linux/crypto
Nicolai Stange 262d83a429 crypto: drbg - move dynamic ->reseed_threshold adjustments to __drbg_seed()
Since commit 42ea507fae ("crypto: drbg - reseed often if seedsource is
degraded"), the maximum seed lifetime represented by ->reseed_threshold
gets temporarily lowered if the get_random_bytes() source cannot provide
sufficient entropy yet, as is common during boot, and restored back to
the original value again once that has changed.

More specifically, if the add_random_ready_callback() invoked from
drbg_prepare_hrng() in the course of DRBG instantiation does not return
-EALREADY, that is, if get_random_bytes() has not been fully initialized
at this point yet, drbg_prepare_hrng() will lower ->reseed_threshold
to a value of 50. The drbg_async_seed() scheduled from said
random_ready_callback will eventually restore the original value.

A future patch will replace the random_ready_callback based notification
mechanism and thus, there will be no add_random_ready_callback() return
value anymore which could get compared to -EALREADY.

However, there's __drbg_seed() which gets invoked in the course of both,
the DRBG instantiation as well as the eventual reseeding from
get_random_bytes() in aforementioned drbg_async_seed(), if any. Moreover,
it knows about the get_random_bytes() initialization state by the time the
seed data had been obtained from it: the new_seed_state argument introduced
with the previous patch would get set to DRBG_SEED_STATE_PARTIAL in case
get_random_bytes() had not been fully initialized yet and to
DRBG_SEED_STATE_FULL otherwise. Thus, __drbg_seed() provides a convenient
alternative for managing that ->reseed_threshold lowering and restoring at
a central place.

Move all ->reseed_threshold adjustment code from drbg_prepare_hrng() and
drbg_async_seed() respectively to __drbg_seed(). Make __drbg_seed()
lower the ->reseed_threshold to 50 in case its new_seed_state argument
equals DRBG_SEED_STATE_PARTIAL and let it restore the original value
otherwise.

There is no change in behaviour.

Signed-off-by: Nicolai Stange <nstange@suse.de>
Reviewed-by: Stephan Müller <smueller@chronox.de>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2021-11-26 16:16:49 +11:00
..
asymmetric_keys certs: Add support for using elliptic curve keys for signing modules 2021-08-23 19:55:42 +03:00
async_tx async_xor: check src_offs is not NULL before updating it 2021-06-10 19:40:14 -07:00
842.c
acompress.c crypto: api - permit users to specify numa node of acomp hardware 2020-07-09 18:25:23 +10:00
adiantum.c crypto: remove cipher routines from public crypto API 2021-01-03 08:41:35 +11:00
aead.c crypto: algapi - enforce that all instances have a ->free() method 2020-01-09 11:30:58 +08:00
aegis128-core.c crypto: aegis128 - Move simd prototypes into aegis.h 2021-03-19 21:59:45 +11:00
aegis128-neon-inner.c crypto: aegis128/neon - move final tag check to SIMD domain 2020-11-27 17:13:40 +11:00
aegis128-neon.c crypto: aegis128 - Move simd prototypes into aegis.h 2021-03-19 21:59:45 +11:00
aegis.h crypto: aegis128 - Move simd prototypes into aegis.h 2021-03-19 21:59:45 +11:00
aes_generic.c crypto: remove CRYPTO_TFM_RES_BAD_KEY_LEN 2020-01-09 11:30:53 +08:00
aes_ti.c crypto: aes - create AES library based on the fixed time AES code 2019-07-26 14:55:33 +10:00
af_alg.c fs: get rid of the res2 iocb->ki_complete argument 2021-10-25 10:36:24 -06:00
ahash.c crypto: ahash - Add init_tfm/exit_tfm 2020-08-28 16:58:28 +10:00
akcipher.c crypto: algapi - enforce that all instances have a ->free() method 2020-01-09 11:30:58 +08:00
algapi.c crypto: api - Fix boot-up crash when crypto manager is disabled 2021-11-09 13:45:48 +08:00
