| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Wed, 01 Jun 2022 20:46:43 -0000
From: Clark Williams <williams@...hat.com>
To: LKML <linux-kernel@...r.kernel.org>,
linux-rt-users <linux-rt-users@...r.kernel.org>,
Steven Rostedt <rostedt@...dmis.org>,
Thomas Gleixner <tglx@...utronix.de>,
Carsten Emde <C.Emde@...dl.org>,
John Kacur <jkacur@...hat.com>,
Sebastian Andrzej Siewior <bigeasy@...utronix.de>,
Daniel Wagner <daniel.wagner@...e.com>,
Tom Zanussi <tom.zanussi@...ux.intel.com>,
Clark Williams <williams@...hat.com>,
Pavel Machek <pavel@...x.de>
Subject: [ANNOUNCE] 5.15.44-rt46
Hello RT-list!
I'm pleased to announce the 5.15.44-rt46 stable release.
Note that this is a pretty big update of the /dev/random driver that took a bit
longer to eyeball than a lot of other stable updates. If you are a heavy user
of /dev/random please check your results and let us know if you see problems.
That being said, I do feel confident of the update.
You can get this release via the git tree at:
git://git.kernel.org/pub/scm/linux/kernel/git/rt/linux-stable-rt.git
branch: v5.15-rt
Head SHA1: dd1275d9e897e9d8d76fefa6e08ababe083e2a24
Or to build 5.15.44-rt46 directly, the following patches should be applied:
https://www.kernel.org/pub/linux/kernel/v5.x/linux-5.15.tar.xz
https://www.kernel.org/pub/linux/kernel/v5.x/patch-5.15.44.xz
https://www.kernel.org/pub/linux/kernel/projects/rt/5.15/patch-5.15.44-rt46.patch.xz
Enjoy!
Clark
Changes from v5.15.43-rt45:
---
Basavaraj Natikar (1):
HID: amd_sfh: Add support for sensor discovery
Clark Williams (2):
Merge tag 'v5.15.44' into v5.15-rt
'Linux 5.15.44-rt46'
Dominik Brodowski (7):
random: harmonize "crng init done" messages
random: early initialization of ChaCha constants
random: continually use hwgenerator randomness
random: access primary_pool directly rather than through pointer
random: only call crng_finalize_init() for primary_crng
random: fix locking in crng_fast_load()
random: fix locking for crng_init in crng_reseed()
Edward Matijevic (1):
ALSA: ctxfi: Add SB046x PCI ID
Eric Biggers (1):
random: remove use_input_pool parameter from crng_reseed()
Greg Kroah-Hartman (1):
Linux 5.15.44
Jan Varho (1):
random: do not split fast init input in add_hwgenerator_randomness()
Jann Horn (2):
random: don't reset crng_init_cnt on urandom_read()
random: check for signal_pending() outside of need_resched() check
Jason A. Donenfeld (123):
MAINTAINERS: co-maintain random.c
MAINTAINERS: add git tree for random.c
lib/crypto: blake2s: include as built-in
lib/crypto: blake2s: move hmac construction into wireguard
lib/crypto: sha1: re-roll loops to reduce code size
lib/crypto: blake2s: avoid indirect calls to compression function for Clang CFI
random: use BLAKE2s instead of SHA1 in extraction
random: do not sign extend bytes for rotation when mixing
random: do not re-init if crng_reseed completes before primary init
random: mix bootloader randomness into pool
random: use IS_ENABLED(CONFIG_NUMA) instead of ifdefs
random: avoid superfluous call to RDRAND in CRNG extraction
random: cleanup poolinfo abstraction
random: cleanup integer types
random: remove incomplete last_data logic
random: remove unused extract_entropy() reserved argument
random: rather than entropy_store abstraction, use global
random: remove unused OUTPUT_POOL constants
random: de-duplicate INPUT_POOL constants
random: prepend remaining pool constants with POOL_
random: cleanup fractional entropy shift constants
random: access input_pool_data directly rather than through pointer
random: selectively clang-format where it makes sense
random: simplify arithmetic function flow in account()
random: use computational hash for entropy extraction
random: simplify entropy debiting
random: use linear min-entropy accumulation crediting
random: always wake up entropy writers after extraction
random: make credit_entropy_bits() always safe
random: remove batched entropy locking
random: use RDSEED instead of RDRAND in entropy extraction
random: get rid of secondary crngs
