1. 31 Oct, 2019 1 commit
    • Jeff Mahoney's avatar
      reiserfs: fix extended attributes on the root directory · 60e4cf67
      Jeff Mahoney authored
      Since commit d0a5b995 (vfs: Add IOP_XATTR inode operations flag)
      extended attributes haven't worked on the root directory in reiserfs.
      
      This is due to reiserfs conditionally setting the sb->s_xattrs handler
      array depending on whether it located or create the internal privroot
      directory.  It necessarily does this after the root inode is already
      read in.  The IOP_XATTR flag is set during inode initialization, so
      it never gets set on the root directory.
      
      This commit unconditionally assigns sb->s_xattrs and clears IOP_XATTR on
      internal inodes.  The old return values due to the conditional assignment
      are handled via open_xa_root, which now returns EOPNOTSUPP as the VFS
      would have done.
      
      Link: https://lore.kernel.org/r/20191024143127.17509-1-jeffm@suse.com
      CC: stable@vger.kernel.org
      Fixes: d0a5b995 ("vfs: Add IOP_XATTR inode operations flag")
      Signed-off-by: default avatarJeff Mahoney <jeffm@suse.com>
      Signed-off-by: default avatarJan Kara <jack@suse.cz>
      60e4cf67
  2. 24 Oct, 2019 1 commit
  3. 22 Oct, 2019 1 commit
  4. 21 Oct, 2019 1 commit
  5. 17 Oct, 2019 1 commit
  6. 08 Oct, 2019 1 commit
  7. 04 Oct, 2019 2 commits
  8. 03 Oct, 2019 3 commits
  9. 02 Oct, 2019 5 commits
    • Linus Torvalds's avatar
      timer-of: don't use conditional expression with mixed 'void' types · 0f1a7b3f
      Linus Torvalds authored
      Randy Dunlap reports on the sparse list that sparse warns about this
      expression:
      
              of_irq->percpu ? free_percpu_irq(of_irq->irq, clkevt) :
                      free_irq(of_irq->irq, clkevt);
      
      and honestly, sparse is correct to warn.  The return type of
      free_percpu_irq() is 'void', while free_irq() returns a 'const void *'
      that is the devname argument passed in to the request_irq().
      
      You can't mix a void type with a non-void types in a conditional
      expression according to the C standard.  It so happens that gcc seems to
      accept it - and the resulting type of the expression is void - but
      there's really no reason for the kernel to have this kind of
      non-standard expression with no real upside.
      
      The natural way to write that expression is with an if-statement:
      
              if (of_irq->percpu)
                      free_percpu_irq(of_irq->irq, clkevt);
              else
                      free_irq(of_irq->irq, clkevt);
      
      which is more legible anyway.
      
      I'm not sure why that timer-of code seems to have this odd pattern.  It
      does the same at allocation time, but at least there the types match,
      and it makes sense as an expression.
      Reported-by: default avatarRandy Dunlap <rdunlap@infradead.org>
      Signed-off-by: default avatarLinus Torvalds <torvalds@linux-foundation.org>
      0f1a7b3f
    • Linus Torvalds's avatar
      Merge branch 'timers-urgent-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip · 5021b918
      Linus Torvalds authored
      Pull timer fix from Ingo Molnar:
       "Fix a broadcast-timer handling race that can result in spuriously and
        indefinitely delayed hrtimers and even RCU stalls if the system is
        otherwise quiet"
      
      * 'timers-urgent-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip:
        tick: broadcast-hrtimer: Fix a race in bc_set_next
      5021b918
    • Linus Torvalds's avatar
      Merge branch 'sched-urgent-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip · 714366f8
      Linus Torvalds authored
      Pull membarrier fix from Ingo Molnar:
       "Fix broken locking within membarrier_private_expedited()"
      
      * 'sched-urgent-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip:
        membarrier: Fix RCU locking bug caused by faulty merge
      714366f8
    • Linus Torvalds's avatar
      Merge tag 'erofs-for-5.4-rc2-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/xiang/erofs · 65aa35c9
      Linus Torvalds authored
      Pull erofs fixes from Gao Xiang:
       "Three patches to address regressions due to recent cleanups, mainly
        found by stress test on latest mainline kernel (no more regression out
        compared with older kernels for more than a week)
      
        One additional patch updates sub-entries in MAINTAINERS.
      
