diff --git a/backports/v57-4.19.322/README.md b/backports/v57-4.19.322/README.md new file mode 100644 index 0000000..6ac6409 --- /dev/null +++ b/backports/v57-4.19.322/README.md @@ -0,0 +1,13 @@ +# Backport Patches for Kernel 4.19 + +The patches allow applying the LRNG to older kernels. Perform the following +operations: + +1. apply all six-digit patches providing necessary code updates to + required before applying the LRNG patches. + +2. apply all LRNG patches from upstream - note, some hunks are expected + considering the original code base is written for a different kernel version + +3. apply all two-digit patches providing code updates after the LRNG patches + are applied. diff --git a/backports/v57-4.19.322/v57-000001-core.patch b/backports/v57-4.19.322/v57-000001-core.patch new file mode 100644 index 0000000..0809e1b --- /dev/null +++ b/backports/v57-4.19.322/v57-000001-core.patch @@ -0,0 +1,13 @@ +--- linux-5.8/kernel/sched/core.c.orig 2022-05-17 09:59:33.887522471 +0200 ++++ linux-5.8/kernel/sched/core.c 2022-05-17 10:00:18.241509892 +0200 +@@ -6,6 +6,10 @@ + * + * Copyright (C) 1991-2002 Linus Torvalds + */ ++#include ++#include ++#include ++ + #include "sched.h" + + #include diff --git a/backports/v57-4.19.322/v57-000002-jent-backport.patch b/backports/v57-4.19.322/v57-000002-jent-backport.patch new file mode 100644 index 0000000..caf8b0c --- /dev/null +++ b/backports/v57-4.19.322/v57-000002-jent-backport.patch @@ -0,0 +1,67 @@ +diff -urNp linux-4.19.orig/crypto/jitterentropy.c linux-4.19/crypto/jitterentropy.c +--- linux-4.19.orig/crypto/jitterentropy.c 2020-08-20 12:33:37.584860610 +0200 ++++ linux-4.19/crypto/jitterentropy.c 2020-08-20 12:44:34.654746533 +0200 +@@ -110,13 +110,7 @@ struct rand_data { + * Helper functions + ***************************************************************************/ + +-void jent_get_nstime(__u64 *out); +-__u64 jent_rol64(__u64 word, unsigned int shift); +-void *jent_zalloc(unsigned int len); +-void jent_zfree(void *ptr); +-int jent_fips_enabled(void); +-void jent_panic(char *s); +-void jent_memcpy(void *dest, const void *src, unsigned int n); ++#include "jitterentropy.h" + + /** + * Update of the loop count used for the next round of +@@ -418,6 +412,7 @@ static __u64 jent_unbiased_bit(struct ra + * Input: + * @entropy_collector Reference to entropy collector + */ ++__u64 jent_rol64(__u64 word, unsigned int shift); + static void jent_stir_pool(struct rand_data *entropy_collector) + { + /* +diff -urNp linux-4.19.orig/crypto/jitterentropy.h linux-4.19/crypto/jitterentropy.h +--- linux-4.19.orig/crypto/jitterentropy.h 1970-01-01 01:00:00.000000000 +0100 ++++ linux-4.19/crypto/jitterentropy.h 2020-08-20 12:44:34.654746533 +0200 +@@ -0,0 +1,19 @@ ++// SPDX-License-Identifier: GPL-2.0-or-later ++ ++typedef unsigned long long __u64; ++ ++extern void *jent_zalloc(unsigned int len); ++extern void jent_zfree(void *ptr); ++extern int jent_fips_enabled(void); ++extern void jent_panic(char *s); ++extern void jent_memcpy(void *dest, const void *src, unsigned int n); ++extern void jent_get_nstime(__u64 *out); ++ ++struct rand_data; ++extern int jent_entropy_init(void); ++extern int jent_read_entropy(struct rand_data *ec, unsigned char *data, ++ unsigned int len); ++ ++extern struct rand_data *jent_entropy_collector_alloc(unsigned int osr, ++ unsigned int flags); ++extern void jent_entropy_collector_free(struct rand_data *entropy_collector); +diff -urNp linux-4.19.orig/crypto/jitterentropy-kcapi.c linux-4.19/crypto/jitterentropy-kcapi.c +--- linux-4.19.orig/crypto/jitterentropy-kcapi.c 2020-08-20 12:33:37.583860598 +0200 ++++ linux-4.19/crypto/jitterentropy-kcapi.c 2020-08-20 12:44:34.653746522 +0200 +@@ -44,13 +44,7 @@ + #include + #include + +-struct rand_data; +-int jent_read_entropy(struct rand_data *ec, unsigned char *data, +- unsigned int len); +-int jent_entropy_init(void); +-struct rand_data *jent_entropy_collector_alloc(unsigned int osr, +- unsigned int flags); +-void jent_entropy_collector_free(struct rand_data *entropy_collector); ++#include "jitterentropy.h" + + /*************************************************************************** + * Helper function diff --git a/backports/v57-4.19.322/v57-000004-sha1.patch b/backports/v57-4.19.322/v57-000004-sha1.patch new file mode 100644 index 0000000..db2d97d --- /dev/null +++ b/backports/v57-4.19.322/v57-000004-sha1.patch @@ -0,0 +1,18 @@ +--- linux-4.19/include/crypto/sha.h.lrng13 2020-08-13 22:06:20.353827574 -0600 ++++ linux-4.19/include/crypto/sha.h 2020-08-13 22:18:18.678469365 -0600 +@@ -112,4 +112,15 @@ + + extern int crypto_sha512_finup(struct shash_desc *desc, const u8 *data, + unsigned int len, u8 *hash); ++ ++/* ++ * An implementation of SHA-1's compression function. Don't use in new code! ++ * You shouldn't be using SHA-1, and even if you *have* to use SHA-1, this isn't ++ * the correct way to hash something with SHA-1 (use crypto_shash instead). ++ */ ++#define SHA1_DIGEST_WORDS (SHA1_DIGEST_SIZE / 4) ++#define SHA1_WORKSPACE_WORDS 16 ++void sha_init(__u32 *buf); ++void sha_transform(__u32 *digest, const char *data, __u32 *W); ++ + #endif diff --git a/backports/v57-4.19.322/v57-01-core.patch b/backports/v57-4.19.322/v57-01-core.patch new file mode 100644 index 0000000..cd1ee30 --- /dev/null +++ b/backports/v57-4.19.322/v57-01-core.patch @@ -0,0 +1,12 @@ +--- linux-5.15/kernel/sched/core.c.orig 2022-05-17 08:10:20.541904807 +0200 ++++ linux-5.15/kernel/sched/core.c 2022-05-17 08:10:31.720932544 +0200 +@@ -7,9 +7,6 @@ + * Copyright (C) 1991-2002 Linus Torvalds + */ + #include +-#include +-#include +-#include + + #define CREATE_TRACE_POINTS + #include diff --git a/backports/v57-4.19.322/v57-03-revert-arch_get_random_long.patch b/backports/v57-4.19.322/v57-03-revert-arch_get_random_long.patch new file mode 100644 index 0000000..c62d28d --- /dev/null +++ b/backports/v57-4.19.322/v57-03-revert-arch_get_random_long.patch @@ -0,0 +1,68 @@ +diff --git a/drivers/char/lrng/lrng_es_cpu.c b/drivers/char/lrng/lrng_es_cpu.c +index f982cc31df4e..3910108cfd08 100644 +--- a/drivers/char/lrng/lrng_es_cpu.c ++++ b/drivers/char/lrng/lrng_es_cpu.c +@@ -65,8 +65,7 @@ static u32 lrng_cpu_poolsize(void) + + static u32 lrng_get_cpu_data(u8 *outbuf, u32 requested_bits) + { +- size_t longs = 0; +- u32 i, req = requested_bits >> 3; ++ u32 i; + + /* operate on full blocks */ + BUILD_BUG_ON(LRNG_DRNG_SECURITY_STRENGTH_BYTES % sizeof(unsigned long)); +@@ -74,14 +73,10 @@ static u32 lrng_get_cpu_data(u8 *outbuf, u32 requested_bits) + /* ensure we have aligned buffers */ + BUILD_BUG_ON(LRNG_KCAPI_ALIGN % sizeof(unsigned long)); + +- for (i = 0; i < req; i += longs) { +- longs = arch_get_random_seed_longs( +- (unsigned long *)(outbuf + i), req - i); +- if (longs) +- continue; +- longs = arch_get_random_longs((unsigned long *)(outbuf + i), +- req - i); +- if (!longs) { ++ for (i = 0; i < (requested_bits >> 3); ++ i += sizeof(unsigned long)) { ++ if (!arch_get_random_seed_long((unsigned long *)(outbuf + i)) && ++ !arch_get_random_long((unsigned long *)(outbuf + i))) { + cpu_entropy = 0; + return 0; + } +@@ -180,7 +175,7 @@ static u32 lrng_cpu_multiplier(void) + if (data_multiplier > 0) + return data_multiplier; + +- if (IS_ENABLED(CONFIG_X86) && !arch_get_random_seed_longs(&v, 1)) { ++ if (IS_ENABLED(CONFIG_X86) && !arch_get_random_seed_long(&v)) { + /* + * Intel SPEC: pulling 512 blocks from RDRAND ensures + * one reseed making it logically equivalent to RDSEED. +--- linux-5.15.86/drivers/char/lrng/lrng_es_mgr.c.orig2 2023-01-07 21:18:49.376364123 +0100 ++++ linux-5.15.86/drivers/char/lrng/lrng_es_mgr.c 2023-01-07 21:19:44.168291522 +0100 +@@ -376,19 +376,12 @@ void __init lrng_rand_initialize_early(v + sizeof(unsigned long))]; + struct new_utsname utsname; + } seed __aligned(LRNG_KCAPI_ALIGN); +- size_t longs = 0; + unsigned int i; + +- for (i = 0; i < ARRAY_SIZE(seed.data); i += longs) { +- longs = arch_get_random_seed_longs(seed.data + i, +- ARRAY_SIZE(seed.data) - i); +- if (longs) +- continue; +- longs = arch_get_random_longs(seed.data + i, +- ARRAY_SIZE(seed.data) - i); +- if (longs) +- continue; +- longs = 1; ++ for (i = 0; i < ARRAY_SIZE(seed.data); i++) { ++ if (!arch_get_random_seed_long_early(&(seed.data[i])) && ++ !arch_get_random_long_early(&seed.data[i])) ++ seed.data[i] = random_get_entropy(); + } + memcpy(&seed.utsname, init_utsname(), sizeof(*(init_utsname()))); + diff --git a/backports/v57-4.19.322/v57-05-sysctl.patch b/backports/v57-4.19.322/v57-05-sysctl.patch new file mode 100644 index 0000000..459c4eb --- /dev/null +++ b/backports/v57-4.19.322/v57-05-sysctl.patch @@ -0,0 +1,21 @@ +--- linux-5.15/drivers/char/lrng/lrng_sysctl.c.orig 2022-05-17 08:35:09.958660325 +0200 ++++ linux-5.15/drivers/char/lrng/lrng_sysctl.c 2022-05-17 08:36:17.829818950 +0200 +@@ -91,7 +91,7 @@ void lrng_sysctl_update_max_write_thresh + mb(); + } + +-static struct ctl_table random_table[] = { ++struct ctl_table random_table[] = { + { + .procname = "poolsize", + .maxlen = sizeof(int), +@@ -137,9 +137,3 @@ static struct ctl_table random_table[] = + { } + }; + +-static int __init random_sysctls_init(void) +-{ +- register_sysctl_init("kernel/random", random_table); +- return 0; +-} +-device_initcall(random_sysctls_init); diff --git a/backports/v57-4.19.322/v57-06-add_random_ready_callbacks.patch b/backports/v57-4.19.322/v57-06-add_random_ready_callbacks.patch new file mode 100644 index 0000000..2ef745c --- /dev/null +++ b/backports/v57-4.19.322/v57-06-add_random_ready_callbacks.patch @@ -0,0 +1,176 @@ +--- linux-5.18.8/drivers/char/lrng/lrng_es_mgr.c.orig 2022-08-01 09:35:07.227572096 +0200 ++++ linux-5.18.8/drivers/char/lrng/lrng_es_mgr.c 2022-08-01 09:31:18.926127936 +0200 +@@ -218,6 +218,7 @@ static void lrng_set_operational(void) + */ + if (lrng_state.lrng_fully_seeded) { + lrng_state.lrng_operational = true; ++ lrng_process_ready_list(); + lrng_init_wakeup(); + pr_info("LRNG fully operational\n"); + } +--- linux-5.18.8/drivers/char/lrng/lrng_interface_random_kernel.c.orig 2022-08-01 09:13:51.877910601 +0200 ++++ linux-5.18.8/drivers/char/lrng/lrng_interface_random_kernel.c 2022-08-01 09:31:18.926127936 +0200 +@@ -19,6 +19,10 @@ + #include "lrng_interface_dev_common.h" + #include "lrng_interface_random_kernel.h" + ++static RAW_NOTIFIER_HEAD(lrng_ready_chain); ++static