random: inline leaves of rand_initialize()
random: ensure early RDSEED goes through mixer on init
random: do not xor RDRAND when writing into /dev/random
random: absorb fast pool into input pool after fast load
random: use simpler fast key erasure flow on per-cpu keys
random: use hash function for crng_slow_load()
random: make more consistent use of integer types
random: remove outdated INT_MAX >> 6 check in urandom_read()
random: zero buffer after reading entropy from userspace
random: tie batched entropy generation to base_crng generation
random: remove ifdef'd out interrupt bench
random: remove unused tracepoints
random: add proper SPDX header
random: deobfuscate irq u32/u64 contributions
random: introduce drain_entropy() helper to declutter crng_reseed()
random: remove useless header comment
random: remove whitespace and reorder includes
random: group initialization wait functions
random: group crng functions
random: group entropy extraction functions
random: group entropy collection functions
random: group userspace read/write functions
random: group sysctl functions
random: rewrite header introductory comment
random: defer fast pool mixing to worker
random: do not take pool spinlock at boot
random: unify early init crng load accounting
random: check for crng_init == 0 in add_device_randomness()
random: pull add_hwgenerator_randomness() declaration into random.h
random: clear fast pool, crng, and batches in cpuhp bring up
random: round-robin registers as ulong, not u32
random: only wake up writers after zap if threshold was passed
random: cleanup UUID handling
random: unify cycles_t and jiffies usage and types
random: do crng pre-init loading in worker rather than irq
random: give sysctl_random_min_urandom_seed a more sensible value
random: don't let 644 read-only sysctls be written to
random: replace custom notifier chain with standard one
random: use SipHash as interrupt entropy accumulator
random: make consistent usage of crng_ready()
random: reseed more often immediately after booting
random: check for signal and try earlier when generating entropy
random: skip fast_init if hwrng provides large chunk of entropy
random: treat bootloader trust toggle the same way as cpu trust toggle
random: re-add removed comment about get_random_{u32,u64} reseeding
random: mix build-time latent entropy into pool at init
random: do not allow user to keep crng key around on stack
random: check for signals every PAGE_SIZE chunk of /dev/[u]random
random: allow partial reads if later user copies fail
random: make random_get_entropy() return an unsigned long
random: document crng_fast_key_erasure() destination possibility
random: fix sysctl documentation nits
init: call time_init() before rand_initialize()
ia64: define get_cycles macro for arch-override
s390: define get_cycles macro for arch-override
parisc: define get_cycles macro for arch-override
alpha: define get_cycles macro for arch-override
powerpc: define get_cycles macro for arch-override
timekeeping: Add raw clock fallback for random_get_entropy()
m68k: use fallback for random_get_entropy() instead of zero
riscv: use fallback for random_get_entropy() instead of zero
mips: use fallback for random_get_entropy() instead of just c0 random
arm: use fallback for random_get_entropy() instead of zero
nios2: use fallback for random_get_entropy() instead of zero
x86/tsc: Use fallback for random_get_entropy() instead of zero
um: use fallback for random_get_entropy() instead of zero
sparc: use fallback for random_get_entropy() instead of zero
xtensa: use fallback for random_get_entropy() instead of zero
random: insist on random_get_entropy() existing in order to simplify
random: do not use batches when !crng_ready()
random: use first 128 bits of input as fast init
random: do not pretend to handle premature next security model
random: order timer entropy functions below interrupt functions
random: do not use input pool from hard IRQs
random: help compiler out with fast_mix() by using simpler arguments