        Summary:
      
         - Fix error handling in erofs_read_superblock
      
         - Fix locking in erofs_get_meta_page
      
         - Fix inplace behavior due to decompression frontend cleanup
      
         - Update sub-entries in MAINTAINERS in order to better blame"
      
      * tag 'erofs-for-5.4-rc2-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/xiang/erofs:
        erofs: fix mis-inplace determination related with noio chain
        erofs: fix erofs_get_meta_page locking due to a cleanup
        MAINTAINERS: erofs: complete sub-entries for erofs
        erofs: fix return value check in erofs_read_superblock()
      65aa35c9
    • Borislav Petkov's avatar
      char/random: Add a newline at the end of the file · 3fd57e7a
      Borislav Petkov authored
      On Tue, Oct 01, 2019 at 10:14:40AM -0700, Linus Torvalds wrote:
      > The previous state of the file didn't have that 0xa at the end, so you get that
      >
      >
      >   -EXPORT_SYMBOL_GPL(add_bootloader_randomness);
      >   \ No newline at end of file
      >   +EXPORT_SYMBOL_GPL(add_bootloader_randomness);
      >
      > which is "the '-' line doesn't have a newline, the '+' line does" marker.
      
      Aaha, that makes total sense, thanks for explaining. Oh well, let's fix
      it then so that people don't scratch heads like me.
      Signed-off-by: default avatarLinus Torvalds <torvalds@linux-foundation.org>
      3fd57e7a
  10. 01 Oct, 2019 1 commit
    • Peter Zijlstra's avatar
      membarrier: Fix RCU locking bug caused by faulty merge · 73956fc0
      Peter Zijlstra authored
      The following commit:
      
        227a4aad ("sched/membarrier: Fix p->mm->membarrier_state racy load")
      
      got fat fingered by me when merging it with other patches. It meant to move
      the RCU section out of the for loop but ended up doing it partially, leaving
      a superfluous rcu_read_lock() inside, causing havok.
      Reported-by: default avatarIngo Molnar <mingo@kernel.org>
      Signed-off-by: default avatarPeter Zijlstra (Intel) <peterz@infradead.org>
      Cc: Borislav Petkov <bp@alien8.de>
      Cc: Chris Metcalf <cmetcalf@ezchip.com>
      Cc: Christoph Lameter <cl@linux.com>
      Cc: Eric W. Biederman <ebiederm@xmission.com>
      Cc: Kirill Tkhai <tkhai@yandex.ru>
      Cc: Linus Torvalds <torvalds@linux-foundation.org>
      Cc: Mathieu Desnoyers <mathieu.desnoyers@efficios.com>
      Cc: Mike Galbraith <efault@gmx.de>
      Cc: Oleg Nesterov <oleg@redhat.com>
      Cc: Paul E. McKenney <paulmck@linux.ibm.com>
      Cc: Peter Zijlstra <peterz@infradead.org>
      Cc: Russell King - ARM Linux admin <linux@armlinux.org.uk>
      Cc: Thomas Gleixner <tglx@linutronix.de>
      Cc: linux-tip-commits@vger.kernel.org
      Fixes: 227a4aad ("sched/membarrier: Fix p->mm->membarrier_state racy load")
      Link: https://lkml.kernel.org/r/20191001085033.GP4519@hirez.programming.kicks-ass.netSigned-off-by: default avatarIngo Molnar <mingo@kernel.org>
      73956fc0
  11. 30 Sep, 2019 21 commits
    • Gao Xiang's avatar
      erofs: fix mis-inplace determination related with noio chain · dc76ea8c
      Gao Xiang authored
      Fix a recent cleanup patch. noio (bypass) chain is
      handled asynchronously against submit chain, therefore
      inplace I/O or pagevec cannot be applied to such pages.
      Add detailed comment for this as well.
      
