rpms/kernel
7
2
Fork 4
Code Issues Pull Requests Releases Activity

Revert the random patch

Browse Source 
Signed-off-by: Justin M. Forbes <jforbes@fedoraproject.org>
This commit is contained in:
Justin M. Forbes 2022-05-25 16:04:02 -05:00
parent 289bb529b3
commit 912fc4d36a
No known key found for this signature in database
GPG Key ID: B8FA7924A4B1C140
1 changed files with 237 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

237
patch-5.19-redhat.patch
View File

@ -3333,3 +3333,240 @@ index 188b8f782220..dab400de2335 100644
#ifdef CONFIG_PERF_EVENTS
int security_perf_event_open(struct perf_event_attr *attr, int type)
{
From 900f11e054896bae7b0146055698656e3d1e20a6 Mon Sep 17 00:00:00 2001
From: "Justin M. Forbes" <jforbes@fedoraproject.org>
Date: Wed, 25 May 2022 15:55:40 -0500
Subject: [PATCH] Revert random: Add hook to override device reads and
getrandom(2)
The random system upstream is in a period of major rewrite. In the 5.18
merge window, it took a considerable amount of time to message this into
the random.c rewrites. In the 5.19 merge window, rng->extrng_read(buf,
count); does not even compile, with buf and count undefined. As I do
not see the subsequent patch that allows the override with a FIPS rng, I
am just reverting the whole thing, and it can be added back when Herbert
has time or motivation to do so.
Signed-off-by: Justin M. Forbes <jforbes@fedoraproject.org>
---
drivers/char/random.c | 113 -----------------------------------------
include/linux/random.h | 8 ---
2 files changed, 121 deletions(-)
diff --git a/drivers/char/random.c b/drivers/char/random.c
index 5d7a1fdf1edd..b691b9d59503 100644
--- a/drivers/char/random.c
+++ b/drivers/char/random.c
@@ -53,7 +53,6 @@
#include <linux/uaccess.h>
#include <linux/suspend.h>
#include <linux/siphash.h>
-#include <linux/rcupdate.h>
#include <crypto/chacha.h>
#include <crypto/blake2s.h>
#include <asm/processor.h>
@@ -282,11 +281,6 @@ static bool crng_has_old_seed(void)
return time_is_before_jiffies(READ_ONCE(base_crng.birth) + interval);
}
-/*
- * Hook for external RNG.
- */
-static const struct random_extrng __rcu *extrng;
-
/*
* This function returns a ChaCha state that you may use for generating
* random data. It also returns up to 32 bytes on its own of random data
@@ -675,9 +669,6 @@ static void __cold _credit_init_bits(size_t bits)
}
-static const struct file_operations extrng_random_fops;
-static const struct file_operations extrng_urandom_fops;
-
/**********************************************************************
*
* Entropy collection routines.
@@ -882,19 +873,6 @@ void __cold add_bootloader_randomness(const void *buf, size_t len)
}
EXPORT_SYMBOL_GPL(add_bootloader_randomness);
-void random_register_extrng(const struct random_extrng *rng)
-{
- rcu_assign_pointer(extrng, rng);
-}
-EXPORT_SYMBOL_GPL(random_register_extrng);
-
-void random_unregister_extrng(void)
-{
- RCU_INIT_POINTER(extrng, NULL);
- synchronize_rcu();
-}
-EXPORT_SYMBOL_GPL(random_unregister_extrng);
-
#if IS_ENABLED(CONFIG_VMGENID)
static BLOCKING_NOTIFIER_HEAD(vmfork_chain);
@@ -1265,7 +1243,6 @@ SYSCALL_DEFINE3(getrandom, char __user *, ubuf, size_t, len, unsigned int, flags
struct iov_iter iter;
struct iovec iov;
int ret;
- const struct random_extrng *rng;
if (flags & ~(GRND_NONBLOCK | GRND_RANDOM | GRND_INSECURE))
return -EINVAL;
@@ -1277,18 +1254,6 @@ SYSCALL_DEFINE3(getrandom, char __user *, ubuf, size_t, len, unsigned int, flags
if ((flags & (GRND_INSECURE | GRND_RANDOM)) == (GRND_INSECURE | GRND_RANDOM))
return -EINVAL;
- rcu_read_lock();
- rng = rcu_dereference(extrng);
