tjh.dev / kernel
Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
kernel os linux
1
fork

Configure Feed

Select the types of activity you want to include in your feed.

crypto: jitterentropy - replace long-held spinlock with mutex

jent_kcapi_random() serializes the shared jitterentropy state, but it
currently holds a spinlock across the jent_read_entropy() call. That
path performs expensive jitter collection and SHA3 conditioning, so
parallel readers can trigger stalls as contending waiters spin for
the same lock.

To prevent non-preemptible lock hold, replace rng->jent_lock with a
mutex so contended readers sleep instead of spinning on a shared lock
held across expensive entropy generation.

Fixes: bb5530e40824 ("crypto: jitterentropy - add jitterentropy RNG")
Reported-by: Yifan Wu <yifanwucs@gmail.com>
Reported-by: Juefei Pu <tomapufckgml@gmail.com>
Reported-by: Yuan Tan <yuantan098@gmail.com>
Suggested-by: Xin Liu <bird@lzu.edu.cn>
Signed-off-by: Haixin Xu <jerryxucs@gmail.com>
Reviewed-by: Stephan Mueller <smueller@chronox.de>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>

authored by

Haixin Xu and committed by
Herbert Xu 01d798e9 06c42142

+7 -7
+7 -7
crypto/jitterentropy-kcapi.c
··· 42 42 #include <linux/fips.h> 43 43 #include <linux/kernel.h> 44 44 #include <linux/module.h> 45 + #include <linux/mutex.h> 45 46 #include <linux/slab.h> 46 47 #include <linux/time.h> 47 48 #include <crypto/internal/rng.h> ··· 194 193 ***************************************************************************/ 195 194 196 195 struct jitterentropy { 197 - spinlock_t jent_lock; 196 + struct mutex jent_lock; 198 197 struct rand_data *entropy_collector; 199 198 struct crypto_shash *tfm; 200 199 struct shash_desc *sdesc; ··· 204 203 { 205 204 struct jitterentropy *rng = crypto_tfm_ctx(tfm); 206 205 207 - spin_lock(&rng->jent_lock); 206 + mutex_lock(&rng->jent_lock); 208 207 209 208 if (rng->sdesc) { 210 209 shash_desc_zero(rng->sdesc); ··· 219 218 if (rng->entropy_collector) 220 219 jent_entropy_collector_free(rng->entropy_collector); 221 220 rng->entropy_collector = NULL; 222 - spin_unlock(&rng->jent_lock); 221 + mutex_unlock(&rng->jent_lock); 223 222 } 224 223 225 224 static int jent_kcapi_init(struct crypto_tfm *tfm) ··· 229 228 struct shash_desc *sdesc; 230 229 int size, ret = 0; 231 230 232 - spin_lock_init(&rng->jent_lock); 231 + mutex_init(&rng->jent_lock); 233 232 234 233 /* Use SHA3-256 as conditioner */ 235 234 hash = crypto_alloc_shash(JENT_CONDITIONING_HASH, 0, 0); ··· 258 257 goto err; 259 258 } 260 259 261 - spin_lock_init(&rng->jent_lock); 262 260 return 0; 263 261 264 262 err: ··· 272 272 struct jitterentropy *rng = crypto_rng_ctx(tfm); 273 273 int ret = 0; 274 274 275 - spin_lock(&rng->jent_lock); 275 + mutex_lock(&rng->jent_lock); 276 276 277 277 ret = jent_read_entropy(rng->entropy_collector, rdata, dlen); 278 278 ··· 298 298 ret = -EINVAL; 299 299 } 300 300 301 - spin_unlock(&rng->jent_lock); 301 + mutex_unlock(&rng->jent_lock); 302 302 303 303 return ret; 304 304 }