From patchwork Mon Sep 21 07:58:21 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Nicolai Stange X-Patchwork-Id: 11788663 X-Patchwork-Delegate: herbert@gondor.apana.org.au Return-Path: Received: from mail.kernel.org (pdx-korg-mail-1.web.codeaurora.org [172.30.200.123]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 510256CA for ; Mon, 21 Sep 2020 07:59:25 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id 36E1A214F1 for ; Mon, 21 Sep 2020 07:59:25 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726508AbgIUH7X (ORCPT ); Mon, 21 Sep 2020 03:59:23 -0400 Received: from mx2.suse.de ([195.135.220.15]:56800 "EHLO mx2.suse.de" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726454AbgIUH7T (ORCPT ); Mon, 21 Sep 2020 03:59:19 -0400 X-Virus-Scanned: by amavisd-new at test-mx.suse.de Received: from relay2.suse.de (unknown [195.135.221.27]) by mx2.suse.de (Postfix) with ESMTP id E94C1B4FD; Mon, 21 Sep 2020 07:59:51 +0000 (UTC) From: Nicolai Stange To: "Theodore Y. Ts'o" Cc: linux-crypto@vger.kernel.org, LKML , Arnd Bergmann , Greg Kroah-Hartman , "Eric W. Biederman" , "Alexander E. Patrakov" , "Ahmed S. Darwish" , Willy Tarreau , Matthew Garrett , Vito Caputo , Andreas Dilger , Jan Kara , Ray Strode , William Jon McCann , zhangjs , Andy Lutomirski , Florian Weimer , Lennart Poettering , Peter Matthias , Marcelo Henrique Cerri , Roman Drahtmueller , Neil Horman , Randy Dunlap , Julia Lawall , Dan Carpenter , Andy Lavr , Eric Biggers , "Jason A. Donenfeld" , =?utf-8?q?Stephan_M=C3=BCller?= , Torsten Duwe , Petr Tesarik , Nicolai Stange Subject: [RFC PATCH 05/41] random: don't reset entropy to zero on overflow Date: Mon, 21 Sep 2020 09:58:21 +0200 Message-Id: <20200921075857.4424-6-nstange@suse.de> X-Mailer: git-send-email 2.26.2 In-Reply-To: <20200921075857.4424-1-nstange@suse.de> References: <20200921075857.4424-1-nstange@suse.de> MIME-Version: 1.0 Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org credit_entropy_bits() adds one or more positive values to the signed entropy_count and checks if the result is negative afterwards. Note that because the initial value of entropy_count is positive, a negative result can happen only on overflow. However, if the final entropy_count is found to have overflown, a WARN() is emitted and the entropy_store's entropy count reset to zero. Even though this case should never happen, it is better to retain previously available entropy as this will facilitate a future change factoring out that approximation of the exponential. Make credit_entropy_bits() tp reset entropy_count to the original value rather than zero on overflow. Signed-off-by: Nicolai Stange --- drivers/char/random.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/drivers/char/random.c b/drivers/char/random.c index 35e381be20fe..6adac462aa0d 100644 --- a/drivers/char/random.c +++ b/drivers/char/random.c @@ -706,7 +706,7 @@ static void credit_entropy_bits(struct entropy_store *r, int nbits) if (WARN_ON(entropy_count < 0)) { pr_warn("negative entropy/overflow: pool %s count %d\n", r->name, entropy_count); - entropy_count = 0; + entropy_count = orig; } else if (entropy_count > pool_size) entropy_count = pool_size; if (cmpxchg(&r->entropy_count, orig, entropy_count) != orig)