- if (rng && !try_module_get(rng->owner))
- rng = NULL;
- rcu_read_unlock();
-
- if (rng) {
- ret = rng->extrng_read(buf, count);
- module_put(rng->owner);
- return ret;
- }
-
if (!crng_ready() && !(flags & GRND_INSECURE)) {
if (flags & GRND_NONBLOCK)
return -EAGAIN;
@@ -1309,12 +1274,6 @@ static __poll_t random_poll(struct file *file, poll_table *wait)
return crng_ready() ? EPOLLIN | EPOLLRDNORM : EPOLLOUT | EPOLLWRNORM;
}
-static __poll_t extrng_poll(struct file *file, poll_table * wait)
-{
- /* extrng pool is always full, always read, no writes */
- return EPOLLIN | EPOLLRDNORM;
-}
-
static ssize_t write_pool_user(struct iov_iter *iter)
{
u8 block[BLAKE2S_BLOCK_SIZE];
@@ -1451,58 +1410,7 @@ static int random_fasync(int fd, struct file *filp, int on)
return fasync_helper(fd, filp, on, &fasync);
}
-static int random_open(struct inode *inode, struct file *filp)
-{
- const struct random_extrng *rng;
-
- rcu_read_lock();
- rng = rcu_dereference(extrng);
- if (rng && !try_module_get(rng->owner))
- rng = NULL;
- rcu_read_unlock();
-
- if (!rng)
- return 0;
-
- filp->f_op = &extrng_random_fops;
- filp->private_data = rng->owner;
-
- return 0;
-}
-
-static int urandom_open(struct inode *inode, struct file *filp)
-{
- const struct random_extrng *rng;
-
- rcu_read_lock();
- rng = rcu_dereference(extrng);
- if (rng && !try_module_get(rng->owner))
- rng = NULL;
- rcu_read_unlock();
-
- if (!rng)
- return 0;
-
- filp->f_op = &extrng_urandom_fops;
- filp->private_data = rng->owner;
-
- return 0;
-}
-
-static int extrng_release(struct inode *inode, struct file *filp)
-{
- module_put(filp->private_data);
- return 0;
-}
-
-static ssize_t
-extrng_read(struct file *file, char __user *buf, size_t nbytes, loff_t *ppos)
-{
- return rcu_dereference_raw(extrng)->extrng_read(buf, nbytes);
-}
-
const struct file_operations random_fops = {
- .open = random_open,
.read_iter = random_read_iter,
.write_iter = random_write_iter,
.poll = random_poll,
@@ -1515,7 +1423,6 @@ const struct file_operations random_fops = {
};
const struct file_operations urandom_fops = {
- .open = urandom_open,
.read_iter = urandom_read_iter,
.write_iter = random_write_iter,
.unlocked_ioctl = random_ioctl,
@@ -1526,26 +1433,6 @@ const struct file_operations urandom_fops = {
.splice_write = iter_file_splice_write,
};
-static const struct file_operations extrng_random_fops = {
- .open = random_open,
- .read = extrng_read,
- .write = random_write,
- .poll = extrng_poll,
- .unlocked_ioctl = random_ioctl,
- .fasync = random_fasync,
- .llseek = noop_llseek,
- .release = extrng_release,
-};
-
-static const struct file_operations extrng_urandom_fops = {
- .open = urandom_open,
- .read = extrng_read,
- .write = random_write,
- .unlocked_ioctl = random_ioctl,
- .fasync = random_fasync,
- .llseek = noop_llseek,
- .release = extrng_release,
-};
/********************************************************************
*
diff --git a/include/linux/random.h b/include/linux/random.h
index c36b7c412de2..fae0c84027fd 100644
--- a/include/linux/random.h
+++ b/include/linux/random.h
@@ -10,11 +10,6 @@
#include <uapi/linux/random.h>
-struct random_extrng {
- ssize_t (*extrng_read)(void __user *buf, size_t buflen);
- struct module *owner;
-};
-
struct notifier_block;
void add_device_randomness(const void *buf, size_t len);
@@ -146,9 +141,6 @@ int random_prepare_cpu(unsigned int cpu);
int random_online_cpu(unsigned int cpu);
#endif
-void random_register_extrng(const struct random_extrng *rng);
-void random_unregister_extrng(void);
-
#ifndef MODULE
extern const struct file_operations random_fops, urandom_fops;
#endif
--
2.36.1