      Fixes: 97e86a85 ("staging: erofs: tidy up decompression frontend")
      Reviewed-by: default avatarChao Yu <yuchao0@huawei.com>
      Link: https://lore.kernel.org/r/20190922100434.229340-1-gaoxiang25@huawei.comSigned-off-by: default avatarGao Xiang <gaoxiang25@huawei.com>
      dc76ea8c
    • Gao Xiang's avatar
      erofs: fix erofs_get_meta_page locking due to a cleanup · 55252ab7
      Gao Xiang authored
      After doing more drop_caches stress test on
      our products, I found the mistake introduced by
      a very recent cleanup [1].
      
      The current rule is that "erofs_get_meta_page"
      should be returned with page locked (although
      it's mostly unnecessary for read-only fs after
      pages are PG_uptodate), but a fix should be
      done for this.
      
      [1] https://lore.kernel.org/r/20190904020912.63925-26-gaoxiang25@huawei.com
      Fixes: 618f40ea ("erofs: use read_cache_page_gfp for erofs_get_meta_page")
      Reviewed-by: default avatarChao Yu <yuchao0@huawei.com>
      Link: https://lore.kernel.org/r/20190921184355.149928-1-gaoxiang25@huawei.comSigned-off-by: default avatarGao Xiang <gaoxiang25@huawei.com>
      55252ab7
    • Gao Xiang's avatar
      MAINTAINERS: erofs: complete sub-entries for erofs · 6927cc05
      Gao Xiang authored
      Add a formal git tree and missing files for erofs
      after moving out of staging for everyone to blame
      in order for better improvement.
      Acked-by: default avatarChao Yu <yuchao0@huawei.com>
      Link: https://lore.kernel.org/r/20190919062838.106423-1-gaoxiang25@huawei.comSigned-off-by: default avatarGao Xiang <gaoxiang25@huawei.com>
      6927cc05
    • Wei Yongjun's avatar
      erofs: fix return value check in erofs_read_superblock() · 517d6b9c
      Wei Yongjun authored
      In case of error, the function read_mapping_page() returns
      ERR_PTR() not NULL. The NULL test in the return value check
      should be replaced with IS_ERR().
      
      Fixes: fe7c2423 ("erofs: use read_mapping_page instead of sb_bread")
      Reviewed-by: default avatarGao Xiang <gaoxiang25@huawei.com>
      Reviewed-by: default avatarChao Yu <yuchao0@huawei.com>
      Signed-off-by: default avatarWei Yongjun <weiyongjun1@huawei.com>
      Link: https://lore.kernel.org/r/20190918083033.47780-1-weiyongjun1@huawei.comSigned-off-by: default avatarGao Xiang <gaoxiang25@huawei.com>
      517d6b9c
    • Linus Torvalds's avatar
      Linux 5.4-rc1 · 54ecb8f7
      Linus Torvalds authored
      54ecb8f7
    • Linus Torvalds's avatar
      Merge tag 'for-5.4-rc1-tag' of git://git.kernel.org/pub/scm/linux/kernel/git/kdave/linux · bb48a591
      Linus Torvalds authored
      Pull btrfs fixes from David Sterba:
       "A bunch of fixes that accumulated in recent weeks, mostly material for
        stable.
      
