From 6bb20c152b6bf7dd8ffb248f33c2593fd9aeb318 Mon Sep 17 00:00:00 2001 From: "Jason A. Donenfeld" Date: Sat, 29 Oct 2022 01:42:02 +0200 Subject: [PATCH 1/3] random: do not include from random.h The header is a random.c private detail, not something to be called by other code. As such, don't make it automatically available by way of random.h. Cc: Michael Ellerman Acked-by: Heiko Carstens Reviewed-by: Christophe Leroy Signed-off-by: Jason A. Donenfeld --- arch/powerpc/kernel/setup-common.c | 1 + arch/s390/kernel/setup.c | 1 + drivers/char/hw_random/powernv-rng.c | 1 + drivers/char/hw_random/s390-trng.c | 1 + drivers/char/random.c | 1 + include/linux/random.h | 2 -- 6 files changed, 5 insertions(+), 2 deletions(-) diff --git a/arch/powerpc/kernel/setup-common.c b/arch/powerpc/kernel/setup-common.c index 6d041993a45d..9b10e57040c6 100644 --- a/arch/powerpc/kernel/setup-common.c +++ b/arch/powerpc/kernel/setup-common.c @@ -59,6 +59,7 @@ #include #include #include +#include #include #include #include diff --git a/arch/s390/kernel/setup.c b/arch/s390/kernel/setup.c index 2094f575c532..2b6091349daa 100644 --- a/arch/s390/kernel/setup.c +++ b/arch/s390/kernel/setup.c @@ -52,6 +52,7 @@ #include #include +#include #include #include #include diff --git a/drivers/char/hw_random/powernv-rng.c b/drivers/char/hw_random/powernv-rng.c index 429e956f34e1..47b88de029f2 100644 --- a/drivers/char/hw_random/powernv-rng.c +++ b/drivers/char/hw_random/powernv-rng.c @@ -11,6 +11,7 @@ #include #include #include +#include static int powernv_rng_read(struct hwrng *rng, void *data, size_t max, bool wait) { diff --git a/drivers/char/hw_random/s390-trng.c b/drivers/char/hw_random/s390-trng.c index cffa326ddc8d..d27e32e9bfee 100644 --- a/drivers/char/hw_random/s390-trng.c +++ b/drivers/char/hw_random/s390-trng.c @@ -23,6 +23,7 @@ #include #include #include +#include MODULE_LICENSE("GPL v2"); MODULE_AUTHOR("IBM Corporation"); diff --git a/drivers/char/random.c b/drivers/char/random.c index 5885ed574c6a..ce3ccd172cc8 100644 --- a/drivers/char/random.c +++ b/drivers/char/random.c @@ -56,6 +56,7 @@ #include #include #include +#include #include #include #include diff --git a/include/linux/random.h b/include/linux/random.h index 4a2a1de423cd..b0a940af4fff 100644 --- a/include/linux/random.h +++ b/include/linux/random.h @@ -152,8 +152,6 @@ declare_get_random_var_wait(long, unsigned long) */ #include -#include - #ifdef CONFIG_SMP int random_prepare_cpu(unsigned int cpu); int random_online_cpu(unsigned int cpu); From 41a15855c1ee390a0ae9d0c29d32b451dd30a600 Mon Sep 17 00:00:00 2001 From: Johan Hovold Date: Fri, 16 Dec 2022 10:15:14 +0100 Subject: [PATCH 2/3] efi: random: fix NULL-deref when refreshing seed Do not try to refresh the RNG seed in case the firmware does not support setting variables. This is specifically needed to prevent a NULL-pointer dereference on the Lenovo X13s with some firmware revisions, or more generally, whenever the runtime services have been disabled (e.g. efi=noruntime or with PREEMPT_RT). Fixes: e7b813b32a42 ("efi: random: refresh non-volatile random seed when RNG is initialized") Reported-by: Steev Klimaszewski Reported-by: Bjorn Andersson Tested-by: Steev Klimaszewski Tested-by: Andrew Halaney # sc8280xp-lenovo-thinkpad-x13s Signed-off-by: Johan Hovold Signed-off-by: Jason A. Donenfeld --- drivers/firmware/efi/efi.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/drivers/firmware/efi/efi.c b/drivers/firmware/efi/efi.c index 31a4090c66b3..09716eebe8ac 100644 --- a/drivers/firmware/efi/efi.c +++ b/drivers/firmware/efi/efi.c @@ -429,7 +429,9 @@ static int __init efisubsys_init(void) platform_device_register_simple("efi_secret", 0, NULL, 0); #endif - execute_with_initialized_rng(&refresh_nv_rng_seed_nb); + if (efi_rt_services_supported(EFI_RT_SUPPORTED_SET_VARIABLE)) + execute_with_initialized_rng(&refresh_nv_rng_seed_nb); + return 0; err_remove_group: From 3c202d14a9d73fb63c3dccb18feac5618c21e1c4 Mon Sep 17 00:00:00 2001 From: "Jason A. Donenfeld" Date: Sun, 9 Oct 2022 20:45:07 -0600 Subject: [PATCH 3/3] prandom: remove prandom_u32_max() Convert the final two users of prandom_u32_max() that slipped in during 6.2-rc1 to use get_random_u32_below(). Then, with no more users left, we can finally remove the deprecated function. Signed-off-by: Jason A. Donenfeld --- arch/x86/mm/cpu_entry_area.c | 2 +- include/linux/prandom.h | 6 ------ net/ipv4/tcp_plb.c | 2 +- 3 files changed, 2 insertions(+), 8 deletions(-) diff --git a/arch/x86/mm/cpu_entry_area.c b/arch/x86/mm/cpu_entry_area.c index 8bb1aa6a7aa3..7316a8224259 100644 --- a/arch/x86/mm/cpu_entry_area.c +++ b/arch/x86/mm/cpu_entry_area.c @@ -36,7 +36,7 @@ static __init void init_cea_offsets(void) unsigned int cea; again: - cea = prandom_u32_max(max_cea); + cea = get_random_u32_below(max_cea); for_each_possible_cpu(j) { if (cea_offset(j) == cea) diff --git a/include/linux/prandom.h b/include/linux/prandom.h index c94c02ba065c..f2ed5b72b3d6 100644 --- a/include/linux/prandom.h +++ b/include/linux/prandom.h @@ -24,12 +24,6 @@ void prandom_seed_full_state(struct rnd_state __percpu *pcpu_state); #define prandom_init_once(pcpu_state) \ DO_ONCE(prandom_seed_full_state, (pcpu_state)) -/* Deprecated: use get_random_u32_below() instead. */ -static inline u32 prandom_u32_max(u32 ep_ro) -{ - return get_random_u32_below(ep_ro); -} - /* * Handle minimum values for seeds */ diff --git a/net/ipv4/tcp_plb.c b/net/ipv4/tcp_plb.c index bb1a08fda113..4bcf7eff95e3 100644 --- a/net/ipv4/tcp_plb.c +++ b/net/ipv4/tcp_plb.c @@ -97,7 +97,7 @@ void tcp_plb_update_state_upon_rto(struct sock *sk, struct tcp_plb_state *plb) return; pause = READ_ONCE(net->ipv4.sysctl_tcp_plb_suspend_rto_sec) * HZ; - pause += prandom_u32_max(pause); + pause += get_random_u32_below(pause); plb->pause_until = tcp_jiffies32 + pause; /* Reset PLB state upon RTO, since an RTO causes a sk_rethink_txhash() call