Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
char/lrng: add Jitter RNG fast noise source
The Jitter RNG fast noise source implemented as part of the kernel crypto API is queried for 256 bits of entropy at the time the seed buffer managed by the LRNG is about to be filled. CC: Torsten Duwe <duwe@lst.de> CC: "Eric W. Biederman" <ebiederm@xmission.com> CC: "Alexander E. Patrakov" <patrakov@gmail.com> CC: "Ahmed S. Darwish" <darwish.07@gmail.com> CC: "Theodore Y. Ts'o" <tytso@mit.edu> CC: Willy Tarreau <w@1wt.eu> CC: Matthew Garrett <mjg59@srcf.ucam.org> CC: Vito Caputo <vcaputo@pengaru.com> CC: Andreas Dilger <adilger.kernel@dilger.ca> CC: Jan Kara <jack@suse.cz> CC: Ray Strode <rstrode@redhat.com> CC: William Jon McCann <mccann@jhu.edu> CC: zhangjs <zachary@baishancloud.com> CC: Andy Lutomirski <luto@kernel.org> CC: Florian Weimer <fweimer@redhat.com> CC: Lennart Poettering <mzxreary@0pointer.de> CC: Nicolai Stange <nstange@suse.de> CC: Alexander Lobakin <alobakin@mailbox.org> Reviewed-by: Marcelo Henrique Cerri <marcelo.cerri@canonical.com> Tested-by: Marcelo Henrique Cerri <marcelo.cerri@canonical.com> Tested-by: Neil Horman <nhorman@redhat.com> Signed-off-by: Stephan Mueller <smueller@chronox.de>
- Loading branch information
1 parent
3c1b9ec
commit 5a544a2
Showing
3 changed files
with
118 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,90 @@ | ||
// SPDX-License-Identifier: GPL-2.0 OR BSD-2-Clause | ||
/* | ||
* LRNG Fast Entropy Source: Jitter RNG | ||
* | ||
* Copyright (C) 2016 - 2021, Stephan Mueller <smueller@chronox.de> | ||
*/ | ||
|
||
#define pr_fmt(fmt) KBUILD_MODNAME ": " fmt | ||
|
||
#include <linux/types.h> | ||
#include <crypto/internal/jitterentropy.h> | ||
|
||
#include "lrng_internal.h" | ||
|
||
/* | ||
* Estimated entropy of data is a 16th of LRNG_DRNG_SECURITY_STRENGTH_BITS. | ||
* Albeit a full entropy assessment is provided for the noise source indicating | ||
* that it provides high entropy rates and considering that it deactivates | ||
* when it detects insufficient hardware, the chosen under estimation of | ||
* entropy is considered to be acceptable to all reviewers. | ||
*/ | ||
static u32 jitterrng = CONFIG_LRNG_JENT_ENTROPY_RATE; | ||
#ifdef CONFIG_LRNG_RUNTIME_ES_CONFIG | ||
module_param(jitterrng, uint, 0644); | ||
MODULE_PARM_DESC(jitterrng, "Entropy in bits of 256 data bits from Jitter RNG noise source"); | ||
#endif | ||
|
||
static bool lrng_jent_initialized = false; | ||
static struct rand_data *lrng_jent_state; | ||
|
||
static int __init lrng_jent_initialize(void) | ||
{ | ||
/* Initialize the Jitter RNG after the clocksources are initialized. */ | ||
lrng_jent_state = jent_lrng_entropy_collector(); | ||
if (!lrng_jent_state) { | ||
jitterrng = 0; | ||
pr_info("Jitter RNG unusable on current system\n"); | ||
return 0; | ||
} | ||
lrng_jent_initialized = true; | ||
lrng_pool_add_entropy(); | ||
pr_debug("Jitter RNG working on current system\n"); | ||
|
||
return 0; | ||
} | ||
device_initcall(lrng_jent_initialize); | ||
|
||
/** | ||
* lrng_get_jent() - Get Jitter RNG entropy | ||
* | ||
* @outbuf: buffer to store entropy | ||
* @outbuflen: length of buffer | ||
* | ||
* Return: | ||
* * > 0 on success where value provides the added entropy in bits | ||
* * 0 if no fast source was available | ||
*/ | ||
u32 lrng_get_jent(u8 *outbuf, u32 requested_bits) | ||
{ | ||
int ret; | ||
u32 ent_bits = lrng_jent_entropylevel(requested_bits); | ||
unsigned long flags; | ||
static DEFINE_SPINLOCK(lrng_jent_lock); | ||
|
||
spin_lock_irqsave(&lrng_jent_lock, flags); | ||
|
||
if (!ent_bits || !lrng_jent_initialized) { | ||
spin_unlock_irqrestore(&lrng_jent_lock, flags); | ||
return 0; | ||
} | ||
|
||
ret = jent_read_entropy(lrng_jent_state, outbuf, requested_bits >> 3); | ||
spin_unlock_irqrestore(&lrng_jent_lock, flags); | ||
|
||
if (ret) { | ||
pr_debug("Jitter RNG failed with %d\n", ret); | ||
return 0; | ||
} | ||
|
||
pr_debug("obtained %u bits of entropy from Jitter RNG noise source\n", | ||
ent_bits); | ||
|
||
return ent_bits; | ||
} | ||
|
||
u32 lrng_jent_entropylevel(u32 requested_bits) | ||
{ | ||
return lrng_fast_noise_entropylevel((lrng_jent_initialized) ? | ||
jitterrng : 0, requested_bits); | ||
} |