        Summary:
      
         - fix for regression from 5.3 that prevents to use balance convert
           with single profile
      
         - qgroup fixes: rescan race, accounting leak with multiple writers,
           potential leak after io failure recovery
      
         - fix for use after free in relocation (reported by KASAN)
      
         - other error handling fixups"
      
      * tag 'for-5.4-rc1-tag' of git://git.kernel.org/pub/scm/linux/kernel/git/kdave/linux:
        btrfs: qgroup: Fix reserved data space leak if we have multiple reserve calls
        btrfs: qgroup: Fix the wrong target io_tree when freeing reserved data space
        btrfs: Fix a regression which we can't convert to SINGLE profile
        btrfs: relocation: fix use-after-free on dead relocation roots
        Btrfs: fix race setting up and completing qgroup rescan workers
        Btrfs: fix missing error return if writeback for extent buffer never started
        btrfs: adjust dirty_metadata_bytes after writeback failure of extent buffer
        Btrfs: fix selftests failure due to uninitialized i_mode in test inodes
      bb48a591
    • Linus Torvalds's avatar
      Merge tag 'csky-for-linus-5.4-rc1' of git://github.com/c-sky/csky-linux · 80b29b6b
      Linus Torvalds authored
      Pull csky updates from Guo Ren:
       "This round of csky subsystem just some fixups:
      
         - Fix mb() synchronization problem
      
         - Fix dma_alloc_coherent with PAGE_SO attribute
      
         - Fix cache_op failed when cross memory ZONEs
      
         - Optimize arch_sync_dma_for_cpu/device with dma_inv_range
      
         - Fix ioremap function losing
      
         - Fix arch_get_unmapped_area() implementation
      
         - Fix defer cache flush for 610
      
         - Support kernel non-aligned access
      
         - Fix 610 vipt cache flush mechanism
      
         - Fix add zero_fp fixup perf backtrace panic
      
         - Move static keyword to the front of declaration
      
         - Fix csky_pmu.max_period assignment
      
         - Use generic free_initrd_mem()
      
         - entry: Remove unneeded need_resched() loop"
      
      * tag 'csky-for-linus-5.4-rc1' of git://github.com/c-sky/csky-linux:
        csky: Move static keyword to the front of declaration
        csky: entry: Remove unneeded need_resched() loop
        csky: Fixup csky_pmu.max_period assignment
        csky: Fixup add zero_fp fixup perf backtrace panic
        csky: Use generic free_initrd_mem()
        csky: Fixup 610 vipt cache flush mechanism
        csky: Support kernel non-aligned access
        csky: Fixup defer cache flush for 610
        csky: Fixup arch_get_unmapped_area() implementation
        csky: Fixup ioremap function losing
        csky: Optimize arch_sync_dma_for_cpu/device with dma_inv_range
        csky/dma: Fixup cache_op failed when cross memory ZONEs
        csky: Fixup dma_alloc_coherent with PAGE_SO attribute
        csky: Fixup mb() synchronization problem
      80b29b6b
    • Linus Torvalds's avatar
      Merge tag 'armsoc-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/soc/soc · cef0aa0c
      Linus Torvalds authored
      Pull ARM SoC fixes from Olof Johansson:
       "A few fixes that have trickled in through the merge window:
      
         - Video fixes for OMAP due to panel-dpi driver removal
      
         - Clock fixes for OMAP that broke no-idle quirks + nfsroot on DRA7
      
         - Fixing arch version on ASpeed ast2500
      
         - Two fixes for reset handling on ARM SCMI"
      
      * tag 'armsoc-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/soc/soc:
        ARM: aspeed: ast2500 is ARMv6K
        reset: reset-scmi: add missing handle initialisation
        firmware: arm_scmi: reset: fix reset_state assignment in scmi_domain_reset
        bus: ti-sysc: Remove unpaired sysc_clkdm_deny_idle()
        ARM: dts: logicpd-som-lv: Fix i2c2 and i2c3 Pin mux
        ARM: dts: am3517-evm: Fix missing video
        ARM: dts: logicpd-torpedo-baseboard: Fix missing video
        ARM: omap2plus_defconfig: Fix missing video
        bus: ti-sysc: Fix handling of invalid clocks
        bus: ti-sysc: Fix clock handling for no-idle quirks
      cef0aa0c
    • Linus Torvalds's avatar
      Merge tag 'trace-v5.4-3' of git://git.kernel.org/pub/scm/linux/kernel/git/rostedt/linux-trace · cf4f493b
      Linus Torvalds authored
      Pull tracing fixes from Steven Rostedt:
       "A few more tracing fixes:
      
