From patchwork Sun Jan 30 09:56:04 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Sandy Harris X-Patchwork-Id: 538282 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id A01B8C433FE for ; Sun, 30 Jan 2022 09:56:21 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1354558AbiA3J4T (ORCPT ); Sun, 30 Jan 2022 04:56:19 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:52244 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1354547AbiA3J4T (ORCPT ); Sun, 30 Jan 2022 04:56:19 -0500 Received: from mail-ej1-x635.google.com (mail-ej1-x635.google.com [IPv6:2a00:1450:4864:20::635]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 0F70AC061714 for ; Sun, 30 Jan 2022 01:56:19 -0800 (PST) Received: by mail-ej1-x635.google.com with SMTP id s13so33231982ejy.3 for ; Sun, 30 Jan 2022 01:56:18 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=mime-version:from:date:message-id:subject:to; bh=62vWaH+BpXQhqUFk98i4vcDbSM6tFCe6SZcQwYD/3Y0=; b=prLW52JlDOpz6yNUcs65dzdRgVn3cXmAG8Bpmvs+FsVvPtLX8MLpoK3WnpdHve8PgE UDEoAwFPHdlXf1+bC1QAPbbu8LUT4VlUfGCazDzyY9erTfQ+Rqrh+H8XETqe5NOHjyp9 iGu52kjEGfp/H31FXAO5VPynXBRFrHrJBPyYdY7gW066wFE6Q/Ig9u0tKlQPYJ4YZ3Ts BbpUTolg0r0sSTrJ0broz0HThqcQEEKgiMyhbrlJKUOzqX9/QONXC50lUnoBeqmfy+AM jwJNdM+mkVh5hg+jsC+JCCTBwzc9WBPt648SoJP31hQMVPNG3FWKr8OAIIR8kjCSLsyn Mhtw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:mime-version:from:date:message-id:subject:to; bh=62vWaH+BpXQhqUFk98i4vcDbSM6tFCe6SZcQwYD/3Y0=; b=E6UMI6AMfYNr6itz7xm6dEq2oF3kgPjeMKQbMDMSTDZgWs9yH5Cx38HwpduoGF/3HK dX8zBvH/aL+1Md3fWoh1IcaKtr5+xKCDKn2KLgLZHzEy2Z4WIlk/r4AmEhKhrtO5TAvE 5lu7jlSdEjdnmf96/rj4+sItgWx4y00JEAa77sSENtHl8BReeCHfZ7W4YYAxmZYGif3X Drk356yNdtQfOH9noecrMX+sA8EM56x5qqKvgZLudWjsifOJhEvXtpMMk/A9Nlws3Zgq nNn3eKkfXthhy5EuHhsosF441JpEH1tG2gE1RVN8oSkdCCeRvTb5tUyKMc0ubxUk4Won dN1w== X-Gm-Message-State: AOAM531qcuSIVLs5dzHipVK+hOrxBBNDBRTYryX1aJ98PDgDuL85ctGY 7qEErlivFD37rD6+hkSC4fR/2mAIKbjY2MBBEHM6U3Mtn1E= X-Google-Smtp-Source: ABdhPJx2gff3oqe82aQi+2Q5VhubmXMU+C7cyTOBuRxlQjUYexMBDr0nZzfgnuZ1wJ7UoRbnE8/mAIu0qsat79dZnKg= X-Received: by 2002:a17:907:1c19:: with SMTP id nc25mr13737832ejc.354.1643536576104; Sun, 30 Jan 2022 01:56:16 -0800 (PST) MIME-Version: 1.0 From: Sandy Harris Date: Sun, 30 Jan 2022 17:56:04 +0800 Message-ID: Subject: [PATCH] random.c Remove locking in extract_buf() To: Linux Crypto Mailing List , "Ted Ts'o" , "Jason A. Donenfeld" , m@ib.tc, Herbert Xu Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org This function does not need to lock the input pool during the hash since that only reads the pool & we do not care if a write makes the hash result indeterminate. "That's not a bug; it's a feature." Removing the unnecessary lock prevents it from delaying other threads or interrupts which write to the input pool. Such delays are a bug. We do need to lock the input pool when writing to it. Changing __mix_pool_bytes() to plain mix_pool_bytes() accomplishes that. We do not need a lock for *out, the only other place where this function writes. That points to an array declared local in the calling function. --- drivers/char/random.c | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/drivers/char/random.c b/drivers/char/random.c index 68613f0b6887..9dbf7c8c68dd 100644 --- a/drivers/char/random.c +++ b/drivers/char/random.c @@ -1355,7 +1355,6 @@ static void extract_buf(u8 *out) } /* Generate a hash across the pool */ - spin_lock_irqsave(&input_pool.lock, flags); blake2s_update(&state, (const u8 *)input_pool_data, POOL_BYTES); blake2s_final(&state, hash); /* final zeros out state */ @@ -1368,8 +1367,7 @@ static void extract_buf(u8 *out) * brute-forcing the feedback as hard as brute-forcing the * hash. */ - __mix_pool_bytes(hash, sizeof(hash)); - spin_unlock_irqrestore(&input_pool.lock, flags); + mix_pool_bytes(hash, sizeof(hash)); /* Note that EXTRACT_SIZE is half of hash size here, because above * we've dumped the full length back into mixer. By reducing the