random: use hwgenerator randomness more frequently at early boot
Mix in randomness from hw-rng sources more frequently during early boot, approximately once for every rng reseed. Signed-off-by: Dominik Brodowski <linux@dominikbrodowski.net> Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
This commit is contained in:
Родитель
cd4f24ae94
Коммит
745558f958
|
@ -260,25 +260,23 @@ static void crng_fast_key_erasure(u8 key[CHACHA_KEY_SIZE],
|
|||
}
|
||||
|
||||
/*
|
||||
* Return whether the crng seed is considered to be sufficiently old
|
||||
* that a reseeding is needed. This happens if the last reseeding
|
||||
* was CRNG_RESEED_INTERVAL ago, or during early boot, at an interval
|
||||
* Return the interval until the next reseeding, which is normally
|
||||
* CRNG_RESEED_INTERVAL, but during early boot, it is at an interval
|
||||
* proportional to the uptime.
|
||||
*/
|
||||
static bool crng_has_old_seed(void)
|
||||
static unsigned int crng_reseed_interval(void)
|
||||
{
|
||||
static bool early_boot = true;
|
||||
unsigned long interval = CRNG_RESEED_INTERVAL;
|
||||
|
||||
if (unlikely(READ_ONCE(early_boot))) {
|
||||
time64_t uptime = ktime_get_seconds();
|
||||
if (uptime >= CRNG_RESEED_INTERVAL / HZ * 2)
|
||||
WRITE_ONCE(early_boot, false);
|
||||
else
|
||||
interval = max_t(unsigned int, CRNG_RESEED_START_INTERVAL,
|
||||
(unsigned int)uptime / 2 * HZ);
|
||||
return max_t(unsigned int, CRNG_RESEED_START_INTERVAL,
|
||||
(unsigned int)uptime / 2 * HZ);
|
||||
}
|
||||
return time_is_before_jiffies(READ_ONCE(base_crng.birth) + interval);
|
||||
return CRNG_RESEED_INTERVAL;
|
||||
}
|
||||
|
||||
/*
|
||||
|
@ -320,7 +318,7 @@ static void crng_make_state(u32 chacha_state[CHACHA_STATE_WORDS],
|
|||
* If the base_crng is old enough, we reseed, which in turn bumps the
|
||||
* generation counter that we check below.
|
||||
*/
|
||||
if (unlikely(crng_has_old_seed()))
|
||||
if (unlikely(time_is_before_jiffies(READ_ONCE(base_crng.birth) + crng_reseed_interval())))
|
||||
crng_reseed();
|
||||
|
||||
local_lock_irqsave(&crngs.lock, flags);
|
||||
|
@ -866,11 +864,11 @@ void add_hwgenerator_randomness(const void *buf, size_t len, size_t entropy)
|
|||
credit_init_bits(entropy);
|
||||
|
||||
/*
|
||||
* Throttle writing to once every CRNG_RESEED_INTERVAL, unless
|
||||
* we're not yet initialized.
|
||||
* Throttle writing to once every reseed interval, unless we're not yet
|
||||
* initialized.
|
||||
*/
|
||||
if (!kthread_should_stop() && crng_ready())
|
||||
schedule_timeout_interruptible(CRNG_RESEED_INTERVAL);
|
||||
schedule_timeout_interruptible(crng_reseed_interval());
|
||||
}
|
||||
EXPORT_SYMBOL_GPL(add_hwgenerator_randomness);
|
||||
|
||||
|
|
Загрузка…
Ссылка в новой задаче