         - Fix a buffer overflow by checking nr_args correctly in probes
      
         - Fix a warning that is reported by clang
      
         - Fix a possible memory leak in error path of filter processing
      
         - Fix the selftest that checks for failures, but wasn't failing
      
         - Minor clean up on call site output of a memory trace event"
      
      * tag 'trace-v5.4-3' of git://git.kernel.org/pub/scm/linux/kernel/git/rostedt/linux-trace:
        selftests/ftrace: Fix same probe error test
        mm, tracing: Print symbol name for call_site in trace events
        tracing: Have error path in predicate_parse() free its allocated memory
        tracing: Fix clang -Wint-in-bool-context warnings in IF_ASSIGN macro
        tracing/probe: Fix to check the difference of nr_args before adding probe
      cf4f493b
    • Linus Torvalds's avatar
      Merge tag 'mmc-v5.4-2' of git://git.kernel.org/pub/scm/linux/kernel/git/ulfh/mmc · c710364f
      Linus Torvalds authored
      Pull more MMC updates from Ulf Hansson:
       "A couple more updates/fixes for MMC:
      
         - sdhci-pci: Add Genesys Logic GL975x support
      
         - sdhci-tegra: Recover loss in throughput for DMA
      
         - sdhci-of-esdhc: Fix DMA bug"
      
      * tag 'mmc-v5.4-2' of git://git.kernel.org/pub/scm/linux/kernel/git/ulfh/mmc:
        mmc: host: sdhci-pci: Add Genesys Logic GL975x support
        mmc: tegra: Implement ->set_dma_mask()
        mmc: sdhci: Let drivers define their DMA mask
        mmc: sdhci-of-esdhc: set DMA snooping based on DMA coherence
        mmc: sdhci: improve ADMA error reporting
      c710364f
    • Krzysztof Wilczynski's avatar
      csky: Move static keyword to the front of declaration · 9af032a3
      Krzysztof Wilczynski authored
      Move the static keyword to the front of declaration of
      csky_pmu_of_device_ids, and resolve the following compiler
      warning that can be seen when building with warnings
      enabled (W=1):
      
      arch/csky/kernel/perf_event.c:1340:1: warning:
        ‘static’ is not at beginning of declaration [-Wold-style-declaration]
      Signed-off-by: default avatarKrzysztof Wilczynski <kw@linux.com>
      Signed-off-by: default avatarGuo Ren <guoren@kernel.org>
      9af032a3
    • Valentin Schneider's avatar
      csky: entry: Remove unneeded need_resched() loop · a2139d3b
      Valentin Schneider authored
      Since the enabling and disabling of IRQs within preempt_schedule_irq()
      is contained in a need_resched() loop, we don't need the outer arch
      code loop.
      Signed-off-by: default avatarValentin Schneider <valentin.schneider@arm.com>
      Signed-off-by: default avatarGuo Ren <guoren@kernel.org>
      a2139d3b
    • Linus Torvalds's avatar
      Merge tag 'char-misc-5.4-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/char-misc · 97f9a3c4
      Linus Torvalds authored
      Pull Documentation/process update from Greg KH:
       "Here are two small Documentation/process/embargoed-hardware-issues.rst
        file updates that missed my previous char/misc pull request.
      
        The first one adds an Intel representative for the process, and the
        second one cleans up the text a bit more when it comes to how the
        disclosure rules work, as it was a bit confusing to some companies"
      
      * tag 'char-misc-5.4-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/char-misc:
        Documentation/process: Clarify disclosure rules
        Documentation/process: Volunteer as the ambassador for Intel
      97f9a3c4
    • Linus Torvalds's avatar
      Merge branch 'work.misc' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs · 1eb80d6f
      Linus Torvalds authored
      Pull more vfs updates from Al Viro:
       "A couple of misc patches"
      
      * 'work.misc' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs:
        afs dynroot: switch to simple_dir_operations
        fs/handle.c - fix up kerneldoc
      1eb80d6f
    • Linus Torvalds's avatar
      Merge tag '5.4-rc-smb3-fixes' of git://git.samba.org/sfrench/cifs-2.6 · 7edee522
      Linus Torvalds authored
      Pull more cifs updates from Steve French:
       "Fixes from the recent SMB3 Test events and Storage Developer
        Conference (held the last two weeks).
      