DEFINE_SPINLOCK(lrng_ready_chain_lock); ++static unsigned int lrng_ready_chain_used = 0; ++ + /********************************** Helper ***********************************/ + + int __init random_init(const char *command_line) +@@ -29,6 +33,33 @@ int __init random_init(const char *comma + return ret; + } + ++bool lrng_ready_chain_has_sleeper(void) ++{ ++ return !!lrng_ready_chain_used; ++} ++ ++/* ++ * lrng_process_ready_list() - Ping all kernel internal callers waiting until ++ * the DRNG is completely initialized to inform that the DRNG reached that ++ * seed level. ++ * ++ * When the SP800-90B testing is enabled, the ping only happens if the SP800-90B ++ * startup health tests are completed. This implies that kernel internal ++ * callers always have an SP800-90B compliant noise source when being ++ * pinged. ++ */ ++void lrng_process_ready_list(void) ++{ ++ unsigned long flags; ++ ++ if (!lrng_state_operational()) ++ return; ++ ++ spin_lock_irqsave(&lrng_ready_chain_lock, flags); ++ raw_notifier_call_chain(&lrng_ready_chain, 0, NULL); ++ spin_unlock_irqrestore(&lrng_ready_chain_lock, flags); ++} ++ + /************************ LRNG kernel input interfaces ************************/ + + /* +@@ -125,6 +156,58 @@ void add_interrupt_randomness(int irq) { + EXPORT_SYMBOL(add_interrupt_randomness); + #endif + ++/* ++ * unregister_random_ready_notifier() - Delete a previously registered readiness ++ * callback function. ++ * ++ * @nb: callback definition that was registered initially ++ */ ++int unregister_random_ready_notifier(struct notifier_block *nb) ++{ ++ unsigned long flags; ++ int ret; ++ ++ spin_lock_irqsave(&lrng_ready_chain_lock, flags); ++ ret = raw_notifier_chain_unregister(&lrng_ready_chain, nb); ++ spin_unlock_irqrestore(&lrng_ready_chain_lock, flags); ++ ++ if (!ret && lrng_ready_chain_used) ++ lrng_ready_chain_used--; ++ ++ return ret; ++} ++EXPORT_SYMBOL(unregister_random_ready_notifier); ++ ++/* ++ * register_random_ready_notifier() - Add a callback function that will be ++ * invoked when the DRNG is fully initialized and seeded. ++ * ++ * @nb: callback definition to be invoked when the LRNG is seeded ++ * ++ * Return: ++ * * 0 if callback is successfully added ++ * * -EALREADY if pool is already initialised (callback not called) ++ */ ++int register_random_ready_notifier(struct notifier_block *nb) ++{ ++ unsigned long flags; ++ int err = -EALREADY; ++ ++ if (likely(lrng_state_operational())) ++ return err; ++ ++ spin_lock_irqsave(&lrng_ready_chain_lock, flags); ++ if (!lrng_state_operational()) ++ err = raw_notifier_chain_register(&lrng_ready_chain, nb); ++ spin_unlock_irqrestore(&lrng_ready_chain_lock, flags); ++ ++ if (!err) ++ lrng_ready_chain_used++; ++ ++ return err; ++} ++EXPORT_SYMBOL(register_random_ready_notifier); ++ + #if IS_ENABLED(CONFIG_VMGENID) + static BLOCKING_NOTIFIER_HEAD(lrng_vmfork_chain); + +@@ -195,6 +278,43 @@ int wait_for_random_bytes(void) + EXPORT_SYMBOL(wait_for_random_bytes); + + /* ++ * get_random_bytes_arch() - This function will use the architecture-specific ++ * hardware random number generator if it is available. ++ * ++ * The arch-specific hw RNG will almost certainly be faster than what we can ++ * do in software, but it is impossible to verify that it is implemented ++ * securely (as opposed, to, say, the AES encryption of a sequence number using ++ * a key known by the NSA). So it's useful if we need the speed, but only if ++ * we're willing to trust the hardware manufacturer not to have put in a back ++ * door. ++ * ++ * @buf: buffer allocated by caller to store the random data in ++ * @nbytes: length of outbuf ++ * ++ * Return: number of bytes filled in. ++ */ ++size_t __must_check get_random_bytes_arch(void *buf, size_t nbytes) ++{ ++ size_t left = nbytes; ++ u8 *p = buf; ++ ++ while (left) { ++ unsigned long v; ++ size_t chunk = min_t(size_t, left, sizeof(unsigned long)); ++ ++ if (!arch_get_random_long(&v)) ++ break; ++ ++ memcpy(p, &v, chunk); ++ p += chunk; ++ left -= chunk; ++ } ++ ++ return nbytes - left; ++} ++EXPORT_SYMBOL(get_random_bytes_arch); ++ ++/* + * Returns whether or not the LRNG has been seeded. + * + * Returns: true if the urandom pool has been seeded. +--- linux-5.15.58/drivers/char/lrng/lrng_interface_random_kernel.h.orig 2022-08-01 10:01:32.939911355 +0200 ++++ linux-5.15.58/drivers/char/lrng/lrng_interface_random_kernel.h 2022-08-01 10:01:38.564923636 +0200 +@@ -7,9 +7,13 @@ + #define _LRNG_INTERFACE_RANDOM_H + + #ifdef CONFIG_LRNG_RANDOM_IF ++void lrng_process_ready_list(void); ++bool lrng_ready_chain_has_sleeper(void); + void invalidate_batched_entropy(void); + void lrng_kick_random_ready(void); + #else /* CONFIG_LRNG_RANDOM_IF */ ++static inline bool lrng_ready_chain_has_sleeper(void) { return false; } ++static inline void lrng_process_ready_list(void) { } + static inline void invalidate_batched_entropy(void) { } + static inline void lrng_kick_random_ready(void) { } + #endif /* CONFIG_LRNG_RANDOM_IF */ diff --git a/backports/v57-4.19.322/v57-07-sha-includes.patch b/backports/v57-4.19.322/v57-07-sha-includes.patch new file mode 100644 index 0000000..5c0faa9 --- /dev/null +++ b/backports/v57-4.19.322/v57-07-sha-includes.patch @@ -0,0 +1,34 @@ +--- linux-5.10/drivers/char/lrng/lrng_sha1.c.orig 2022-05-17 09:28:05.950190228 +0200 ++++ linux-5.10/drivers/char/lrng/lrng_sha1.c 2022-05-17 09:28:16.545205008 +0200 +@@ -10,7 +10,7 @@ + #define pr_fmt(fmt) KBUILD_MODNAME ": " fmt + + #include +-#include ++#include + #include + + #include "lrng_sha.h" +--- linux-5.10/drivers/char/lrng/lrng_sha256.c.orig 2022-05-17 09:28:32.976226275 +0200 ++++ linux-5.10/drivers/char/lrng/lrng_sha256.c 2022-05-17 09:28:41.394236961 +0200 +@@ -10,7 +10,7 @@ + #define pr_fmt(fmt) KBUILD_MODNAME ": " fmt + + #include +-#include ++#include + + #include "lrng_sha.h" + +--- linux-5.10/drivers/char/lrng/lrng_definitions.h.orig 2022-05-17 09:37:43.122453512 +0200 ++++ linux-5.10/drivers/char/lrng/lrng_definitions.h 2022-05-17 09:37:52.303479125 +0200 +@@ -6,8 +6,7 @@ + #ifndef _LRNG_DEFINITIONS_H + #define _LRNG_DEFINITIONS_H + +-#include +-#include ++#include + #include + + /*************************** General LRNG parameter ***************************/ diff --git a/backports/v57-4.19.322/v57-08-kzfree.patch b/backports/v57-4.19.322/v57-08-kzfree.patch new file mode 100644 index 0000000..ef46469 --- /dev/null +++ b/backports/v57-4.19.322/v57-08-kzfree.patch @@ -0,0 +1,44 @@ +--- linux-5.4/drivers/char/lrng/lrng_drng_chacha20.c.orig 2020-10-10 21:02:49.755374050 +0200 ++++ linux-5.4/drivers/char/lrng/lrng_drng_chacha20.c 2020-10-10 21:03:21.878506872 +0200 +@@ -224,7 +224,7 @@ static void lrng_cc20_drng_dealloc(void + } + + pr_debug("ChaCha20 core zeroized and freed\n"); +- kfree_sensitive(chacha20_state); ++ kzfree(chacha20_state); + } + + /******************************* Hash Operation *******************************/ +--- linux-5.4/drivers/char/lrng/lrng_drng_drbg.c.orig 2020-10-10 21:02:57.136404546 +0200 ++++ linux-5.4/drivers/char/lrng/lrng_drng_drbg.c 2020-10-10 21:03:37.311570965 +0200 +@@ -140,7 +140,7 @@ static void lrng_drbg_drng_dealloc(void + if (drbg && drbg->d_ops) + drbg->d_ops->crypto_fini(drbg); + drbg_dealloc_state(drbg); +- kfree_sensitive(drbg); ++ kzfree(drbg); + pr_info("DRBG deallocated\n"); + } + +--- linux-5.4/drivers/char/lrng/lrng_interface_dev_common.c.orig 2020-10-10 21:03:03.855432312 +0200 ++++ linux-5.4/drivers/char/lrng/lrng_interface_dev_common.c 2020-10-10 21:03:53.879639777 +0200 +@@ -432,7 +432,7 @@ static ssize_t lrng_read_common(char __u + + /* Wipe data just returned from memory */ + if (tmp_large) +- kfree_sensitive(tmp_large); ++ kzfree(tmp_large); + else + memzero_explicit(tmpbuf, sizeof(tmpbuf)); + +--- linux-5.4/drivers/char/lrng/lrng_testing.c.orig 2020-10-10 21:03:08.427451210 +0200 ++++ linux-5.4/drivers/char/lrng/lrng_testing.c 2020-10-10 21:04:08.620700995 +0200 +@@ -234,7 +234,7 @@ static int lrng_testing_extract_user(str + ret += i; + } + +- kfree_sensitive(tmp); ++ kzfree(tmp); + + if (ret > 0) + *ppos += ret; diff --git a/backports/v57-4.19.322/v57-09-ratelimit.patch b/backports/v57-4.19.322/v57-09-ratelimit.patch new file mode 100644 index 0000000..cf65210 --- /dev/null +++ b/backports/v57-4.19.322/v57-09-ratelimit.patch @@ -0,0 +1,10 @@ +--- linux-5.4/drivers/char/lrng/lrng_es_irq.c.orig 2020-10-10 21:00:01.282688553 +0200 ++++ linux-5.4/drivers/char/lrng/lrng_es_irq.c 2020-10-10 21:12:07.975025774 +0200 +@@ -12,6 +12,7 @@ + #include + #include + #include ++#include + + #include "lrng_internal.h" + #include "lrng_es_irq.h" diff --git a/backports/v57-4.19.322/v57-10-add_signal_header.patch b/backports/v57-4.19.322/v57-10-add_signal_header.patch new file mode 100644 index 0000000..89f979a --- /dev/null +++ b/backports/v57-4.19.322/v57-10-add_signal_header.patch @@ -0,0 +1,10 @@ +--- linux-5.4/drivers/char/lrng/lrng_interface_dev_common.c.orig 2022-05-17 15:42:53.065862532 -0400 ++++ linux-5.4/drivers/char/lrng/lrng_interface_dev_common.c 2022-05-17 15:43:35.844969625 -0400 +@@ -8,6 +8,7 @@ + #define pr_fmt(fmt) KBUILD_MODNAME ": " fmt + + #include ++#include + #include + + #include "lrng_drng_mgr.h" diff --git a/backports/v57-4.19.322/v57-11-chacha20_block_invocation.patch b/backports/v57-4.19.322/v57-11-chacha20_block_invocation.patch new file mode 100644 index 0000000..229406e --- /dev/null +++ b/backports/v57-4.19.322/v57-11-chacha20_block_invocation.patch @@ -0,0 +1,25 @@ +--- linux-4.19/drivers/char/lrng/lrng_drng_chacha20.h.orig 2020-08-20 13:44:36.391973096 +0200 ++++ linux-4.19/drivers/char/lrng/lrng_drng_chacha20.h 2020-08-20 13:48:05.763485879 +0200 +@@ -5,7 +5,10 @@ + * Copyright (C) 2016 - 2021, Stephan Mueller + */ + +-#include ++#include ++ ++#define CHACHA_BLOCK_SIZE CHACHA20_BLOCK_SIZE ++#define CHACHA_KEY_SIZE CHACHA20_KEY_SIZE + + /* State according to RFC 7539 section 2.3 */ + struct chacha20_block { +--- linux-4.19/drivers/char/lrng/lrng_drng_chacha20.c.orig 2020-08-20 13:36:54.557430342 +0200 ++++ linux-4.19/drivers/char/lrng/lrng_drng_chacha20.c 2020-08-20 13:49:43.196655230 +0200 +@@ -8,7 +8,7 @@ + + #define pr_fmt(fmt) KBUILD_MODNAME ": " fmt + +-#include ++#include + #include + #include + #include diff --git a/backports/v57-4.19.322/v57-12-enable_sha256.patch b/backports/v57-4.19.322/v57-12-enable_sha256.patch