> the body of a message to majordomo@...r.kernel.org
> More majordomo info at http://vger.kernel.org/majordomo-info.html
> Please read the FAQ at http://www.tux.org/lkml/
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists