lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-Id: <20220620124531.78075-1-Jason@zx2c4.com>
Date:   Mon, 20 Jun 2022 14:45:31 +0200
From:   "Jason A. Donenfeld" <Jason@...c4.com>
To:     Michael Ellerman <mpe@...erman.id.au>,
        linuxppc-dev@...ts.ozlabs.org, LKML <linux-kernel@...r.kernel.org>,
        stable <stable@...r.kernel.org>,
        Christophe Leroy <christophe.leroy@...roup.eu>
Cc:     "Jason A. Donenfeld" <Jason@...c4.com>
Subject: [PATCH v4] powerpc/powernv: wire up rng during setup_arch

The platform's RNG must be available before random_init() in order to be
useful for initial seeding, which in turn means that it needs to be
called from setup_arch(), rather than from an init call. Fortunately,
each platform already has a setup_arch function pointer, which means we
can wire it up that way. Complicating things, however, is that POWER8
systems need some per-cpu state and kmalloc, which isn't available at
this stage. So we split things into an early phase and a late phase,
with the early phase working well enough to seed the RNG with a
spinlock, before later getting fast per-cpu allocations. This commit
also removes some noisy log messages that don't add much.

Cc: stable@...r.kernel.org
Cc: Michael Ellerman <mpe@...erman.id.au>
Reviewed-by: Christophe Leroy <christophe.leroy@...roup.eu>
Fixes: a4da0d50b2a0 ("powerpc: Implement arch_get_random_long/int() for powernv")
Signed-off-by: Jason A. Donenfeld <Jason@...c4.com>
---
 arch/powerpc/platforms/powernv/powernv.h |  2 +
 arch/powerpc/platforms/powernv/rng.c     | 68 ++++++++++++++++++------
 arch/powerpc/platforms/powernv/setup.c   |  2 +
 3 files changed, 55 insertions(+), 17 deletions(-)

diff --git a/arch/powerpc/platforms/powernv/powernv.h b/arch/powerpc/platforms/powernv/powernv.h
index e297bf4abfcb..fd3f5e1eb10b 100644
--- a/arch/powerpc/platforms/powernv/powernv.h
+++ b/arch/powerpc/platforms/powernv/powernv.h
@@ -42,4 +42,6 @@ ssize_t memcons_copy(struct memcons *mc, char *to, loff_t pos, size_t count);
 u32 __init memcons_get_size(struct memcons *mc);
 struct memcons *__init memcons_init(struct device_node *node, const char *mc_prop_name);
 
+void powernv_rng_init(void);
+
 #endif /* _POWERNV_H */
diff --git a/arch/powerpc/platforms/powernv/rng.c b/arch/powerpc/platforms/powernv/rng.c
index e3d44b36ae98..c1beced9c32c 100644
--- a/arch/powerpc/platforms/powernv/rng.c
+++ b/arch/powerpc/platforms/powernv/rng.c
@@ -17,6 +17,7 @@
 #include <asm/prom.h>
 #include <asm/machdep.h>
 #include <asm/smp.h>
+#include "powernv.h"
 
 #define DARN_ERR 0xFFFFFFFFFFFFFFFFul
 
@@ -28,6 +29,12 @@ struct powernv_rng {
 
 static DEFINE_PER_CPU(struct powernv_rng *, powernv_rng);
 
+static struct {
+	struct powernv_rng rng;
+	spinlock_t lock;
+} early_state __initdata = {
+	.lock = __SPIN_LOCK_UNLOCKED(powernv_early_rng)
+};
 
 int powernv_hwrng_present(void)
 {
@@ -84,7 +91,7 @@ static int powernv_get_random_darn(unsigned long *v)
 	return 1;
 }
 
-static int __init initialise_darn(void)
+static int __init initialize_darn(void)
 {
 	unsigned long val;
 	int i;
@@ -98,10 +105,18 @@ static int __init initialise_darn(void)
 			return 0;
 		}
 	}
+	return -EIO;
+}
 
-	pr_warn("Unable to use DARN for get_random_seed()\n");
+static int __init powernv_get_random_long_early(unsigned long *v)
+{
+	unsigned long flags;
 
-	return -EIO;
+	spin_lock_irqsave(&early_state.lock, flags);
+	*v = rng_whiten(&early_state.rng, in_be64(early_state.rng.regs));
+	spin_unlock_irqrestore(&early_state.lock, flags);
+
+	return 1;
 }
 
 int powernv_get_random_long(unsigned long *v)
@@ -163,32 +178,51 @@ static __init int rng_create(struct device_node *dn)
 
 	rng_init_per_cpu(rng, dn);
 
-	pr_info_once("Registering arch random hook.\n");
-
 	ppc_md.get_random_seed = powernv_get_random_long;
 
 	return 0;
 }
 
-static __init int rng_init(void)
+void __init powernv_rng_init(void)
+{
+	struct device_node *dn;
+	struct resource res;
+
+	/* Prefer darn over the rest. */
+	if (!initialize_darn())
+		return;
+
+	dn = of_find_compatible_node(NULL, NULL, "ibm,power-rng");
+	if (!dn)
+		return;
+	if (of_address_to_resource(dn, 0, &res))
+		return;
+	early_state.rng.regs_real = (void __iomem *)res.start;
+	early_state.rng.regs = of_iomap(dn, 0);
+	if (!early_state.rng.regs)
+		return;
+	early_state.rng.mask = in_be64(early_state.rng.regs);
+	ppc_md.get_random_seed = powernv_get_random_long_early;
+}
+
+static __init int powernv_rng_late_init(void)
 {
 	struct device_node *dn;
-	int rc;
+
+	/*
+	 * If this didn't get initialized early on, then we're using darn,
+	 * or this isn't available at all, so return early.
+	 */
+	if (ppc_md.get_random_seed != powernv_get_random_long_early)
+		return 0;
+	ppc_md.get_random_seed = NULL;
 
 	for_each_compatible_node(dn, NULL, "ibm,power-rng") {
-		rc = rng_create(dn);
-		if (rc) {
-			pr_err("Failed creating rng for %pOF (%d).\n",
-				dn, rc);
+		if (rng_create(dn))
 			continue;
-		}
-
 		/* Create devices for hwrng driver */
 		of_platform_device_create(dn, NULL, NULL);
 	}
-
-	initialise_darn();
-
 	return 0;
 }
-machine_subsys_initcall(powernv, rng_init);
+machine_subsys_initcall(powernv, powernv_rng_late_init);
diff --git a/arch/powerpc/platforms/powernv/setup.c b/arch/powerpc/platforms/powernv/setup.c
index 824c3ad7a0fa..a5fcb6796b22 100644
--- a/arch/powerpc/platforms/powernv/setup.c
+++ b/arch/powerpc/platforms/powernv/setup.c
@@ -203,6 +203,8 @@ static void __init pnv_setup_arch(void)
 	pnv_check_guarded_cores();
 
 	/* XXX PMCS */
+
+	powernv_rng_init();
 }
 
 static void __init pnv_init(void)
-- 
2.35.1

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