new file mode 100644 index 0000000..0b9f1fc --- /dev/null +++ b/backports/v57-4.19.322/v57-12-enable_sha256.patch @@ -0,0 +1,55 @@ +--- linux-4.19/lib/Kconfig.orig 2020-10-15 18:47:16.691020244 +0200 ++++ linux-4.19/lib/Kconfig 2020-10-15 18:47:27.366089556 +0200 +@@ -621,3 +621,6 @@ config GENERIC_LIB_CMPDI2 + + config GENERIC_LIB_UCMPDI2 + bool ++ ++config CRYPTO_LIB_SHA256 ++ tristate +--- linux-4.19/lib/Makefile.orig 2020-10-15 18:45:35.442144084 +0200 ++++ linux-4.19/lib/Makefile 2020-10-15 18:45:58.394381742 +0200 +@@ -272,3 +272,6 @@ obj-$(CONFIG_GENERIC_LIB_LSHRDI3) += lsh + obj-$(CONFIG_GENERIC_LIB_UCMPDI2) += ucmpdi2.o + + obj-y += crypto/ ++ ++obj-$(CONFIG_CRYPTO_LIB_SHA256) += libsha256.o ++libsha256-y := sha256.o +--- linux-4.19/include/crypto/hash.h.orig 2020-10-15 20:26:21.099078090 +0200 ++++ linux-4.19/include/crypto/hash.h 2020-10-15 20:27:02.427257809 +0200 +@@ -151,9 +151,11 @@ struct shash_desc { + void *__ctx[] CRYPTO_MINALIGN_ATTR; + }; + ++#define HASH_MAX_DESCSIZE (sizeof(struct shash_desc) + 360) ++ + #define SHASH_DESC_ON_STACK(shash, ctx) \ + char __##shash##_desc[sizeof(struct shash_desc) + \ +- crypto_shash_descsize(ctx)] CRYPTO_MINALIGN_ATTR; \ ++ HASH_MAX_DESCSIZE] CRYPTO_MINALIGN_ATTR; \ + struct shash_desc *shash = (struct shash_desc *)__##shash##_desc + + /** +--- linux-4.19/drivers/char/lrng/lrng_sha256.c.orig 2022-05-17 16:13:34.667145085 -0400 ++++ linux-4.19/drivers/char/lrng/lrng_sha256.c 2022-05-17 16:13:56.734215929 -0400 +@@ -10,7 +10,7 @@ + #define pr_fmt(fmt) KBUILD_MODNAME ": " fmt + + #include +-#include ++#include + + #include "lrng_sha.h" + +--- linux-4.19/drivers/char/lrng/lrng_drng_kcapi.c.orig 2022-05-17 16:35:46.342402331 -0400 ++++ linux-4.19/drivers/char/lrng/lrng_drng_kcapi.c 2022-05-17 16:36:17.228489094 -0400 +@@ -38,7 +38,7 @@ static int lrng_kcapi_drng_seed_helper(v + struct crypto_shash *hash_tfm = lrng_drng_info->hash_tfm; + SHASH_DESC_ON_STACK(shash, hash_tfm); + u32 digestsize; +- u8 digest[HASH_MAX_DIGESTSIZE] __aligned(8); ++ u8 digest[64] __aligned(8); + int ret; + + if (!hash_tfm) diff --git a/backports/v57-4.19.322/v57-13-remove_compat_ioctl.patch b/backports/v57-4.19.322/v57-13-remove_compat_ioctl.patch new file mode 100644 index 0000000..9cca1a3 --- /dev/null +++ b/backports/v57-4.19.322/v57-13-remove_compat_ioctl.patch @@ -0,0 +1,28 @@ +--- linux-5.4-2.orig/drivers/char/lrng/lrng_interface_random_user.c 2020-08-20 12:14:25.593091918 +0200 ++++ linux-5.4-2/drivers/char/lrng/lrng_interface_random_user.c 2020-08-20 12:14:55.877453575 +0200 +@@ -609,7 +609,6 @@ const struct file_operations random_fops + .write = lrng_drng_write, + .poll = lrng_random_poll, + .unlocked_ioctl = lrng_ioctl, +- .compat_ioctl = compat_ptr_ioctl, + .fasync = lrng_fasync, + .llseek = noop_llseek, + }; +@@ -618,7 +617,6 @@ const struct file_operations urandom_fop + .read = lrng_drng_read, + .write = lrng_drng_write, + .unlocked_ioctl = lrng_ioctl, +- .compat_ioctl = compat_ptr_ioctl, + .fasync = lrng_fasync, + .llseek = noop_llseek, + }; +--- linux-5.4/drivers/char/lrng/lrng_interface_dev.c.orig 2022-05-17 15:34:41.238698916 -0400 ++++ linux-5.4/drivers/char/lrng/lrng_interface_dev.c 2022-05-17 15:34:51.672771058 -0400 +@@ -15,7 +15,6 @@ static const struct file_operations lrng + .write = lrng_drng_write, + .poll = lrng_random_poll, + .unlocked_ioctl = lrng_ioctl, +- .compat_ioctl = compat_ptr_ioctl, + .fasync = lrng_fasync, + .llseek = noop_llseek, + }; diff --git a/backports/v57-4.19.322/v57-14-revert-split-random_init.patch b/backports/v57-4.19.322/v57-14-revert-split-random_init.patch new file mode 100644 index 0000000..d361305 --- /dev/null +++ b/backports/v57-4.19.322/v57-14-revert-split-random_init.patch @@ -0,0 +1,22 @@ +--- linux-5.15.86/drivers/char/lrng/lrng_interface_random_kernel.c.orig 2023-01-07 21:29:56.529021762 +0100 ++++ linux-5.15.86/drivers/char/lrng/lrng_interface_random_kernel.c 2023-01-07 21:31:30.445338357 +0100 +@@ -34,15 +34,17 @@ static int __init lrng_parse_trust_bootl + } + early_param("random.trust_bootloader", lrng_parse_trust_bootloader); + +-void __init random_init_early(const char *command_line) ++static void __init random_init_early(const char *command_line) + { + lrng_rand_initialize_early(); + lrng_pool_insert_aux(command_line, strlen(command_line), 0); + } + +-void __init random_init(void) ++int __init random_init(const char *command_line) + { ++ random_init_early(command_line); + lrng_rand_initialize(); ++ return 0; + } + + bool lrng_ready_chain_has_sleeper(void) diff --git a/backports/v57-4.19.322/v57-14-revert_add_hwgenerator_randomness_update.patch b/backports/v57-4.19.322/v57-14-revert_add_hwgenerator_randomness_update.patch new file mode 100644 index 0000000..d88efd6 --- /dev/null +++ b/backports/v57-4.19.322/v57-14-revert_add_hwgenerator_randomness_update.patch @@ -0,0 +1,19 @@ +--- linux-6.1.14/drivers/char/lrng/lrng_interface_random_kernel.c.orig 2023-02-26 16:21:03.212109504 +0100 ++++ linux-6.1.14/drivers/char/lrng/lrng_interface_random_kernel.c 2023-02-26 16:21:22.284469755 +0100 +@@ -85,7 +85,7 @@ void lrng_kick_random_ready(void) + * @entropy_bits: amount of entropy in buffer (value is in bits) + */ + void add_hwgenerator_randomness(const void *buffer, size_t count, +- size_t entropy_bits, bool sleep_after) ++ size_t entropy_bits) + { + /* + * Suspend writing if we are fully loaded with entropy or if caller +@@ -96,7 +96,6 @@ void add_hwgenerator_randomness(const vo + wait_event_interruptible(lrng_write_wait, + (lrng_need_entropy() && entropy_bits) || + lrng_state_exseed_allow(lrng_noise_source_hw) || +- !sleep_after || + kthread_should_stop()); + lrng_state_exseed_set(lrng_noise_source_hw, false); + lrng_pool_insert_aux(buffer, count, entropy_bits); diff --git a/backports/v57-4.19.322/v57-15-add_terminator_sysctl_table.patch b/backports/v57-4.19.322/v57-15-add_terminator_sysctl_table.patch new file mode 100644 index 0000000..192ac91 --- /dev/null +++ b/backports/v57-4.19.322/v57-15-add_terminator_sysctl_table.patch @@ -0,0 +1,9 @@ +--- linux-5.15.152/drivers/char/lrng/lrng_sysctl.c.orig 2024-03-21 16:28:58.433989086 +0100 ++++ linux-5.15.152/drivers/char/lrng/lrng_sysctl.c 2024-03-21 16:23:20.407775043 +0100 +@@ -129,5 +129,6 @@ struct ctl_table random_table[] = { + .proc_handler = proc_dointvec, + .extra1 = &lrng_drng_reseed_max_min, + }, ++ { } + }; + diff --git a/backports/v57-4.19.322/v57-16-config_base_small.patch b/backports/v57-4.19.322/v57-16-config_base_small.patch new file mode 100644 index 0000000..ef87cf8 --- /dev/null +++ b/backports/v57-4.19.322/v57-16-config_base_small.patch @@ -0,0 +1,11 @@ +--- linux-6.6.43/drivers/char/lrng/lrng_interface_dev_common.c.orig 2024-07-28 22:07:52.457903187 +0200 ++++ linux-6.6.43/drivers/char/lrng/lrng_interface_dev_common.c 2024-07-28 22:08:16.905132650 +0200 +@@ -111,7 +111,7 @@ ssize_t lrng_read_common(char __user *bu + * request sizes, such as 16 or 32 bytes, avoid a kmalloc overhead for + * those by using the stack variable of tmpbuf. + */ +- if (!IS_ENABLED(CONFIG_BASE_SMALL) && (nbytes > sizeof(tmpbuf))) { ++ if (!CONFIG_BASE_SMALL && (nbytes > sizeof(tmpbuf))) { + tmplen = min_t(u32, nbytes, LRNG_DRNG_MAX_REQSIZE); + tmp_large = kmalloc(tmplen + LRNG_KCAPI_ALIGN, GFP_KERNEL); + if (!tmp_large) diff --git a/backports/v57-4.19.322/v57-17-sysctl-unconstify.patch b/backports/v57-4.19.322/v57-17-sysctl-unconstify.patch new file mode 100644 index 0000000..484cebd --- /dev/null +++ b/backports/v57-4.19.322/v57-17-sysctl-unconstify.patch @@ -0,0 +1,29 @@ +--- linux-6.6.52/drivers/char/lrng/lrng_sysctl.c.orig 2024-09-28 22:10:40.683092569 +0200 ++++ linux-6.6.52/drivers/char/lrng/lrng_sysctl.c 2024-09-28 22:11:05.993141475 +0200 +@@ -23,7 +23,7 @@ + * returned as an ASCII string in the standard UUID format; if via the + * sysctl system call, as 16 bytes of binary data. + */ +-static int lrng_sysctl_do_uuid(const struct ctl_table *table, int write, ++static int lrng_sysctl_do_uuid(struct ctl_table *table, int write, + void *buffer, size_t *lenp, loff_t *ppos) + { + struct ctl_table fake_table; +@@ -50,7 +50,7 @@ static int lrng_sysctl_do_uuid(const str + return proc_dostring(&fake_table, write, buffer, lenp, ppos); + } + +-static int lrng_sysctl_do_entropy(const struct ctl_table *table, int write, ++static int lrng_sysctl_do_entropy(struct ctl_table *table, int write, + void *buffer, size_t *lenp, loff_t *ppos) + { + struct ctl_table fake_table; +@@ -62,7 +62,7 @@ static int lrng_sysctl_do_entropy(const + return proc_dointvec(&fake_table, write, buffer, lenp, ppos); + } + +-static int lrng_sysctl_do_poolsize(const struct ctl_table *table, int write, ++static int lrng_sysctl_do_poolsize(struct ctl_table *table, int write, + void *buffer, size_t *lenp, loff_t *ppos) + { + struct ctl_table fake_table; diff --git a/backports/v57-5.10.226/README.md b/backports/v57-5.10.226/README.md new file mode 100644 index 0000000..d948fff --- /dev/null +++ b/backports/v57-5.10.226/README.md @@ -0,0 +1,13 @@ +# Backport Patches for Kernel 5.10 + +The patches allow applying the LRNG to older kernels. Perform the following +operations: + +1. apply all six-digit patches providing necessary code updates to + required before applying the LRNG patches. + +2. apply all LRNG patches from upstream - note, some hunks are expected + considering the original code base is written for a different kernel version + +3. apply all two-digit patches providing code updates after the LRNG patches + are applied. diff --git a/backports/v57-5.10.226/v57-000001-core.patch b/backports/v57-5.10.226/v57-000001-core.patch new file mode 100644 index 0000000..df37abc --- /dev/null +++ b/backports/v57-5.10.226/v57-000001-core.patch @@ -0,0 +1,13 @@ +--- linux-5.15/kernel/sched/core.c.orig 2022-05-17 08:07:23.998466743 +0200 ++++ linux-5.15/kernel/sched/core.c 2022-05-17 08:07:52.072536401 +0200 +@@ -6,6 +6,10 @@ + * + * Copyright (C) 1991-2002 Linus Torvalds + */ ++#include ++#include ++#include ++ + #define CREATE_TRACE_POINTS + #include + #undef CREATE_TRACE_POINTS diff --git a/backports/v57-5.10.226/v57-01-core.patch b/backports/v57-5.10.226/v57-01-core.patch new file mode 100644 index 0000000..cd1ee30 --- /dev/null +++ b/backports/v57-5.10.226/v57-01-core.patch @@ -0,0 +1,12 @@ +--- linux-5.15/kernel/sched/core.c.orig 2022-05-17 