| Message ID | 20220410214951.55294-4-Jason@zx2c4.com (mailing list archive) |
|---|---|
| State | New, archived |
| Headers | show |
| Series | archs/random: fallback to using ktime_read_raw_clock() if no cycle counter | expand |
On Sun, Apr 10 2022 at 23:49, Jason A. Donenfeld wrote: > In the event that random_get_entropy() can't access a cycle counter or > similar, falling back to returning 0 is really not the best we can do. > Instead, at least calling ktime_read_raw_clock() would be preferable, > because that always needs to return _something_, even falling back to > jiffies eventually. It's not as though ktime_read_raw_clock() is super > high precision or guaranteed to be entropic, but basically anything > that's not zero all the time is better than returning zero all the time. > > Cc: Thomas Gleixner <tglx@linutronix.de> > Cc: Arnd Bergmann <arnd@arndb.de> > Cc: Geert Uytterhoeven <geert@linux-m68k.org> > Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com> > --- > arch/m68k/include/asm/timex.h | 2 +- > 1 file changed, 1 insertion(+), 1 deletion(-) > > diff --git a/arch/m68k/include/asm/timex.h b/arch/m68k/include/asm/timex.h > index 6a21d9358280..5351b10e1b18 100644 > --- a/arch/m68k/include/asm/timex.h > +++ b/arch/m68k/include/asm/timex.h > @@ -35,7 +35,7 @@ static inline unsigned long random_get_entropy(void) > { > if (mach_random_get_entropy) > return mach_random_get_entropy(); > - return 0; > + return ktime_read_raw_clock(); I'd rather do something like this in a common header: unsigned long random_get_entropy_fallback(void); and use random_get_entropy_fallback() in the architecture specific files. That way you can encapsulate the fallback implementation in the random code and if it turns out that ktime_read_raw_clock() is a stupid idea or someone has a better idea then you have to change exactly one place and not patch the whole tree again. Thanks, tglx
Hi Thomas, On Mon, Apr 11, 2022 at 10:18 AM Thomas Gleixner <tglx@linutronix.de> wrote: > > diff --git a/arch/m68k/include/asm/timex.h b/arch/m68k/include/asm/timex.h > > index 6a21d9358280..5351b10e1b18 100644 > > --- a/arch/m68k/include/asm/timex.h > > +++ b/arch/m68k/include/asm/timex.h > > @@ -35,7 +35,7 @@ static inline unsigned long random_get_entropy(void) > > { > > if (mach_random_get_entropy) > > return mach_random_get_entropy(); > > - return 0; > > + return ktime_read_raw_clock(); > > I'd rather do something like this in a common header: > > unsigned long random_get_entropy_fallback(void); > > and use random_get_entropy_fallback() in the architecture specific > files. > > That way you can encapsulate the fallback implementation in the random > code and if it turns out that ktime_read_raw_clock() is a stupid idea or > someone has a better idea then you have to change exactly one place and > not patch the whole tree again. Absolutely. That's a good idea. I'll do that for v3. Jason
diff --git a/arch/m68k/include/asm/timex.h b/arch/m68k/include/asm/timex.h index 6a21d9358280..5351b10e1b18 100644 --- a/arch/m68k/include/asm/timex.h +++ b/arch/m68k/include/asm/timex.h @@ -35,7 +35,7 @@ static inline unsigned long random_get_entropy(void) { if (mach_random_get_entropy) return mach_random_get_entropy(); - return 0; + return ktime_read_raw_clock(); } #define random_get_entropy random_get_entropy
In the event that random_get_entropy() can't access a cycle counter or similar, falling back to returning 0 is really not the best we can do. Instead, at least calling ktime_read_raw_clock() would be preferable, because that always needs to return _something_, even falling back to jiffies eventually. It's not as though ktime_read_raw_clock() is super high precision or guaranteed to be entropic, but basically anything that's not zero all the time is better than returning zero all the time. Cc: Thomas Gleixner <tglx@linutronix.de> Cc: Arnd Bergmann <arnd@arndb.de> Cc: Geert Uytterhoeven <geert@linux-m68k.org> Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com> --- arch/m68k/include/asm/timex.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-)