algboss.c crypto: api - remove CRYPTOA_U32 and related functions 2021-06-17 15:07:31 +08:00
algif_aead.c crypto: algif_aead - Do not set MAY_BACKLOG on the async path 2020-08-21 14:45:27 +10:00
algif_hash.c net: make ->{get,set}sockopt in proto_ops optional 2020-07-19 18:16:41 -07:00
algif_rng.c crypto: af_alg - add extra parameters for DRBG interface 2020-09-25 17:48:52 +10:00
algif_skcipher.c crypto: algif_skcipher - EBUSY on aio should be an error 2020-08-21 14:45:26 +10:00
ansi_cprng.c crypto: remove cipher routines from public crypto API 2021-01-03 08:41:35 +11:00
anubis.c crypto: remove CRYPTO_TFM_RES_BAD_KEY_LEN 2020-01-09 11:30:53 +08:00
api.c crypto: api - Do not create test larvals if manager is disabled 2021-10-29 21:04:02 +08:00
arc4.c crypto: arc4 - mark ecb(arc4) skcipher as obsolete 2020-09-11 14:39:16 +10:00
authenc.c crypto: algapi - use common mechanism for inheriting flags 2020-07-16 21:49:08 +10:00
authencesn.c crypto: algapi - use common mechanism for inheriting flags 2020-07-16 21:49:08 +10:00
blake2b_generic.c crypto: blake2b - update file comment 2021-01-03 08:41:39 +11:00
blake2s_generic.c crypto: blake2s - share the "shash" API boilerplate code 2021-01-03 08:41:38 +11:00
blowfish_common.c
blowfish_generic.c crypto: blowfish - use unaligned accessors instead of alignmask 2021-02-10 17:55:56 +11:00
camellia_generic.c crypto: camellia - use unaligned accessors instead of alignmask 2021-02-10 17:55:56 +11:00
cast5_generic.c crypto: cast5 - use unaligned accessors instead of alignmask 2021-02-10 17:55:56 +11:00
cast6_generic.c crypto: cast6 - use unaligned accessors instead of alignmask 2021-02-10 17:55:56 +11:00
cast_common.c
cbc.c crypto: remove cipher routines from public crypto API 2021-01-03 08:41:35 +11:00
ccm.c crypto: remove cipher routines from public crypto API 2021-01-03 08:41:35 +11:00
cfb.c crypto: remove cipher routines from public crypto API 2021-01-03 08:41:35 +11:00
chacha20poly1305.c crypto: algapi - use common mechanism for inheriting flags 2020-07-16 21:49:08 +10:00
chacha_generic.c crypto: chacha_generic - remove unnecessary setkey() functions 2019-11-22 18:48:39 +08:00
cipher.c crypto: remove cipher routines from public crypto API 2021-01-03 08:41:35 +11:00
cmac.c crypto: remove cipher routines from public crypto API 2021-01-03 08:41:35 +11:00
compress.c crypto: compress - remove crt_u.compress (struct compress_tfm) 2019-12-11 16:37:01 +08:00
crc32_generic.c crypto: crc32-generic - Use SPDX-License-Identifier 2021-04-16 21:24:27 +10:00
crc32c_generic.c crypto: crc32c_generic - delete and fix duplicated words 2020-08-21 14:45:25 +10:00
crct10dif_common.c
crct10dif_generic.c crypto: crct10dif_generic - fix duplicated words 2020-08-21 14:45:25 +10:00
cryptd.c crypto: algapi - use common mechanism for inheriting flags 2020-07-16 21:49:08 +10:00
crypto_engine.c crypto: engine - Add KPP Support to Crypto Engine 2021-10-29 21:04:03 +08:00
crypto_null.c Merge branch 'linus' of git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6 2019-07-08 20:57:08 -07:00
crypto_user_base.c crypto: algapi - make unregistration functions return void 2019-12-20 14:58:35 +08:00
crypto_user_stat.c crypto: skcipher - remove the "blkcipher" algorithm type 2019-11-01 13:38:32 +08:00
ctr.c crypto: remove cipher routines from public crypto API 2021-01-03 08:41:35 +11:00
cts.c crypto: algapi - use common mechanism for inheriting flags 2020-07-16 21:49:08 +10:00
curve25519-generic.c crypto: curve25519 - implement generic KPP driver 2019-11-17 09:02:43 +08:00
deflate.c mm, treewide: rename kzfree() to kfree_sensitive() 2020-08-07 11:33:22 -07:00