08:10:20.541904807 +0200 ++++ linux-5.15/kernel/sched/core.c 2022-05-17 08:10:31.720932544 +0200 +@@ -7,9 +7,6 @@ + * Copyright (C) 1991-2002 Linus Torvalds + */ + #include +-#include +-#include +-#include + + #define CREATE_TRACE_POINTS + #include diff --git a/backports/v57-5.10.226/v57-05-sysctl.patch b/backports/v57-5.10.226/v57-05-sysctl.patch new file mode 100644 index 0000000..459c4eb --- /dev/null +++ b/backports/v57-5.10.226/v57-05-sysctl.patch @@ -0,0 +1,21 @@ +--- linux-5.15/drivers/char/lrng/lrng_sysctl.c.orig 2022-05-17 08:35:09.958660325 +0200 ++++ linux-5.15/drivers/char/lrng/lrng_sysctl.c 2022-05-17 08:36:17.829818950 +0200 +@@ -91,7 +91,7 @@ void lrng_sysctl_update_max_write_thresh + mb(); + } + +-static struct ctl_table random_table[] = { ++struct ctl_table random_table[] = { + { + .procname = "poolsize", + .maxlen = sizeof(int), +@@ -137,9 +137,3 @@ static struct ctl_table random_table[] = + { } + }; + +-static int __init random_sysctls_init(void) +-{ +- register_sysctl_init("kernel/random", random_table); +- return 0; +-} +-device_initcall(random_sysctls_init); diff --git a/backports/v57-5.10.226/v57-06-add_random_ready_callbacks.patch b/backports/v57-5.10.226/v57-06-add_random_ready_callbacks.patch new file mode 100644 index 0000000..2ef745c --- /dev/null +++ b/backports/v57-5.10.226/v57-06-add_random_ready_callbacks.patch @@ -0,0 +1,176 @@ +--- linux-5.18.8/drivers/char/lrng/lrng_es_mgr.c.orig 2022-08-01 09:35:07.227572096 +0200 ++++ linux-5.18.8/drivers/char/lrng/lrng_es_mgr.c 2022-08-01 09:31:18.926127936 +0200 +@@ -218,6 +218,7 @@ static void lrng_set_operational(void) + */ + if (lrng_state.lrng_fully_seeded) { + lrng_state.lrng_operational = true; ++ lrng_process_ready_list(); + lrng_init_wakeup(); + pr_info("LRNG fully operational\n"); + } +--- linux-5.18.8/drivers/char/lrng/lrng_interface_random_kernel.c.orig 2022-08-01 09:13:51.877910601 +0200 ++++ linux-5.18.8/drivers/char/lrng/lrng_interface_random_kernel.c 2022-08-01 09:31:18.926127936 +0200 +@@ -19,6 +19,10 @@ + #include "lrng_interface_dev_common.h" + #include "lrng_interface_random_kernel.h" + ++static RAW_NOTIFIER_HEAD(lrng_ready_chain); ++static DEFINE_SPINLOCK(lrng_ready_chain_lock); ++static unsigned int lrng_ready_chain_used = 0; ++ + /********************************** Helper ***********************************/ + + int __init random_init(const char *command_line) +@@ -29,6 +33,33 @@ int __init random_init(const char *comma + return ret; + } + ++bool lrng_ready_chain_has_sleeper(void) ++{ ++ return !!lrng_ready_chain_used; ++} ++ ++/* ++ * lrng_process_ready_list() - Ping all kernel internal callers waiting until ++ * the DRNG is completely initialized to inform that the DRNG reached that ++ * seed level. ++ * ++ * When the SP800-90B testing is enabled, the ping only happens if the SP800-90B ++ * startup health tests are completed. This implies that kernel internal ++ * callers always have an SP800-90B compliant noise source when being ++ * pinged. ++ */ ++void lrng_process_ready_list(void) ++{ ++ unsigned long flags; ++ ++ if (!lrng_state_operational()) ++ return; ++ ++ spin_lock_irqsave(&lrng_ready_chain_lock, flags); ++ raw_notifier_call_chain(&lrng_ready_chain, 0, NULL); ++ spin_unlock_irqrestore(&lrng_ready_chain_lock, flags); ++} ++ + /************************ LRNG kernel input interfaces ************************/ + + /* +@@ -125,6 +156,58 @@ void add_interrupt_randomness(int irq) { + EXPORT_SYMBOL(add_interrupt_randomness); + #endif + ++/* ++ * unregister_random_ready_notifier() - Delete a previously registered readiness ++ * callback function. ++ * ++ * @nb: callback definition that was registered initially ++ */ ++int unregister_random_ready_notifier(struct notifier_block *nb) ++{ ++ unsigned long flags; ++ int ret; ++ ++ spin_lock_irqsave(&lrng_ready_chain_lock, flags); ++ ret = raw_notifier_chain_unregister(&lrng_ready_chain, nb); ++ spin_unlock_irqrestore(&lrng_ready_chain_lock, flags); ++ ++ if (!ret && lrng_ready_chain_used) ++ lrng_ready_chain_used--; ++ ++ return ret; ++} ++EXPORT_SYMBOL(unregister_random_ready_notifier); ++ ++/* ++ * register_random_ready_notifier() - Add a callback function that will be ++ * invoked when the DRNG is fully initialized and seeded. ++ * ++ * @nb: callback definition to be invoked when the LRNG is seeded ++ * ++ * Return: ++ * * 0 if callback is successfully added ++ * * -EALREADY if pool is already initialised (callback not called) ++ */ ++int register_random_ready_notifier(struct notifier_block *nb) ++{ ++ unsigned long flags; ++ int err = -EALREADY; ++ ++ if (likely(lrng_state_operational())) ++ return err; ++ ++ spin_lock_irqsave(&lrng_ready_chain_lock, flags); ++ if (!lrng_state_operational()) ++ err = raw_notifier_chain_register(&lrng_ready_chain, nb); ++ spin_unlock_irqrestore(&lrng_ready_chain_lock, flags); ++ ++ if (!err) ++ lrng_ready_chain_used++; ++ ++ return err; ++} ++EXPORT_SYMBOL(register_random_ready_notifier); ++ + #if IS_ENABLED(CONFIG_VMGENID) + static BLOCKING_NOTIFIER_HEAD(lrng_vmfork_chain); + +@@ -195,6 +278,43 @@ int wait_for_random_bytes(void) + EXPORT_SYMBOL(wait_for_random_bytes); + + /* ++ * get_random_bytes_arch() - This function will use the architecture-specific ++ * hardware random number generator if it is available. ++ * ++ * The arch-specific hw RNG will almost certainly be faster than what we can ++ * do in software, but it is impossible to verify that it is implemented ++ * securely (as opposed, to, say, the AES encryption of a sequence number using ++ * a key known by the NSA). So it's useful if we need the speed, but only if ++ * we're willing to trust the hardware manufacturer not to have put in a back ++ * door. ++ * ++ * @buf: buffer allocated by caller to store the random data in ++ * @nbytes: length of outbuf ++ * ++ * Return: number of bytes filled in. ++ */ ++size_t __must_check get_random_bytes_arch(void *buf, size_t nbytes) ++{ ++ size_t left = nbytes; ++ u8 *p = buf; ++ ++ while (left) { ++ unsigned long v; ++ size_t chunk = min_t(size_t, left, sizeof(unsigned long)); ++ ++ if (!arch_get_random_long(&v)) ++ break; ++ ++ memcpy(p, &v, chunk); ++ p += chunk; ++ left -= chunk; ++ } ++ ++ return nbytes - left; ++} ++EXPORT_SYMBOL(get_random_bytes_arch); ++ ++/* + * Returns whether or not the LRNG has been seeded. + * + * Returns: true if the urandom pool has been seeded. +--- linux-5.15.58/drivers/char/lrng/lrng_interface_random_kernel.h.orig 2022-08-01 10:01:32.939911355 +0200 ++++ linux-5.15.58/drivers/char/lrng/lrng_interface_random_kernel.h 2022-08-01 10:01:38.564923636 +0200 +@@ -7,9 +7,13 @@ + #define _LRNG_INTERFACE_RANDOM_H + + #ifdef CONFIG_LRNG_RANDOM_IF ++void lrng_process_ready_list(void); ++bool lrng_ready_chain_has_sleeper(void); + void invalidate_batched_entropy(void); + void lrng_kick_random_ready(void); + #else /* CONFIG_LRNG_RANDOM_IF */ ++static inline bool lrng_ready_chain_has_sleeper(void) { return false; } ++static inline void lrng_process_ready_list(void) { } + static inline void invalidate_batched_entropy(void) { } + static inline void lrng_kick_random_ready(void) { } + #endif /* CONFIG_LRNG_RANDOM_IF */ diff --git a/backports/v57-5.10.226/v57-07-sha-includes.patch b/backports/v57-5.10.226/v57-07-sha-includes.patch new file mode 100644 index 0000000..5c0faa9 --- /dev/null +++ b/backports/v57-5.10.226/v57-07-sha-includes.patch @@ -0,0 +1,34 @@ +--- linux-5.10/drivers/char/lrng/lrng_sha1.c.orig 2022-05-17 09:28:05.950190228 +0200 ++++ linux-5.10/drivers/char/lrng/lrng_sha1.c 2022-05-17 09:28:16.545205008 +0200 +@@ -10,7 +10,7 @@ + #define pr_fmt(fmt) KBUILD_MODNAME ": " fmt + + #include +-#include ++#include + #include + + #include "lrng_sha.h" +--- linux-5.10/drivers/char/lrng/lrng_sha256.c.orig 2022-05-17 09:28:32.976226275 +0200 ++++ linux-5.10/drivers/char/lrng/lrng_sha256.c 2022-05-17 09:28:41.394236961 +0200 +@@ -10,7 +10,7 @@ + #define pr_fmt(fmt) KBUILD_MODNAME ": " fmt + + #include +-#include ++#include + + #include "lrng_sha.h" + +--- linux-5.10/drivers/char/lrng/lrng_definitions.h.orig 2022-05-17 09:37:43.122453512 +0200 ++++ linux-5.10/drivers/char/lrng/lrng_definitions.h 2022-05-17 09:37:52.303479125 +0200 +@@ -6,8 +6,7 @@ + #ifndef _LRNG_DEFINITIONS_H + #define _LRNG_DEFINITIONS_H + +-#include +-#include ++#include + #include + + /*************************** General LRNG parameter ***************************/ diff --git a/backports/v57-5.10.226/v57-08-revert-arch_get_random_long.patch b/backports/v57-5.10.226/v57-08-revert-arch_get_random_long.patch new file mode 100644 index 0000000..c62d28d --- /dev/null +++ b/backports/v57-5.10.226/v57-08-revert-arch_get_random_long.patch @@ -0,0 +1,68 @@ +diff --git a/drivers/char/lrng/lrng_es_cpu.c b/drivers/char/lrng/lrng_es_cpu.c +index f982cc31df4e..3910108cfd08 100644 +--- a/drivers/char/lrng/lrng_es_cpu.c ++++ b/drivers/char/lrng/lrng_es_cpu.c +@@ -65,8 +65,7 @@ static u32 lrng_cpu_poolsize(void) + + static u32 lrng_get_cpu_data(u8 *outbuf, u32 requested_bits) + { +- size_t longs = 0; +- u32 i, req = requested_bits >> 3; ++ u32 i; + + /* operate on full blocks */ + BUILD_BUG_ON(LRNG_DRNG_SECURITY_STRENGTH_BYTES % sizeof(unsigned long)); +@@ -74,14 +73,10 @@ static u32 lrng_get_cpu_data(u8 *outbuf, u32 requested_bits) + /* ensure we have aligned buffers */ + BUILD_BUG_ON(LRNG_KCAPI_ALIGN % sizeof(unsigned long)); + +- for (i = 0; i < req; i += longs) { +- longs = arch_get_random_seed_longs( +- (unsigned long *)(outbuf + i), req - i); +- if (longs) +- continue; +- longs = arch_get_random_longs((unsigned long *)(outbuf + i), +- req - i); +- if (!longs) { ++ for (i = 0; i < (requested_bits >> 3); ++ i += sizeof(unsigned long)) { ++ if (!arch_get_random_seed_long((unsigned long *)(outbuf + i)) && ++ !arch_get_random_long((unsigned long *)(outbuf + i))) { + cpu_entropy = 0; + return 0; + } +@@ -180,7 +175,7 @@ static u32 lrng_cpu_multiplier(void) + if (data_multiplier > 0) + return data_multiplier; + +- if (IS_ENABLED(CONFIG_X86) && !arch_get_random_seed_longs(&v, 1)) { ++ if (IS_ENABLED(CONFIG_X86) && !arch_get_random_seed_long(&v)) { + /* + * Intel SPEC: pulling 512 blocks from RDRAND ensures + * one reseed making it logically equivalent to RDSEED. +--- linux-5.15.86/drivers/char/lrng/lrng_es_mgr.c.orig2 2023-01-07 21:18:49.376364123 +0100 ++++ linux-5.15.86/drivers/char/lrng/lrng_es_mgr.c 