[v3,0/5] random: use computational hash for entropy extraction, and related fixes

Message ID	20220205160118.252698-1-Jason@zx2c4.com (mailing list archive)
Headers	show Return-Path: <linux-crypto-owner@kernel.org> From: "Jason A. Donenfeld" <Jason@zx2c4.com> To: linux-kernel@vger.kernel.org, linux-crypto@vger.kernel.org Cc: "Jason A. Donenfeld" <Jason@zx2c4.com> Subject: [PATCH v3 0/5] random: use computational hash for entropy extraction, and related fixes Date: Sat, 5 Feb 2022 17:01:13 +0100 Message-Id: <20220205160118.252698-1-Jason@zx2c4.com> MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Precedence: bulk
Series	random: use computational hash for entropy extraction, and related fixes \| expand [v3,0/5] random: use computational hash for entropy extraction, and related fixes [v3,1/5] random: use computational hash for entropy extraction [v3,2/5] random: simplify entropy debiting [v3,3/5] random: use linear min-entropy accumulation crediting [v3,4/5] random: always wake up entropy writers after extraction [v3,5/5] random: make credit_entropy_bits() always safe

Message ID

20220205160118.252698-1-Jason@zx2c4.com (mailing list archive)

Headers

From: "Jason A. Donenfeld" <Jason@zx2c4.com>
To: linux-kernel@vger.kernel.org, linux-crypto@vger.kernel.org
Cc: "Jason A. Donenfeld" <Jason@zx2c4.com>
Subject: [PATCH v3 0/5] random: use computational hash for entropy extraction,
 and related fixes
Date: Sat,  5 Feb 2022 17:01:13 +0100
Message-Id: <20220205160118.252698-1-Jason@zx2c4.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Precedence: bulk

Series

random: use computational hash for entropy extraction, and related fixes | expand

Message

Jason A. Donenfeld Feb. 5, 2022, 4:01 p.m. UTC

The bulk of the motivation for this and description of crypto
vulnerabilities is in the first patch of this series. The following
three patches then fix up entropy accounting for the new model. The last
patch fixes a minor code safety issue.

This v3 fixes comments and commit message wording, simplifies a bit of
code in a cmpxchg loop, and adjusts semantics around the poll write
wakeup threshold.

Jason A. Donenfeld (5):
  random: use computational hash for entropy extraction
  random: simplify entropy debiting
  random: use linear min-entropy accumulation crediting
  random: always wake up entropy writers after extraction
  random: make credit_entropy_bits() always safe

 drivers/char/random.c         | 501 ++++++----------------------------
 include/trace/events/random.h |  30 +-
 2 files changed, 87 insertions(+), 444 deletions(-)

Comments

Eric Biggers Feb. 8, 2022, 6:48 a.m. UTC | #1

On Sat, Feb 05, 2022 at 05:01:13PM +0100, Jason A. Donenfeld wrote:
> The bulk of the motivation for this and description of crypto
> vulnerabilities is in the first patch of this series. The following
> three patches then fix up entropy accounting for the new model. The last
> patch fixes a minor code safety issue.
> 
> This v3 fixes comments and commit message wording, simplifies a bit of
> code in a cmpxchg loop, and adjusts semantics around the poll write
> wakeup threshold.
> 
> Jason A. Donenfeld (5):
>   random: use computational hash for entropy extraction
>   random: simplify entropy debiting
>   random: use linear min-entropy accumulation crediting
>   random: always wake up entropy writers after extraction
>   random: make credit_entropy_bits() always safe
> 
>  drivers/char/random.c         | 501 ++++++----------------------------
>  include/trace/events/random.h |  30 +-
>  2 files changed, 87 insertions(+), 444 deletions(-)

Looks good, thanks!  You can add for the series:

Reviewed-by: Eric Biggers <ebiggers@google.com>

- Eric