des_generic.c crypto: remove CRYPTO_TFM_RES_WEAK_KEY 2020-01-09 11:30:53 +08:00
dh_helper.c
dh.c crypto: dh - SP800-56A rev 3 local public key validation 2020-07-31 18:08:59 +10:00
drbg.c crypto: drbg - move dynamic ->reseed_threshold adjustments to __drbg_seed() 2021-11-26 16:16:49 +11:00
ecb.c crypto: remove cipher routines from public crypto API 2021-01-03 08:41:35 +11:00
ecc_curve_defs.h Merge branch 'ecc' 2021-03-26 19:55:55 +11:00
ecc.c crypto: ecc - Export additional helper functions 2021-10-29 21:04:03 +08:00
ecdh_helper.c crypto: ecdh - move curve_id of ECDH from the key to algorithm name 2021-03-13 00:04:03 +11:00
ecdh.c crypto: ecc - Move ecc.h to include/crypto/internal 2021-10-29 21:04:03 +08:00
ecdsa.c crypto: ecc - Move ecc.h to include/crypto/internal 2021-10-29 21:04:03 +08:00
ecdsasignature.asn1 crypto: ecdsa - Add support for ECDSA signature verification 2021-03-26 19:41:58 +11:00
echainiv.c crypto: geniv - remove unneeded arguments from aead_geniv_alloc() 2020-07-16 21:49:07 +10:00
ecrdsa_defs.h crypto: ecc - Move ecc.h to include/crypto/internal 2021-10-29 21:04:03 +08:00
ecrdsa_params.asn1
ecrdsa_pub_key.asn1
ecrdsa.c crypto: ecc - Move ecc.h to include/crypto/internal 2021-10-29 21:04:03 +08:00
essiv.c crypto: remove cipher routines from public crypto API 2021-01-03 08:41:35 +11:00
fcrypt.c crypto: fcrypt - Remove 'do while(0)' loop for single statement macro 2021-04-02 18:28:13 +11:00
fips.c crypto: fips - add FIPS test failure notification chain 2019-07-26 14:51:57 +10:00
gcm.c mm, treewide: rename kzfree() to kfree_sensitive() 2020-08-07 11:33:22 -07:00
geniv.c crypto: algapi - use common mechanism for inheriting flags 2020-07-16 21:49:08 +10:00
gf128mul.c mm, treewide: rename kzfree() to kfree_sensitive() 2020-08-07 11:33:22 -07:00
ghash-generic.c crypto: remove CRYPTO_TFM_RES_BAD_KEY_LEN 2020-01-09 11:30:53 +08:00
hash_info.c crypto: rename sm3-256 to sm3 in hash_algo_name 2020-02-18 07:35:49 -05:00
hmac.c crypto: algapi - use common mechanism for inheriting flags 2020-07-16 21:49:08 +10:00
internal.h crypto: api - Fix built-in testing dependency failures 2021-09-24 16:03:05 +08:00
jitterentropy-kcapi.c crypto: algapi - Remove skbuff.h inclusion 2020-08-20 14:04:28 +10:00
jitterentropy.c crypto: jitter - drop kernel-doc notation 2021-09-17 11:05:09 +08:00
jitterentropy.h crypto: jitter - add header to fix buildwarnings 2019-10-18 18:49:40 +11:00
Kconfig crypto: ecc - fix CRYPTO_DEFAULT_RNG dependency 2021-10-01 14:41:23 +08:00
keywrap.c crypto: keywrap - Remove else after break statement 2021-04-02 18:28:13 +11:00
khazad.c crypto: khazad,wp512 - remove leading spaces before tabs 2021-05-28 15:11:44 +08:00
kpp.c
lrw.c crypto: Replace HTTP links with HTTPS ones 2020-07-23 17:34:20 +10:00
lz4.c Merge branch 'linus' of git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6 2019-07-08 20:57:08 -07:00
lz4hc.c Merge branch 'linus' of git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6 2019-07-08 20:57:08 -07:00
lzo-rle.c Merge branch 'linus' of git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6 2019-07-08 20:57:08 -07:00
lzo.c Merge branch 'linus' of git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6 2019-07-08 20:57:08 -07:00
Makefile isystem: delete global -isystem compile option 2021-09-22 09:26:24 +09:00
md4.c
md5.c crypto: md5 - remove unused macros 2020-02-28 08:43:21 +08:00
memneq.c
michael_mic.c crypto: michael_mic - fix broken misalignment handling 2021-02-10 17:55:55 +11:00
nhpoly1305.c crypto: poly1305 - add new 32 and 64-bit generic versions 2020-01-16 15:18:12 +08:00
ofb.c crypto: remove cipher routines from public crypto API 2021-01-03 08:41:35 +11:00