2023-01-07 21:19:44.168291522 +0100 +@@ -376,19 +376,12 @@ void __init lrng_rand_initialize_early(v + sizeof(unsigned long))]; + struct new_utsname utsname; + } seed __aligned(LRNG_KCAPI_ALIGN); +- size_t longs = 0; + unsigned int i; + +- for (i = 0; i < ARRAY_SIZE(seed.data); i += longs) { +- longs = arch_get_random_seed_longs(seed.data + i, +- ARRAY_SIZE(seed.data) - i); +- if (longs) +- continue; +- longs = arch_get_random_longs(seed.data + i, +- ARRAY_SIZE(seed.data) - i); +- if (longs) +- continue; +- longs = 1; ++ for (i = 0; i < ARRAY_SIZE(seed.data); i++) { ++ if (!arch_get_random_seed_long_early(&(seed.data[i])) && ++ !arch_get_random_long_early(&seed.data[i])) ++ seed.data[i] = random_get_entropy(); + } + memcpy(&seed.utsname, init_utsname(), sizeof(*(init_utsname()))); + diff --git a/backports/v57-5.10.226/v57-09-revert-split-random_init.patch b/backports/v57-5.10.226/v57-09-revert-split-random_init.patch new file mode 100644 index 0000000..d361305 --- /dev/null +++ b/backports/v57-5.10.226/v57-09-revert-split-random_init.patch @@ -0,0 +1,22 @@ +--- linux-5.15.86/drivers/char/lrng/lrng_interface_random_kernel.c.orig 2023-01-07 21:29:56.529021762 +0100 ++++ linux-5.15.86/drivers/char/lrng/lrng_interface_random_kernel.c 2023-01-07 21:31:30.445338357 +0100 +@@ -34,15 +34,17 @@ static int __init lrng_parse_trust_bootl + } + early_param("random.trust_bootloader", lrng_parse_trust_bootloader); + +-void __init random_init_early(const char *command_line) ++static void __init random_init_early(const char *command_line) + { + lrng_rand_initialize_early(); + lrng_pool_insert_aux(command_line, strlen(command_line), 0); + } + +-void __init random_init(void) ++int __init random_init(const char *command_line) + { ++ random_init_early(command_line); + lrng_rand_initialize(); ++ return 0; + } + + bool lrng_ready_chain_has_sleeper(void) diff --git a/backports/v57-5.10.226/v57-10-revert_add_hwgenerator_randomness_update.patch b/backports/v57-5.10.226/v57-10-revert_add_hwgenerator_randomness_update.patch new file mode 100644 index 0000000..d88efd6 --- /dev/null +++ b/backports/v57-5.10.226/v57-10-revert_add_hwgenerator_randomness_update.patch @@ -0,0 +1,19 @@ +--- linux-6.1.14/drivers/char/lrng/lrng_interface_random_kernel.c.orig 2023-02-26 16:21:03.212109504 +0100 ++++ linux-6.1.14/drivers/char/lrng/lrng_interface_random_kernel.c 2023-02-26 16:21:22.284469755 +0100 +@@ -85,7 +85,7 @@ void lrng_kick_random_ready(void) + * @entropy_bits: amount of entropy in buffer (value is in bits) + */ + void add_hwgenerator_randomness(const void *buffer, size_t count, +- size_t entropy_bits, bool sleep_after) ++ size_t entropy_bits) + { + /* + * Suspend writing if we are fully loaded with entropy or if caller +@@ -96,7 +96,6 @@ void add_hwgenerator_randomness(const vo + wait_event_interruptible(lrng_write_wait, + (lrng_need_entropy() && entropy_bits) || + lrng_state_exseed_allow(lrng_noise_source_hw) || +- !sleep_after || + kthread_should_stop()); + lrng_state_exseed_set(lrng_noise_source_hw, false); + lrng_pool_insert_aux(buffer, count, entropy_bits); diff --git a/backports/v57-5.10.226/v57-11-add_terminator_sysctl_table.patch b/backports/v57-5.10.226/v57-11-add_terminator_sysctl_table.patch new file mode 100644 index 0000000..192ac91 --- /dev/null +++ b/backports/v57-5.10.226/v57-11-add_terminator_sysctl_table.patch @@ -0,0 +1,9 @@ +--- linux-5.15.152/drivers/char/lrng/lrng_sysctl.c.orig 2024-03-21 16:28:58.433989086 +0100 ++++ linux-5.15.152/drivers/char/lrng/lrng_sysctl.c 2024-03-21 16:23:20.407775043 +0100 +@@ -129,5 +129,6 @@ struct ctl_table random_table[] = { + .proc_handler = proc_dointvec, + .extra1 = &lrng_drng_reseed_max_min, + }, ++ { } + }; + diff --git a/backports/v57-5.10.226/v57-12-config_base_small.patch b/backports/v57-5.10.226/v57-12-config_base_small.patch new file mode 100644 index 0000000..ef87cf8 --- /dev/null +++ b/backports/v57-5.10.226/v57-12-config_base_small.patch @@ -0,0 +1,11 @@ +--- linux-6.6.43/drivers/char/lrng/lrng_interface_dev_common.c.orig 2024-07-28 22:07:52.457903187 +0200 ++++ linux-6.6.43/drivers/char/lrng/lrng_interface_dev_common.c 2024-07-28 22:08:16.905132650 +0200 +@@ -111,7 +111,7 @@ ssize_t lrng_read_common(char __user *bu + * request sizes, such as 16 or 32 bytes, avoid a kmalloc overhead for + * those by using the stack variable of tmpbuf. + */ +- if (!IS_ENABLED(CONFIG_BASE_SMALL) && (nbytes > sizeof(tmpbuf))) { ++ if (!CONFIG_BASE_SMALL && (nbytes > sizeof(tmpbuf))) { + tmplen = min_t(u32, nbytes, LRNG_DRNG_MAX_REQSIZE); + tmp_large = kmalloc(tmplen + LRNG_KCAPI_ALIGN, GFP_KERNEL); + if (!tmp_large) diff --git a/backports/v57-5.10.226/v57-13-sysctl-unconstify.patch b/backports/v57-5.10.226/v57-13-sysctl-unconstify.patch new file mode 100644 index 0000000..484cebd --- /dev/null +++ b/backports/v57-5.10.226/v57-13-sysctl-unconstify.patch @@ -0,0 +1,29 @@ +--- linux-6.6.52/drivers/char/lrng/lrng_sysctl.c.orig 2024-09-28 22:10:40.683092569 +0200 ++++ linux-6.6.52/drivers/char/lrng/lrng_sysctl.c 2024-09-28 22:11:05.993141475 +0200 +@@ -23,7 +23,7 @@ + * returned as an ASCII string in the standard UUID format; if via the + * sysctl system call, as 16 bytes of binary data. + */ +-static int lrng_sysctl_do_uuid(const struct ctl_table *table, int write, ++static int lrng_sysctl_do_uuid(struct ctl_table *table, int write, + void *buffer, size_t *lenp, loff_t *ppos) + { + struct ctl_table fake_table; +@@ -50,7 +50,7 @@ static int lrng_sysctl_do_uuid(const str + return proc_dostring(&fake_table, write, buffer, lenp, ppos); + } + +-static int lrng_sysctl_do_entropy(const struct ctl_table *table, int write, ++static int lrng_sysctl_do_entropy(struct ctl_table *table, int write, + void *buffer, size_t *lenp, loff_t *ppos) + { + struct ctl_table fake_table; +@@ -62,7 +62,7 @@ static int lrng_sysctl_do_entropy(const + return proc_dointvec(&fake_table, write, buffer, lenp, ppos); + } + +-static int lrng_sysctl_do_poolsize(const struct ctl_table *table, int write, ++static int lrng_sysctl_do_poolsize(struct ctl_table *table, int write, + void *buffer, size_t *lenp, loff_t *ppos) + { + struct ctl_table fake_table; diff --git a/backports/v57-5.15.167/README.md b/backports/v57-5.15.167/README.md new file mode 100644 index 0000000..c568aa5 --- /dev/null +++ b/backports/v57-5.15.167/README.md @@ -0,0 +1,13 @@ +# Backport Patches for Kernel 5.15 + +The patches allow applying the LRNG to older kernels. Perform the following +operations: + +1. apply all six-digit patches providing necessary code updates to + required before applying the LRNG patches. + +2. apply all LRNG patches from upstream - note, some hunks are expected + considering the original code base is written for a different kernel version + +3. apply all two-digit patches providing code updates after the LRNG patches + are applied. diff --git a/backports/v57-5.15.167/v57-000001-core.patch b/backports/v57-5.15.167/v57-000001-core.patch new file mode 100644 index 0000000..df37abc --- /dev/null +++ b/backports/v57-5.15.167/v57-000001-core.patch @@ -0,0 +1,13 @@ +--- linux-5.15/kernel/sched/core.c.orig 2022-05-17 08:07:23.998466743 +0200 ++++ linux-5.15/kernel/sched/core.c 2022-05-17 08:07:52.072536401 +0200 +@@ -6,6 +6,10 @@ + * + * Copyright (C) 1991-2002 Linus Torvalds + */ ++#include ++#include ++#include ++ + #define CREATE_TRACE_POINTS + #include + #undef CREATE_TRACE_POINTS diff --git a/backports/v57-5.15.167/v57-01-core.patch b/backports/v57-5.15.167/v57-01-core.patch new file mode 100644 index 0000000..cd1ee30 --- /dev/null +++ b/backports/v57-5.15.167/v57-01-core.patch @@ -0,0 +1,12 @@ +--- linux-5.15/kernel/sched/core.c.orig 2022-05-17 08:10:20.541904807 +0200 ++++ linux-5.15/kernel/sched/core.c 2022-05-17 08:10:31.720932544 +0200 +@@ -7,9 +7,6 @@ + * Copyright (C) 1991-2002 Linus Torvalds + */ + #include +-#include +-#include +-#include + + #define CREATE_TRACE_POINTS + #include diff --git a/backports/v57-5.15.167/v57-05-sysctl.patch b/backports/v57-5.15.167/v57-05-sysctl.patch new file mode 100644 index 0000000..459c4eb --- /dev/null +++ b/backports/v57-5.15.167/v57-05-sysctl.patch @@ -0,0 +1,21 @@ +--- linux-5.15/drivers/char/lrng/lrng_sysctl.c.orig 2022-05-17 08:35:09.958660325 +0200 ++++ linux-5.15/drivers/char/lrng/lrng_sysctl.c 2022-05-17 08:36:17.829818950 +0200 +@@ -91,7 +91,7 @@ void lrng_sysctl_update_max_write_thresh + mb(); + } + +-static struct ctl_table random_table[] = { ++struct ctl_table random_table[] = { + { + .procname = "poolsize", + .maxlen = sizeof(int), +@@ -137,9 +137,3 @@ static struct ctl_table random_table[] = + { } + }; + +-static int __init random_sysctls_init(void) +-{ +- register_sysctl_init("kernel/random", random_table); +- return 0; +-} +-device_initcall(random_sysctls_init); diff --git a/backports/v57-5.15.167/v57-07-add_random_ready_callbacks.patch b/backports/v57-5.15.167/v57-07-add_random_ready_callbacks.patch new file mode 100644 index 0000000..2ef745c --- /dev/null +++ b/backports/v57-5.15.167/v57-07-add_random_ready_callbacks.patch @@ -0,0 +1,176 @@ +--- linux-5.18.8/drivers/char/lrng/lrng_es_mgr.c.orig 2022-08-01 09:35:07.227572096 +0200 ++++ linux-5.18.8/drivers/char/lrng/lrng_es_mgr.c 2022-08-01 09:31:18.926127936 +0200 +@@ -218,6 +218,7 @@ static void lrng_set_operational(void) + */ + if (lrng_state.lrng_fully_seeded) { + lrng_state.lrng_operational = true; ++ lrng_process_ready_list(); + lrng_init_wakeup(); + pr_info("LRNG fully operational\n"); + } +--- linux-5.18.8/drivers/char/lrng/lrng_interface_random_kernel.c.orig 2022-08-01 09:13:51.877910601 +0200 ++++ linux-5.18.8/drivers/char/lrng/lrng_interface_random_kernel.c 2022-08-01 09:31:18.926127936 +0200 +@@ -19,6 +19,10 @@ + #include "lrng_interface_dev_common.h" + #include "lrng_interface_random_kernel.h" + ++static RAW_NOTIFIER_HEAD(lrng_ready_chain); ++static DEFINE_SPINLOCK(lrng_ready_chain_lock); ++static unsigned int lrng_ready_chain_used = 0; ++ + /********************************** Helper ***********************************/ + + int __init random_init(const char *command_line) +@@ -29,6 +33,33 @@ int __init random_init(const char *comma + return ret; + } + ++bool lrng_ready_chain_has_sleeper(void) ++{ ++ return !!lrng_ready_chain_used; ++} ++ ++/* ++ * lrng_process_ready_list() - Ping all kernel internal callers waiting until ++ * the DRNG is