Linux-Kernel Archive: [PATCH 4.19 142/234] mips: use fallback for random_get_entropy() instead of just c0 random [PATCH 4.19 142/234] mips: use fallback for random_get_entropy() instead of just c0 random From: Greg Kroah-Hartman Date: Thu Jun 23 2022 - 14:09:41 EST Next message: Greg Kroah-Hartman: "[PATCH 4.19 143/234] arm: use fallback for random_get_entropy() instead of zero" Previous message: Greg Kroah-Hartman: "[PATCH 4.19 124/234] random: treat bootloader trust toggle the same way as cpu trust toggle" In reply to: Greg Kroah-Hartman: "[PATCH 4.19 124/234] random: treat bootloader trust toggle the same way as cpu trust toggle" Next in thread: Greg Kroah-Hartman: "[PATCH 4.19 143/234] arm: use fallback for random_get_entropy() instead of zero" Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] From: "Jason A. Donenfeld"
commit 1c99c6a7c3c599a68321b01b9ec243215ede5a68 upstream. For situations in which we don't have a c0 counter register available, we've been falling back to reading the c0 "random" register, which is usually bounded by the amount of TLB entries and changes every other cycle or so. This means it wraps extremely often. We can do better by combining this fast-changing counter with a potentially slower-changing counter from random_get_entropy_fallback() in the more significant bits. This commit combines the two, taking into account that the changing bits are in a different bit position depending on the CPU model. In addition, we previously were falling back to 0 for ancient CPUs that Linux does not support anyway; remove that dead path entirely. Cc: Thomas Gleixner Cc: Arnd Bergmann Tested-by: Maciej W. Rozycki Acked-by: Thomas Bogendoerfer Signed-off-by: Jason A. Donenfeld Signed-off-by: Greg Kroah-Hartman --- arch/mips/include/asm/timex.h | 17 ++++++++--------- 1 file changed, 8 insertions(+), 9 deletions(-) --- a/arch/mips/include/asm/timex.h +++ b/arch/mips/include/asm/timex.h @@ -76,25 +76,24 @@ static inline cycles_t get_cycles(void) else return 0; /* no usable counter */ } +#define get_cycles get_cycles /* * Like get_cycles - but where c0_count is not available we desperately * use c0_random in an attempt to get at least a little bit of entropy. - * - * R6000 and R6000A neither have a count register nor a random register. - * That leaves no entropy source in the CPU itself. */ static inline unsigned long random_get_entropy(void) { - unsigned int prid = read_c0_prid(); - unsigned int imp = prid & PRID_IMP_MASK; + unsigned int c0_random; - if (can_use_mips_counter(prid)) + if (can_use_mips_counter(read_c0_prid())) return read_c0_count(); - else if (likely(imp != PRID_IMP_R6000 && imp != PRID_IMP_R6000A)) - return read_c0_random(); + + if (cpu_has_3kex) + c0_random = (read_c0_random() >> 8) & 0x3f; else - return 0; /* no usable register */ + c0_random = read_c0_random() & 0x3f; + return (random_get_entropy_fallback() << 6) | (0x3f - c0_random); } #define random_get_entropy random_get_entropy Next message: Greg Kroah-Hartman: "[PATCH 4.19 143/234] arm: use fallback for random_get_entropy() instead of zero" Previous message: Greg Kroah-Hartman: "[PATCH 4.19 124/234] random: treat bootloader trust toggle the same way as cpu trust toggle" In reply to: Greg Kroah-Hartman: "[PATCH 4.19 124/234] random: treat bootloader trust toggle the same way as cpu trust toggle" Next in thread: Greg Kroah-Hartman: "[PATCH 4.19 143/234] arm: use fallback for random_get_entropy() instead of zero" Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]