pcbc.c crypto: remove cipher routines from public crypto API 2021-01-03 08:41:35 +11:00
pcrypt.c crypto: pcrypt - Delay write to padata->info 2021-10-29 21:04:04 +08:00
poly1305_generic.c crypto: poly1305 - add new 32 and 64-bit generic versions 2020-01-16 15:18:12 +08:00
proc.c crypto: proc - Removing some useless only space lines 2020-09-25 17:48:15 +10:00
ripemd.h crypto: rmd320 - remove RIPE-MD 320 hash algorithm 2021-01-29 16:07:04 +11:00
rmd160.c Merge branch 'linus' of git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6 2019-07-08 20:57:08 -07:00
rng.c crypto: rng - fix crypto_rng_reset() refcounting when !CRYPTO_STATS 2021-04-02 18:28:12 +11:00
rsa_helper.c
rsa-pkcs1pad.c crypto: algapi - Remove skbuff.h inclusion 2020-08-20 14:04:28 +10:00
rsa.c
rsaprivkey.asn1
rsapubkey.asn1
scatterwalk.c
scompress.c crypto: algapi - make unregistration functions return void 2019-12-20 14:58:35 +08:00
seed.c crypto: seed - remove trailing semicolon in macro definition 2020-12-04 18:13:16 +11:00
seqiv.c mm, treewide: rename kzfree() to kfree_sensitive() 2020-08-07 11:33:22 -07:00
serpent_generic.c crypto: serpent - Fix sparse byte order warnings 2021-03-07 15:13:15 +11:00
sha1_generic.c crypto: sha - split sha.h into sha1.h and sha2.h 2020-11-20 14:45:33 +11:00
sha3_generic.c crypto: Replace HTTP links with HTTPS ones 2020-07-23 17:34:20 +10:00
sha256_generic.c crypto: sha - split sha.h into sha1.h and sha2.h 2020-11-20 14:45:33 +11:00
sha512_generic.c crypto: sha512 - remove imaginary and mystifying clearing of variables 2021-08-27 16:30:19 +08:00
shash.c crypto: shash - avoid comparing pointers to exported functions under CFI 2021-06-17 15:07:31 +08:00
simd.c crypto: algapi - use common mechanism for inheriting flags 2020-07-16 21:49:08 +10:00
skcipher.c crypto: skcipher - in_irq() cleanup 2021-08-21 15:44:58 +08:00
sm2.c crypto: sm2 - fix a memory leak in sm2 2021-06-11 15:03:30 +08:00
sm2signature.asn1 crypto: sm2 - introduce OSCCA SM2 asymmetric cipher algorithm 2020-09-25 17:48:54 +10:00
sm3_generic.c crypto: sm3 - export crypto_sm3_final function 2020-09-25 17:48:53 +10:00
sm4_generic.c crypto: arm64/sm4-ce - Make dependent on sm4 library instead of sm4-generic 2021-07-30 10:58:30 +08:00
streebog_generic.c crypto: streebog - remove two unused variables 2019-08-15 21:52:14 +10:00
tcrypt.c crypto: tcrypt - fix skcipher multi-buffer tests for 1420B blocks 2021-10-22 20:25:03 +08:00
tcrypt.h crypto: tcrypt - Add support for hash speed testing with keys 2020-08-21 14:45:27 +10:00
tea.c Merge branch 'linus' of git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6 2019-07-08 20:57:08 -07:00
testmgr.c crypto: testmgr - Only disable migration in crypto_disable_simd_for_test() 2021-10-08 20:02:46 +08:00
testmgr.h crypto: testmgr - Fix wrong test case of RSA 2021-11-20 15:02:08 +11:00
twofish_common.c crypto: remove CRYPTO_TFM_RES_BAD_KEY_LEN 2020-01-09 11:30:53 +08:00
twofish_generic.c crypto: twofish - use unaligned accessors instead of alignmask 2021-02-10 17:55:57 +11:00
vmac.c crypto: remove cipher routines from public crypto API 2021-01-03 08:41:35 +11:00
wp512.c crypto: wp512 - correct a non-kernel-doc comment 2021-08-12 19:32:17 +08:00
xcbc.c crypto: remove cipher routines from public crypto API 2021-01-03 08:41:35 +11:00
xor.c Merge branch 'linus' of git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6 2021-02-21 17:23:56 -08:00
xts.c crypto: remove cipher routines from public crypto API 2021-01-03 08:41:35 +11:00
xxhash_generic.c crypto: remove CRYPTO_TFM_RES_BAD_KEY_LEN 2020-01-09 11:30:53 +08:00
zstd.c lib: zstd: Add kernel-specific API 2021-11-08 16:55:21 -08:00