completely initialized to inform that the DRNG reached that ++ * seed level. ++ * ++ * When the SP800-90B testing is enabled, the ping only happens if the SP800-90B ++ * startup health tests are completed. This implies that kernel internal ++ * callers always have an SP800-90B compliant noise source when being ++ * pinged. ++ */ ++void lrng_process_ready_list(void) ++{ ++ unsigned long flags; ++ ++ if (!lrng_state_operational()) ++ return; ++ ++ spin_lock_irqsave(&lrng_ready_chain_lock, flags); ++ raw_notifier_call_chain(&lrng_ready_chain, 0, NULL); ++ spin_unlock_irqrestore(&lrng_ready_chain_lock, flags); ++} ++ + /************************ LRNG kernel input interfaces ************************/ + + /* +@@ -125,6 +156,58 @@ void add_interrupt_randomness(int irq) { + EXPORT_SYMBOL(add_interrupt_randomness); + #endif + ++/* ++ * unregister_random_ready_notifier() - Delete a previously registered readiness ++ * callback function. ++ * ++ * @nb: callback definition that was registered initially ++ */ ++int unregister_random_ready_notifier(struct notifier_block *nb) ++{ ++ unsigned long flags; ++ int ret; ++ ++ spin_lock_irqsave(&lrng_ready_chain_lock, flags); ++ ret = raw_notifier_chain_unregister(&lrng_ready_chain, nb); ++ spin_unlock_irqrestore(&lrng_ready_chain_lock, flags); ++ ++ if (!ret && lrng_ready_chain_used) ++ lrng_ready_chain_used--; ++ ++ return ret; ++} ++EXPORT_SYMBOL(unregister_random_ready_notifier); ++ ++/* ++ * register_random_ready_notifier() - Add a callback function that will be ++ * invoked when the DRNG is fully initialized and seeded. ++ * ++ * @nb: callback definition to be invoked when the LRNG is seeded ++ * ++ * Return: ++ * * 0 if callback is successfully added ++ * * -EALREADY if pool is already initialised (callback not called) ++ */ ++int register_random_ready_notifier(struct notifier_block *nb) ++{ ++ unsigned long flags; ++ int err = -EALREADY; ++ ++ if (likely(lrng_state_operational())) ++ return err; ++ ++ spin_lock_irqsave(&lrng_ready_chain_lock, flags); ++ if (!lrng_state_operational()) ++ err = raw_notifier_chain_register(&lrng_ready_chain, nb); ++ spin_unlock_irqrestore(&lrng_ready_chain_lock, flags); ++ ++ if (!err) ++ lrng_ready_chain_used++; ++ ++ return err; ++} ++EXPORT_SYMBOL(register_random_ready_notifier); ++ + #if IS_ENABLED(CONFIG_VMGENID) + static BLOCKING_NOTIFIER_HEAD(lrng_vmfork_chain); + +@@ -195,6 +278,43 @@ int wait_for_random_bytes(void) + EXPORT_SYMBOL(wait_for_random_bytes); + + /* ++ * get_random_bytes_arch() - This function will use the architecture-specific ++ * hardware random number generator if it is available. ++ * ++ * The arch-specific hw RNG will almost certainly be faster than what we can ++ * do in software, but it is impossible to verify that it is implemented ++ * securely (as opposed, to, say, the AES encryption of a sequence number using ++ * a key known by the NSA). So it's useful if we need the speed, but only if ++ * we're willing to trust the hardware manufacturer not to have put in a back ++ * door. ++ * ++ * @buf: buffer allocated by caller to store the random data in ++ * @nbytes: length of outbuf ++ * ++ * Return: number of bytes filled in. ++ */ ++size_t __must_check get_random_bytes_arch(void *buf, size_t nbytes) ++{ ++ size_t left = nbytes; ++ u8 *p = buf; ++ ++ while (left) { ++ unsigned long v; ++ size_t chunk = min_t(size_t, left, sizeof(unsigned long)); ++ ++ if (!arch_get_random_long(&v)) ++ break; ++ ++ memcpy(p, &v, chunk); ++ p += chunk; ++ left -= chunk; ++ } ++ ++ return nbytes - left; ++} ++EXPORT_SYMBOL(get_random_bytes_arch); ++ ++/* + * Returns whether or not the LRNG has been seeded. + * + * Returns: true if the urandom pool has been seeded. +--- linux-5.15.58/drivers/char/lrng/lrng_interface_random_kernel.h.orig 2022-08-01 10:01:32.939911355 +0200 ++++ linux-5.15.58/drivers/char/lrng/lrng_interface_random_kernel.h 2022-08-01 10:01:38.564923636 +0200 +@@ -7,9 +7,13 @@ + #define _LRNG_INTERFACE_RANDOM_H + + #ifdef CONFIG_LRNG_RANDOM_IF ++void lrng_process_ready_list(void); ++bool lrng_ready_chain_has_sleeper(void); + void invalidate_batched_entropy(void); + void lrng_kick_random_ready(void); + #else /* CONFIG_LRNG_RANDOM_IF */ ++static inline bool lrng_ready_chain_has_sleeper(void) { return false; } ++static inline void lrng_process_ready_list(void) { } + static inline void invalidate_batched_entropy(void) { } + static inline void lrng_kick_random_ready(void) { } + #endif /* CONFIG_LRNG_RANDOM_IF */ diff --git a/backports/v57-5.15.167/v57-08-revert-arch_get_random_long.patch b/backports/v57-5.15.167/v57-08-revert-arch_get_random_long.patch new file mode 100644 index 0000000..c62d28d --- /dev/null +++ b/backports/v57-5.15.167/v57-08-revert-arch_get_random_long.patch @@ -0,0 +1,68 @@ +diff --git a/drivers/char/lrng/lrng_es_cpu.c b/drivers/char/lrng/lrng_es_cpu.c +index f982cc31df4e..3910108cfd08 100644 +--- a/drivers/char/lrng/lrng_es_cpu.c ++++ b/drivers/char/lrng/lrng_es_cpu.c +@@ -65,8 +65,7 @@ static u32 lrng_cpu_poolsize(void) + + static u32 lrng_get_cpu_data(u8 *outbuf, u32 requested_bits) + { +- size_t longs = 0; +- u32 i, req = requested_bits >> 3; ++ u32 i; + + /* operate on full blocks */ + BUILD_BUG_ON(LRNG_DRNG_SECURITY_STRENGTH_BYTES % sizeof(unsigned long)); +@@ -74,14 +73,10 @@ static u32 lrng_get_cpu_data(u8 *outbuf, u32 requested_bits) + /* ensure we have aligned buffers */ + BUILD_BUG_ON(LRNG_KCAPI_ALIGN % sizeof(unsigned long)); + +- for (i = 0; i < req; i += longs) { +- longs = arch_get_random_seed_longs( +- (unsigned long *)(outbuf + i), req - i); +- if (longs) +- continue; +- longs = arch_get_random_longs((unsigned long *)(outbuf + i), +- req - i); +- if (!longs) { ++ for (i = 0; i < (requested_bits >> 3); ++ i += sizeof(unsigned long)) { ++ if (!arch_get_random_seed_long((unsigned long *)(outbuf + i)) && ++ !arch_get_random_long((unsigned long *)(outbuf + i))) { + cpu_entropy = 0; + return 0; + } +@@ -180,7 +175,7 @@ static u32 lrng_cpu_multiplier(void) + if (data_multiplier > 0) + return data_multiplier; + +- if (IS_ENABLED(CONFIG_X86) && !arch_get_random_seed_longs(&v, 1)) { ++ if (IS_ENABLED(CONFIG_X86) && !arch_get_random_seed_long(&v)) { + /* + * Intel SPEC: pulling 512 blocks from RDRAND ensures + * one reseed making it logically equivalent to RDSEED. +--- linux-5.15.86/drivers/char/lrng/lrng_es_mgr.c.orig2 2023-01-07 21:18:49.376364123 +0100 ++++ linux-5.15.86/drivers/char/lrng/lrng_es_mgr.c 2023-01-07 21:19:44.168291522 +0100 +@@ -376,19 +376,12 @@ void __init lrng_rand_initialize_early(v + sizeof(unsigned long))]; + struct new_utsname utsname; + } seed __aligned(LRNG_KCAPI_ALIGN); +- size_t longs = 0; + unsigned int i; + +- for (i = 0; i < ARRAY_SIZE(seed.data); i += longs) { +- longs = arch_get_random_seed_longs(seed.data + i, +- ARRAY_SIZE(seed.data) - i); +- if (longs) +- continue; +- longs = arch_get_random_longs(seed.data + i, +- ARRAY_SIZE(seed.data) - i); +- if (longs) +- continue; +- longs = 1; ++ for (i = 0; i < ARRAY_SIZE(seed.data); i++) { ++ if (!arch_get_random_seed_long_early(&(seed.data[i])) && ++ !arch_get_random_long_early(&seed.data[i])) ++ seed.data[i] = random_get_entropy(); + } + memcpy(&seed.utsname, init_utsname(), sizeof(*(init_utsname()))); + diff --git a/backports/v57-5.15.167/v57-09-revert-split-random_init.patch b/backports/v57-5.15.167/v57-09-revert-split-random_init.patch new file mode 100644 index 0000000..d361305 --- /dev/null +++ b/backports/v57-5.15.167/v57-09-revert-split-random_init.patch @@ -0,0 +1,22 @@ +--- linux-5.15.86/drivers/char/lrng/lrng_interface_random_kernel.c.orig 2023-01-07 21:29:56.529021762 +0100 ++++ linux-5.15.86/drivers/char/lrng/lrng_interface_random_kernel.c 2023-01-07 21:31:30.445338357 +0100 +@@ -34,15 +34,17 @@ static int __init lrng_parse_trust_bootl + } + early_param("random.trust_bootloader", lrng_parse_trust_bootloader); + +-void __init random_init_early(const char *command_line) ++static void __init random_init_early(const char *command_line) + { + lrng_rand_initialize_early(); + lrng_pool_insert_aux(command_line, strlen(command_line), 0); + } + +-void __init random_init(void) ++int __init random_init(const char *command_line) + { ++ random_init_early(command_line); + lrng_rand_initialize(); ++ return 0; + } + + bool lrng_ready_chain_has_sleeper(void) diff --git a/backports/v57-5.15.167/v57-10-revert_add_hwgenerator_randomness_update.patch b/backports/v57-5.15.167/v57-10-revert_add_hwgenerator_randomness_update.patch new file mode 100644 index 0000000..d88efd6 --- /dev/null +++ b/backports/v57-5.15.167/v57-10-revert_add_hwgenerator_randomness_update.patch @@ -0,0 +1,19 @@ +--- linux-6.1.14/drivers/char/lrng/lrng_interface_random_kernel.c.orig 2023-02-26 16:21:03.212109504 +0100 ++++ linux-6.1.14/drivers/char/lrng/lrng_interface_random_kernel.c 2023-02-26 16:21:22.284469755 +0100 +@@ -85,7 +85,7 @@ void lrng_kick_random_ready(void) + * @entropy_bits: amount of entropy in buffer (value is in bits) + */ + void add_hwgenerator_randomness(const void *buffer, size_t count, +- size_t entropy_bits, bool sleep_after) ++ size_t entropy_bits) + { + /* + * Suspend writing if we are fully loaded with entropy or if caller +@@ -96,7 +96,6 @@ void add_hwgenerator_randomness(const vo + wait_event_interruptible(lrng_write_wait, + (lrng_need_entropy() && entropy_bits) || + lrng_state_exseed_allow(lrng_noise_source_hw) || +- !sleep_after || + kthread_should_stop()); + lrng_state_exseed_set(lrng_noise_source_hw, false); + lrng_pool_insert_aux(buffer, count, entropy_bits); diff --git a/backports/v57-5.15.167/v57-11-add_terminator_sysctl_table.patch b/backports/v57-5.15.167/v57-11-add_terminator_sysctl_table.patch new file mode 100644 index 0000000..192ac91 --- /dev/null +++ b/backports/v57-5.15.167/v57-11-add_terminator_sysctl_table.patch @@ -0,0 +1,9 @@ +--- linux-5.15.152/drivers/char/lrng/lrng_sysctl.c.orig 2024-03-21 16:28:58.433989086 +0100 ++++ linux-5.15.152/drivers/char/lrng/lrng_sysctl.c 2024-03-21 16:23:20.407775043 +0100 +@@ -129,5 +129,6 @@ struct ctl_table random_table[] = { + .proc_handler = proc_dointvec, + .extra1 = &lrng_drng_reseed_max_min, + }, ++ { } + }; + diff --git a/backports/v57-5.15.167/v57-12-config_base_small.patch b/backports/v57-5.15.167/v57-12-config_base_small.patch new file mode 100644 index 0000000..ef87cf8 --- /dev/null +++ b/backports/v57-5.15.167/v57-12-config_base_small.patch @@ -0,0 +1,11 @@ +--- linux-6.6.43/drivers/char/lrng/lrng_interface_dev_common.c.orig 2024-07-28 22:07:52.457903187 +0200 ++++ linux-6.6.43/drivers/char/lrng/lrng_interface_dev_common.c 2024-07-28 22:08:16.905132650 +0200 +@@ -111,7 +111,7 @@ ssize_t lrng_read_common(char __user *bu + * request sizes, such as 16 or 32 bytes, avoid a kmalloc overhead for + * those by using the stack variable of tmpbuf. + */ +- if (!IS_ENABLED(CONFIG_BASE_SMALL) && (nbytes > sizeof(tmpbuf))) { ++ if (!CONFIG_BASE_SMALL && (nbytes > sizeof(tmpbuf))) { + tmplen = min_t(u32, nbytes, LRNG_DRNG_MAX_REQSIZE); + tmp_large = kmalloc(tmplen + LRNG_KCAPI_ALIGN, GFP_KERNEL); + if (!tmp_large) diff --git a/backports/v57-5.15.167/v57-13-sysctl-unconstify.patch b/backports/v57-5.15.167/v57-13-sysctl-unconstify.patch new file mode 100644 index 0000000..484cebd --- /dev/null +++ b/backports/v57-5.15.167/v57-13-sysctl-unconstify.patch @@ -0,0 +1,29 @@ +--- linux-6.6.52/drivers/char/lrng/lrng_sysctl.c.orig 2024-09-28 22:10:40.683092569 +0200 ++++ linux-6.6.52/drivers/char/lrng/lrng_sysctl.c 2024-09-28 22:11:05.993141475 +0200 +@@ -23,7 +23,7 @@ + * returned as an ASCII string in the standard UUID format; if via the + * sysctl system call, as 16 bytes of binary data. + */ +-static int lrng_sysctl_do_uuid(const struct ctl_table *table, int write, ++static int lrng_sysctl_do_uuid(struct ctl_table *table, int write, + void *buffer, size_t *lenp, loff_t *ppos) + { + struct ctl_table fake_table; +@@ -50,7 +50,7 @@ static int lrng_sysctl_do_uuid(const str + return proc_dostring(&fake_table, write, buffer, lenp, ppos); + } + +-static int lrng_sysctl_do_entropy(const struct ctl_table *table, int write, ++static int lrng_sysctl_do_entropy(struct ctl_table *table, int write, + void *buffer, size_t *lenp, loff_t *ppos) + { + struct ctl_table fake_table; +@@ -62,7 +62,7 @@ static int lrng_sysctl_do_entropy(const + return proc_dointvec(&fake_table, write, buffer, lenp, ppos); + } + +-static int lrng_sysctl_do_poolsize(const struct ctl_table *table, int write, ++static int lrng_sysctl_do_poolsize(struct ctl_table *table, int write, + void *buffer, size_t *lenp, loff_t *ppos) + { + struct ctl_table fake_table; diff --git a/backports/v57-5.4.284/README.md b/backports/v57-5.4.284/README.md new file mode 100644 index 0000000..a802bcc --- /dev/null +++ b/backports/v57-5.4.284/README.md @@ -0,0 +1,13 @@ +# Backport Patches for Kernel 5.4 + +The patches allow applying the LRNG to older kernels. Perform the following +operations: + +1. apply all six-digit patches providing necessary code updates to + required before applying the LRNG patches. + +2. apply all LRNG patches from upstream - note, some hunks are expected + considering the original code base is written for a different kernel version + +3. apply all two-digit patches providing code updates after the LRNG patches + are applied. diff --git a/backports/v57-5.4.284/v57-000001-core.patch b/backports/v57-5.4.284/v57-000001-core.patch new file mode 100644 index 0000000..0809e1b --- /dev/null +++ b/backports/v57-5.4.284/v57-000001-core.patch @@ -0,0 +1,13 @@ +--- linux-5.8/kernel/sched/core.c.orig 2022-05-17 09:59:33.887522471 +0200 ++++ linux-5.8/kernel/sched/core.c 2022-05-17 10:00:18.241509892 +0200 +@@ -6,6 +6,10 @@ + * + * Copyright (C) 1991-2002 Linus Torvalds + */ ++#include ++#include ++#include ++ + #include "sched.h" + + #include diff --git a/backports/v57-5.4.284/v57-000002-jent-backport.patch b/backports/v57-5.4.284/v57-000002-jent-backport.patch new file mode 100644 index 0000000..258c263 --- /dev/null +++ b/backports/v57-5.4.284/v57-000002-jent-backport.patch @@ -0,0 +1,87 @@ +commit 965d7286d871b622dcaaafd2e2346b11631584ff +Author: Ben Dooks +Date: Wed Oct 9 10:12:56 2019 +0100 + + crypto: jitter - add header to fix buildwarnings + + Fix the following build warnings by adding a header for + the definitions shared between jitterentropy.c and + jitterentropy-kcapi.c. Fixes the following: + + crypto/jitterentropy.c:445:5: warning: symbol 'jent_read_entropy' was not declared. Should it be static? + crypto/jitterentropy.c:475:18: warning: symbol 'jent_entropy_collector_alloc' was not declared. Should it be static? + crypto/jitterentropy.c:509:6: warning: symbol 'jent_entropy_collector_free' was not declared. Should it be static? + crypto/jitterentropy.c:516:5: warning: symbol 'jent_entropy_init' was not declared. Should it be static? + crypto/jitterentropy-kcapi.c:59:6: warning: symbol 'jent_zalloc' was not declared. Should it be static? + crypto/jitterentropy-kcapi.c:64:6: warning: symbol 'jent_zfree' was not declared. Should it be static? + crypto/jitterentropy-kcapi.c:69:5: warning: symbol 'jent_fips_enabled' was not declared. Should it be static? + crypto/jitterentropy-kcapi.c:74:6: warning: symbol 'jent_panic' was not declared. Should it be static? + crypto/jitterentropy-kcapi.c:79:6: warning: symbol 'jent_memcpy' was not declared. Should it be static? + crypto/jitterentropy-kcapi.c:93:6: warning: symbol 'jent_get_nstime' was not declared. Should it be static? + + Signed-off-by: Ben Dooks + Reviewed-by: Stephan Mueller + +diff --git a/crypto/jitterentropy-kcapi.c b/crypto/jitterentropy-kcapi.c +index 701b8d86ab49..a5ce8f96790f 100644 +--- a/crypto/jitterentropy-kcapi.c ++++ b/crypto/jitterentropy-kcapi.c +@@ -44,13 +44,7 @@ + #include + #include + +-struct rand_data; +-int jent_read_entropy(struct rand_data *ec, unsigned char *data, +- unsigned int len); +-int jent_entropy_init(void); +-struct rand_data *jent_entropy_collector_alloc(unsigned int osr, +- unsigned int flags); +-void jent_entropy_collector_free(struct rand_data *entropy_collector); ++#include "jitterentropy.h" + + /*************************************************************************** + * Helper function +diff --git a/crypto/jitterentropy.c b/crypto/jitterentropy.c +index 9597f9f5723d..042157f0d28b 100644 +--- a/crypto/jitterentropy.c ++++ b/crypto/jitterentropy.c +@@ -103,12 +103,7 @@ struct rand_data { + * Helper functions + ***************************************************************************/ + +-void jent_get_nstime(__u64 *out); +-void *jent_zalloc(unsigned int len); +-void jent_zfree(void *ptr); +-int jent_fips_enabled(void); +-void jent_panic(char *s); +-void jent_memcpy(void *dest, const void *src, unsigned int n); ++#include "jitterentropy.h" + + /** + * Update of the loop count used for the next round of +diff --git a/crypto/jitterentropy.h b/crypto/jitterentropy.h +new file mode 100644 +index 000000000000..c83fff32d130 +--- /dev/null ++++ b/crypto/jitterentropy.h +@@ -0,0 +1,19 @@ ++// SPDX-License-Identifier: GPL-2.0-or-later ++ ++typedef unsigned long long __u64; ++ ++extern void *jent_zalloc(unsigned int len); ++extern void jent_zfree(void *ptr); ++extern int jent_fips_enabled(void); ++extern void jent_panic(char *s); ++extern void jent_memcpy(void *dest, const void *src, unsigned int n); ++extern void jent_get_nstime(__u64 *out); ++ ++struct rand_data; ++extern int jent_entropy_init(void); ++extern int jent_read_entropy(struct rand_data *ec, unsigned char *data, ++ unsigned int len); ++ ++extern struct rand_data *jent_entropy_collector_alloc(unsigned int osr, ++ unsigned int flags); ++extern void jent_entropy_collector_free(struct rand_data *entropy_collector); diff --git a/backports/v57-5.4.284/v57-000004-sha1.patch b/backports/v57-5.4.284/v57-000004-sha1.patch new file mode 100644 index 0000000..d0ec1b3 --- /dev/null +++ b/backports/v57-5.4.284/v57-000004-sha1.patch @@ -0,0 +1,17 @@ +--- linux-5.4.203/include/crypto/sha.h.orig 2022-08-01 20:37:46.742512629 +0200 ++++ linux-5.4.203/include/crypto/sha.h 2022-08-01 20:41:09.317200142 +0200 +@@ -159,4 +159,14 @@ extern int sha224_update(struct sha256_s + unsigned int length); + extern int sha224_final(struct sha256_state *sctx, u8 *hash); + ++/* ++ * An implementation of SHA-1's compression function. Don't use in new code! ++ * You shouldn't be using SHA-1, and even if you *have* to use SHA-1, this isn't ++ * the correct way to hash something with SHA-1 (use crypto_shash instead). ++ */ ++#define SHA1_DIGEST_WORDS (SHA1_DIGEST_SIZE / 4) ++#define SHA1_WORKSPACE_WORDS 16 ++void sha_init(__u32 *buf); ++void sha_transform(__u32 *digest, const char *data, __u32 *W); ++ + #endif diff --git a/backports/v57-5.4.284/v57-01-core.patch b/backports/v57-5.4.284/v57-01-core.patch new file mode 100644 index 0000000..cd1ee30 --- /dev/null +++ b/backports/v57-5.4.284/v57-01-core.patch @@ -0,0 +1,12 @@ +--- linux-5.15/kernel/sched/core.c.orig 2022-05-17 08:10:20.541904807 +0200 ++++ linux-5.15/kernel/sched/core.c 2022-05-17 08:10:31.720932544 +0200 +@@ -7,9 +7,6 @@ + * Copyright (C) 1991-2002 Linus Torvalds + */ + #include +-#include +-#include +-#include + + #define CREATE_TRACE_POINTS + #include diff --git a/backports/v57-5.4.284/v57-03-revert-arch_get_random_long.patch b/backports/v57-5.4.284/v57-03-revert-arch_get_random_long.patch new file mode 100644 index 0000000..c62d28d --- /dev/null +++ b/backports/v57-5.4.284/v57-03-revert-arch_get_random_long.patch @@ -0,0 +1,68 @@ +diff --git a/drivers/char/lrng/lrng_es_cpu.c b/drivers/char/lrng/lrng_es_cpu.c +index f982cc31df4e..3910108cfd08 100644 +--- a/drivers/char/lrng/lrng_es_cpu.c ++++ b/drivers/char/lrng/lrng_es_cpu.c +@@ -65,8 +65,7 @@ static u32 lrng_cpu_poolsize(void) + + static u32 lrng_get_cpu_data(u8 *outbuf, u32 requested_bits) + { +- size_t longs = 0; +- u32 i, req = requested_bits >> 3; ++ u32 i; + + /* operate on full blocks */ + BUILD_BUG_ON(LRNG_DRNG_SECURITY_STRENGTH_BYTES % sizeof(unsigned long)); +@@ -74,14 +73,10 @@ static u32 lrng_get_cpu_data(u8 *outbuf, u32 requested_bits) + /* ensure we have aligned buffers */ + BUILD_BUG_ON(LRNG_KCAPI_ALIGN % sizeof(unsigned long)); + +- for (i = 0; i < req; i += longs) { +- longs = arch_get_random_seed_longs( +- (unsigned long *)(outbuf + i), req - i); +- if (longs) +- continue; +- longs = arch_get_random_longs((unsigned long *)(outbuf + i), +- req - i); +- if (!longs) { ++ for (i = 0; i < (requested_bits >> 3); ++ i += sizeof(unsigned long)) { ++ if (!arch_get_random_seed_long((unsigned long *)(outbuf + i)) && ++ !arch_get_random_long((unsigned long *)(outbuf + i))) { + cpu_entropy = 0; + return 0; + } +@@ -180,7 +175,7 @@ static u32 