        Here are nine smb3 patches including an important patch for debugging
        traces with wireshark, with three patches marked for stable.
      
        Additional fixes from last week to better handle some newly discovered
        reparse points, and a fix the create/mkdir path for setting the mode
        more atomically (in SMB3 Create security descriptor context), and one
        for path name processing are still being tested so are not included
        here"
      
      * tag '5.4-rc-smb3-fixes' of git://git.samba.org/sfrench/cifs-2.6:
        CIFS: Fix oplock handling for SMB 2.1+ protocols
        smb3: missing ACL related flags
        smb3: pass mode bits into create calls
        smb3: Add missing reparse tags
        CIFS: fix max ea value size
        fs/cifs/sess.c: Remove set but not used variable 'capabilities'
        fs/cifs/smb2pdu.c: Make SMB2_notify_init static
        smb3: fix leak in "open on server" perf counter
        smb3: allow decryption keys to be dumped by admin for debugging
      7edee522
    • Mao Han's avatar
      csky: Fixup csky_pmu.max_period assignment · 3a09d8e2
      Mao Han authored
      The csky_pmu.max_period has type u64, and BIT() can only return
      32 bits unsigned long on C-SKY. The initialization for max_period
      will be incorrect when count_width is bigger than 32.
      
      Use BIT_ULL()
      Signed-off-by: default avatarMao Han <han_mao@c-sky.com>
      Signed-off-by: default avatarGuo Ren <ren_guo@c-sky.com>
      3a09d8e2
    • Guo Ren's avatar
      csky: Fixup add zero_fp fixup perf backtrace panic · 48ede51f
      Guo Ren authored
      We need set fp zero to let backtrace know the end. The patch fixup perf
      callchain panic problem, because backtrace didn't know what is the end
      of fp.
      Signed-off-by: default avatarGuo Ren <ren_guo@c-sky.com>
      Reported-by: default avatarMao Han <han_mao@c-sky.com>
      48ede51f
    • Mike Rapoport's avatar
      csky: Use generic free_initrd_mem() · fdbdcddc
      Mike Rapoport authored
      The csky implementation of free_initrd_mem() is an open-coded version of
      free_reserved_area() without poisoning.
      
      Remove it and make csky use the generic version of free_initrd_mem().
      Signed-off-by: default avatarMike Rapoport <rppt@linux.ibm.com>
      Signed-off-by: default avatarGuo Ren <guoren@kernel.org>
      fdbdcddc
    • Linus Torvalds's avatar
      Merge branch 'entropy' · 3f2dc279
      Linus Torvalds authored
      Merge active entropy generation updates.
      
      This is admittedly partly "for discussion".  We need to have a way
      forward for the boot time deadlocks where user space ends up waiting for
      more entropy, but no entropy is forthcoming because the system is
      entirely idle just waiting for something to happen.
      
      While this was triggered by what is arguably a user space bug with
      GDM/gnome-session asking for secure randomness during early boot, when
      they didn't even need any such truly secure thing, the issue ends up
      being that our "getrandom()" interface is prone to that kind of
      confusion, because people don't think very hard about whether they want
      to block for sufficient amounts of entropy.
      
      The approach here-in is to decide to not just passively wait for entropy
      to happen, but to start actively collecting it if it is missing.  This
      is not necessarily always possible, but if the architecture has a CPU
      cycle counter, there is a fair amount of noise in the exact timings of
      reasonably complex loads.
      
      We may end up tweaking the load and the entropy estimates, but this
      should be at least a reasonable starting point.
      
