Re: [PATCH v2 05/10] random: group crng functions

From: Dominik Brodowski
Date: Sun Feb 13 2022 - 01:57:24 EST

Next message: Dominik Brodowski: "Re: [PATCH 1/3] random: unify early init crng load accounting"
Previous message: Dominik Brodowski: "Re: [PATCH 2/3] random: check for crng_init == 0, not crng_ready() in add_device_randomness()"
In reply to: Jason A. Donenfeld: "[PATCH v2 05/10] random: group crng functions"
Next in thread: Jason A. Donenfeld: "Re: [PATCH v2 05/10] random: group crng functions"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

> @@ -724,54 +563,433 @@ static void crng_make_state(u32 chacha_state[CHACHA_STATE_WORDS],
> local_unlock_irqrestore(&crngs.lock, flags);
> }
>
> -static ssize_t get_random_bytes_user(void __user *buf, size_t nbytes)
> +/*
> + * This function is for crng_init < 2 only.

No, it's for crng_init == 0 only.

> +/*
> + * This function is for crng_init < 2 only.

Same here.

> + * Batched entropy returns random integers. The quality of the random
> + * number is good as /dev/urandom. In order to ensure that the randomness

/dev/random

> +size_t __must_check get_random_bytes_arch(void *buf, size_t nbytes)

Sidenote: We should get rid of the sole caller of that function, and then of
this function. AFAICS, using get_random_bytes() (once rand_initialize() has
been called) should never be less secure than get_random_bytes_arch() IFF
arch_get_random_long() exists -- which is what the sole caller seems to be
interested in.

Otherwise, all looks good. Thanks,

Dominik

Next message: Dominik Brodowski: "Re: [PATCH 1/3] random: unify early init crng load accounting"
Previous message: Dominik Brodowski: "Re: [PATCH 2/3] random: check for crng_init == 0, not crng_ready() in add_device_randomness()"
In reply to: Jason A. Donenfeld: "[PATCH v2 05/10] random: group crng functions"
Next in thread: Jason A. Donenfeld: "Re: [PATCH v2 05/10] random: group crng functions"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]