siphash: use one source of truth for siphash permutations
random: use symbolic constants for crng_init states
random: avoid initializing twice in credit race
random: move initialization out of reseeding hot path
random: remove ratelimiting for in-kernel unseeded randomness
random: use proper jiffies comparison macro
random: handle latent entropy and command line from random_init()
random: credit architectural init the exact amount
random: use static branch for crng_ready()
random: remove extern from functions in header
random: use proper return types on get_random_{int,long}_wait()
random: make consistent use of buf and len
random: move initialization functions out of hot pages
random: move randomize_page() into mm where it belongs
random: unify batched entropy implementations
random: check for signals after page of pool writes
Jens Axboe (3):
random: convert to using fops->read_iter()
random: convert to using fops->write_iter()
random: wire up fops->splice_{read,write}_iter()
Lorenzo Pieralisi (1):
ACPI: sysfs: Fix BERT error region memory mapping
Magnus Karlsson (1):
ice: fix crash at allocation failure
Mark Brown (1):
random: document add_hwgenerator_randomness() with other input functions
Paolo Bonzini (1):
KVM: x86/mmu: fix NULL pointer dereference on guest INVPCID
Schspa Shi (1):
random: fix typo in comments
Sebastian Andrzej Siewior (1):
random: remove unused irq_flags argument from add_interrupt_randomness()
---
Documentation/admin-guide/kernel-parameters.txt | 6 +
Documentation/admin-guide/sysctl/kernel.rst | 22 +-
MAINTAINERS | 2 +
Makefile | 2 +-
arch/alpha/include/asm/timex.h | 1 +
arch/arm/crypto/Makefile | 4 +-
arch/arm/crypto/blake2s-core.S | 8 +-
arch/arm/crypto/blake2s-glue.c | 73 +-
arch/arm/crypto/blake2s-shash.c | 75 +
arch/arm/include/asm/timex.h | 1 +
arch/ia64/include/asm/timex.h | 1 +
arch/m68k/include/asm/timex.h | 2 +-
arch/mips/include/asm/timex.h | 17 +-
arch/nios2/include/asm/timex.h | 3 +
arch/parisc/include/asm/timex.h | 3 +-
arch/powerpc/include/asm/timex.h | 1 +
arch/riscv/include/asm/timex.h | 2 +-
arch/s390/include/asm/timex.h | 1 +
arch/sparc/include/asm/timex_32.h | 4 +-
arch/um/include/asm/timex.h | 9 +-
arch/x86/crypto/Makefile | 4 +-
arch/x86/crypto/blake2s-glue.c | 68 +-
arch/x86/crypto/blake2s-shash.c | 77 +
arch/x86/include/asm/timex.h | 9 +
arch/x86/include/asm/tsc.h | 7 +-
arch/x86/kernel/cpu/mshyperv.c | 3 +-
arch/x86/kvm/mmu/mmu.c | 6 +-
arch/xtensa/include/asm/timex.h | 6 +-
crypto/Kconfig | 3 +-
crypto/blake2s_generic.c | 4 +-
crypto/drbg.c | 17 +-
drivers/acpi/sysfs.c | 25 +-
drivers/char/Kconfig | 3 +-
drivers/char/hw_random/core.c | 1 +
drivers/char/random.c | 3009 +++++++++--------------
drivers/hid/amd-sfh-hid/amd_sfh_client.c | 11 +
drivers/hid/amd-sfh-hid/amd_sfh_pcie.c | 7 +
drivers/hid/amd-sfh-hid/amd_sfh_pcie.h | 4 +
drivers/hv/hyperv_vmbus.h | 1 -
drivers/hv/vmbus_drv.c | 5 +-
drivers/net/Kconfig | 1 -
drivers/net/ethernet/intel/ice/ice_xsk.c | 2 +-
drivers/net/wireguard/noise.c | 45 +-
include/crypto/blake2s.h | 3 -
include/crypto/chacha.h | 15 +-
include/crypto/drbg.h | 2 +-
include/crypto/internal/blake2s.h | 46 +-
include/linux/cpuhotplug.h | 2 +
include/linux/hw_random.h | 2 -
include/linux/irqdesc.h | 1 -
include/linux/mm.h | 1 +
include/linux/prandom.h | 23 +-
include/linux/random.h | 100 +-
include/linux/siphash.h | 28 +
include/linux/timex.h | 10 +-
include/trace/events/random.h | 247 --
init/main.c | 13 +-
kernel/cpu.c | 11 +
kernel/irq/handle.c | 10 +-
kernel/irq/manage.c | 6 -
kernel/time/timekeeping.c | 15 +
lib/Kconfig.debug | 3 +-
lib/crypto/Kconfig | 23 +-
lib/crypto/Makefile | 9 +-
lib/crypto/blake2s-generic.c | 6 +-
lib/crypto/blake2s-selftest.c | 31 -
lib/crypto/blake2s.c | 47 +-
lib/random32.c | 16 +-
lib/sha1.c | 95 +-
lib/siphash.c | 32 +-
lib/vsprintf.c | 10 +-
localversion-rt | 2 +-
mm/util.c | 32 +
sound/pci/ctxfi/ctatc.c | 2 +
sound/pci/ctxfi/cthardware.h | 3 +-
75 files changed, 1684 insertions(+), 2717 deletions(-)
---
Powered by blists - more mailing lists