      As part of this, we also revert the revert of the ext4 IO pattern
      improvement that ended up triggering the reported lack of external
      entropy.
      
      * getrandom() active entropy waiting:
        Revert "Revert "ext4: make __ext4_get_inode_loc plug""
        random: try to actively add entropy rather than passively wait for it
      3f2dc279
    • Linus Torvalds's avatar
      Revert "Revert "ext4: make __ext4_get_inode_loc plug"" · 02f03c42
      Linus Torvalds authored
      This reverts commit 72dbcf72.
      
      Instead of waiting forever for entropy that may just not happen, we now
      try to actively generate entropy when required, and are thus hopefully
      avoiding the problem that caused the nice ext4 IO pattern fix to be
      reverted.
      
      So revert the revert.
      
      Cc: Ahmed S. Darwish <darwish.07@gmail.com>
      Cc: Ted Ts'o <tytso@mit.edu>
      Cc: Willy Tarreau <w@1wt.eu>
      Cc: Alexander E. Patrakov <patrakov@gmail.com>
      Signed-off-by: default avatarLinus Torvalds <torvalds@linux-foundation.org>
      02f03c42
    • Linus Torvalds's avatar
      random: try to actively add entropy rather than passively wait for it · 50ee7529
      Linus Torvalds authored
      For 5.3 we had to revert a nice ext4 IO pattern improvement, because it
      caused a bootup regression due to lack of entropy at bootup together
      with arguably broken user space that was asking for secure random
      numbers when it really didn't need to.
      
      See commit 72dbcf72 (Revert "ext4: make __ext4_get_inode_loc plug").
      
      This aims to solve the issue by actively generating entropy noise using
      the CPU cycle counter when waiting for the random number generator to
      initialize.  This only works when you have a high-frequency time stamp
      counter available, but that's the case on all modern x86 CPU's, and on
      most other modern CPU's too.
      
      What we do is to generate jitter entropy from the CPU cycle counter
      under a somewhat complex load: calling the scheduler while also
      guaranteeing a certain amount of timing noise by also triggering a
      timer.
      
      I'm sure we can tweak this, and that people will want to look at other
      alternatives, but there's been a number of papers written on jitter
      entropy, and this should really be fairly conservative by crediting one
      bit of entropy for every timer-induced jump in the cycle counter.  Not
      because the timer itself would be all that unpredictable, but because
      the interaction between the timer and the loop is going to be.
      
      Even if (and perhaps particularly if) the timer actually happens on
      another CPU, the cacheline interaction between the loop that reads the
      cycle counter and the timer itself firing is going to add perturbations
      to the cycle counter values that get mixed into the entropy pool.
      
      As Thomas pointed out, with a modern out-of-order CPU, even quite simple
      loops show a fair amount of hard-to-predict timing variability even in
      the absense of external interrupts.  But this tries to take that further
      by actually having a fairly complex interaction.
      
      This is not going to solve the entropy issue for architectures that have
      no CPU cycle counter, but it's not clear how (and if) that is solvable,
      and the hardware in question is largely starting to be irrelevant.  And
      by doing this we can at least avoid some of the even more contentious
      approaches (like making the entropy waiting time out in order to avoid
      the possibly unbounded waiting).
      
      Cc: Ahmed Darwish <darwish.07@gmail.com>
      Cc: Thomas Gleixner <tglx@linutronix.de>
      Cc: Theodore Ts'o <tytso@mit.edu>
      Cc: Nicholas Mc Guire <hofrat@opentech.at>
      Cc: Andy Lutomirski <luto@kernel.org>
      Cc: Kees Cook <keescook@chromium.org>
      Cc: Willy Tarreau <w@1wt.eu>
      Cc: Alexander E. Patrakov <patrakov@gmail.com>
      Cc: Lennart Poettering <mzxreary@0pointer.de>
      Signed-off-by: default avatarLinus Torvalds <torvalds@linux-foundation.org>
      50ee7529
  12. 29 Sep, 2019 2 commits