lrng_cpu_multiplier(void) + if (data_multiplier > 0) + return data_multiplier; + +- if (IS_ENABLED(CONFIG_X86) && !arch_get_random_seed_longs(&v, 1)) { ++ if (IS_ENABLED(CONFIG_X86) && !arch_get_random_seed_long(&v)) { + /* + * Intel SPEC: pulling 512 blocks from RDRAND ensures + * one reseed making it logically equivalent to RDSEED. +--- linux-5.15.86/drivers/char/lrng/lrng_es_mgr.c.orig2 2023-01-07 21:18:49.376364123 +0100 ++++ linux-5.15.86/drivers/char/lrng/lrng_es_mgr.c 2023-01-07 21:19:44.168291522 +0100 +@@ -376,19 +376,12 @@ void __init lrng_rand_initialize_early(v + sizeof(unsigned long))]; + struct new_utsname utsname; + } seed __aligned(LRNG_KCAPI_ALIGN); +- size_t longs = 0; + unsigned int i; + +- for (i = 0; i < ARRAY_SIZE(seed.data); i += longs) { +- longs = arch_get_random_seed_longs(seed.data + i, +- ARRAY_SIZE(seed.data) - i); +- if (longs) +- continue; +- longs = arch_get_random_longs(seed.data + i, +- ARRAY_SIZE(seed.data) - i); +- if (longs) +- continue; +- longs = 1; ++ for (i = 0; i < ARRAY_SIZE(seed.data); i++) { ++ if (!arch_get_random_seed_long_early(&(seed.data[i])) && ++ !arch_get_random_long_early(&seed.data[i])) ++ seed.data[i] = random_get_entropy(); + } + memcpy(&seed.utsname, init_utsname(), sizeof(*(init_utsname()))); + diff --git a/backports/v57-5.4.284/v57-04-config_base_small.patch b/backports/v57-5.4.284/v57-04-config_base_small.patch new file mode 100644 index 0000000..ef87cf8 --- /dev/null +++ b/backports/v57-5.4.284/v57-04-config_base_small.patch @@ -0,0 +1,11 @@ +--- linux-6.6.43/drivers/char/lrng/lrng_interface_dev_common.c.orig 2024-07-28 22:07:52.457903187 +0200 ++++ linux-6.6.43/drivers/char/lrng/lrng_interface_dev_common.c 2024-07-28 22:08:16.905132650 +0200 +@@ -111,7 +111,7 @@ ssize_t lrng_read_common(char __user *bu + * request sizes, such as 16 or 32 bytes, avoid a kmalloc overhead for + * those by using the stack variable of tmpbuf. + */ +- if (!IS_ENABLED(CONFIG_BASE_SMALL) && (nbytes > sizeof(tmpbuf))) { ++ if (!CONFIG_BASE_SMALL && (nbytes > sizeof(tmpbuf))) { + tmplen = min_t(u32, nbytes, LRNG_DRNG_MAX_REQSIZE); + tmp_large = kmalloc(tmplen + LRNG_KCAPI_ALIGN, GFP_KERNEL); + if (!tmp_large) diff --git a/backports/v57-5.4.284/v57-05-sysctl.patch b/backports/v57-5.4.284/v57-05-sysctl.patch new file mode 100644 index 0000000..459c4eb --- /dev/null +++ b/backports/v57-5.4.284/v57-05-sysctl.patch @@ -0,0 +1,21 @@ +--- linux-5.15/drivers/char/lrng/lrng_sysctl.c.orig 2022-05-17 08:35:09.958660325 +0200 ++++ linux-5.15/drivers/char/lrng/lrng_sysctl.c 2022-05-17 08:36:17.829818950 +0200 +@@ -91,7 +91,7 @@ void lrng_sysctl_update_max_write_thresh + mb(); + } + +-static struct ctl_table random_table[] = { ++struct ctl_table random_table[] = { + { + .procname = "poolsize", + .maxlen = sizeof(int), +@@ -137,9 +137,3 @@ static struct ctl_table random_table[] = + { } + }; + +-static int __init random_sysctls_init(void) +-{ +- register_sysctl_init("kernel/random", random_table); +- return 0; +-} +-device_initcall(random_sysctls_init); diff --git a/backports/v57-5.4.284/v57-06-add_random_ready_callbacks.patch b/backports/v57-5.4.284/v57-06-add_random_ready_callbacks.patch new file mode 100644 index 0000000..2ef745c --- /dev/null +++ b/backports/v57-5.4.284/v57-06-add_random_ready_callbacks.patch @@ -0,0 +1,176 @@ +--- linux-5.18.8/drivers/char/lrng/lrng_es_mgr.c.orig 2022-08-01 09:35:07.227572096 +0200 ++++ linux-5.18.8/drivers/char/lrng/lrng_es_mgr.c 2022-08-01 09:31:18.926127936 +0200 +@@ -218,6 +218,7 @@ static void lrng_set_operational(void) + */ + if (lrng_state.lrng_fully_seeded) { + lrng_state.lrng_operational = true; ++ lrng_process_ready_list(); + lrng_init_wakeup(); + pr_info("LRNG fully operational\n"); + } +--- linux-5.18.8/drivers/char/lrng/lrng_interface_random_kernel.c.orig 2022-08-01 09:13:51.877910601 +0200 ++++ linux-5.18.8/drivers/char/lrng/lrng_interface_random_kernel.c 2022-08-01 09:31:18.926127936 +0200 +@@ -19,6 +19,10 @@ + #include "lrng_interface_dev_common.h" + #include "lrng_interface_random_kernel.h" + ++static RAW_NOTIFIER_HEAD(lrng_ready_chain); ++static DEFINE_SPINLOCK(lrng_ready_chain_lock); ++static unsigned int lrng_ready_chain_used = 0; ++ + /********************************** Helper ***********************************/ + + int __init random_init(const char *command_line) +@@ -29,6 +33,33 @@ int __init random_init(const char *comma + return ret; + } + ++bool lrng_ready_chain_has_sleeper(void) ++{ ++ return !!lrng_ready_chain_used; ++} ++ ++/* ++ * lrng_process_ready_list() - Ping all kernel internal callers waiting until ++ * the DRNG is completely initialized to inform that the DRNG reached that ++ * seed level. ++ * ++ * When the SP800-90B testing is enabled, the ping only happens if the SP800-90B ++ * startup health tests are completed. This implies that kernel internal ++ * callers always have an SP800-90B compliant noise source when being ++ * pinged. ++ */ ++void lrng_process_ready_list(void) ++{ ++ unsigned long flags; ++ ++ if (!lrng_state_operational()) ++ return; ++ ++ spin_lock_irqsave(&lrng_ready_chain_lock, flags); ++ raw_notifier_call_chain(&lrng_ready_chain, 0, NULL); ++ spin_unlock_irqrestore(&lrng_ready_chain_lock, flags); ++} ++ + /************************ LRNG kernel input interfaces ************************/ + + /* +@@ -125,6 +156,58 @@ void add_interrupt_randomness(int irq) { + EXPORT_SYMBOL(add_interrupt_randomness); + #endif + ++/* ++ * unregister_random_ready_notifier() - Delete a previously registered readiness ++ * callback function. ++ * ++ * @nb: callback definition that was registered initially ++ */ ++int unregister_random_ready_notifier(struct notifier_block *nb) ++{ ++ unsigned long flags; ++ int ret; ++ ++ spin_lock_irqsave(&lrng_ready_chain_lock, flags); ++ ret = raw_notifier_chain_unregister(&lrng_ready_chain, nb); ++ spin_unlock_irqrestore(&lrng_ready_chain_lock, flags); ++ ++ if (!ret && lrng_ready_chain_used) ++ lrng_ready_chain_used--; ++ ++ return ret; ++} ++EXPORT_SYMBOL(unregister_random_ready_notifier); ++ ++/* ++ * register_random_ready_notifier() - Add a callback function that will be ++ * invoked when the DRNG is fully initialized and seeded. ++ * ++ * @nb: callback definition to be invoked when the LRNG is seeded ++ * ++ * Return: ++ * * 0 if callback is successfully added ++ * * -EALREADY if pool is already initialised (callback not called) ++ */ ++int register_random_ready_notifier(struct notifier_block *nb) ++{ ++ unsigned long flags; ++ int err = -EALREADY; ++ ++ if (likely(lrng_state_operational())) ++ return err; ++ ++ spin_lock_irqsave(&lrng_ready_chain_lock, flags); ++ if (!lrng_state_operational()) ++ err = raw_notifier_chain_register(&lrng_ready_chain, nb); ++ spin_unlock_irqrestore(&lrng_ready_chain_lock, flags); ++ ++ if (!err) ++ lrng_ready_chain_used++; ++ ++ return err; ++} ++EXPORT_SYMBOL(register_random_ready_notifier); ++ + #if IS_ENABLED(CONFIG_VMGENID) + static BLOCKING_NOTIFIER_HEAD(lrng_vmfork_chain); + +@@ -195,6 +278,43 @@ int wait_for_random_bytes(void) + EXPORT_SYMBOL(wait_for_random_bytes); + + /* ++ * get_random_bytes_arch() - This function will use the architecture-specific ++ * hardware random number generator if it is available. ++ * ++ * The arch-specific hw RNG will almost certainly be faster than what we can ++ * do in software, but it is impossible to verify that it is implemented ++ * securely (as opposed, to, say, the AES encryption of a sequence number using ++ * a key known by the NSA). So it's useful if we need the speed, but only if ++ * we're willing to trust the hardware manufacturer not to have put in a back ++ * door. ++ * ++ * @buf: buffer allocated by caller to store the random data in ++ * @nbytes: length of outbuf ++ * ++ * Return: number of bytes filled in. ++ */ ++size_t __must_check get_random_bytes_arch(void *buf, size_t nbytes) ++{ ++ size_t left = nbytes; ++ u8 *p = buf; ++ ++ while (left) { ++ unsigned long v; ++ size_t chunk = min_t(size_t, left, sizeof(unsigned long)); ++ ++ if (!arch_get_random_long(&v)) ++ break; ++ ++ memcpy(p, &v, chunk); ++ p += chunk; ++ left -= chunk; ++ } ++ ++ return nbytes - left; ++} ++EXPORT_SYMBOL(get_random_bytes_arch); ++ ++/* + * Returns whether or not the LRNG has been seeded. + * + * Returns: true if the urandom pool has been seeded. +--- linux-5.15.58/drivers/char/lrng/lrng_interface_random_kernel.h.orig 2022-08-01 10:01:32.939911355 +0200 ++++ linux-5.15.58/drivers/char/lrng/lrng_interface_random_kernel.h 2022-08-01 10:01:38.564923636 +0200 +@@ -7,9 +7,13 @@ + #define _LRNG_INTERFACE_RANDOM_H + + #ifdef CONFIG_LRNG_RANDOM_IF ++void lrng_process_ready_list(void); ++bool lrng_ready_chain_has_sleeper(void); + void invalidate_batched_entropy(void); + void lrng_kick_random_ready(void); + #else /* CONFIG_LRNG_RANDOM_IF */ ++static inline bool lrng_ready_chain_has_sleeper(void) { return false; } ++static inline void lrng_process_ready_list(void) { } + static inline void invalidate_batched_entropy(void) { } + static inline void lrng_kick_random_ready(void) { } + #endif /* CONFIG_LRNG_RANDOM_IF */ diff --git a/backports/v57-5.4.284/v57-07-sha-includes.patch b/backports/v57-5.4.284/v57-07-sha-includes.patch new file mode 100644 index 0000000..5c0faa9 --- /dev/null +++ b/backports/v57-5.4.284/v57-07-sha-includes.patch @@ -0,0 +1,34 @@ +--- linux-5.10/drivers/char/lrng/lrng_sha1.c.orig 2022-05-17 09:28:05.950190228 +0200 ++++ linux-5.10/drivers/char/lrng/lrng_sha1.c 2022-05-17 09:28:16.545205008 +0200 +@@ -10,7 +10,7 @@ + #define pr_fmt(fmt) KBUILD_MODNAME ": " fmt + + #include +-#include ++#include + #include + + #include "lrng_sha.h" +--- linux-5.10/drivers/char/lrng/lrng_sha256.c.orig 2022-05-17 09:28:32.976226275 +0200 ++++ linux-5.10/drivers/char/lrng/lrng_sha256.c 2022-05-17 09:28:41.394236961 +0200 +@@ -10,7 +10,7 @@ + #define pr_fmt(fmt) KBUILD_MODNAME ": " fmt + + #include +-#include ++#include + + #include "lrng_sha.h" + +--- linux-5.10/drivers/char/lrng/lrng_definitions.h.orig 2022-05-17 09:37:43.122453512 +0200 ++++ linux-5.10/drivers/char/lrng/lrng_definitions.h 2022-05-17 09:37:52.303479125 +0200 +@@ -6,8 +6,7 @@ + #ifndef _LRNG_DEFINITIONS_H + #define _LRNG_DEFINITIONS_H + +-#include +-#include ++#include + #include + + /*************************** General LRNG parameter ***************************/ diff --git a/backports/v57-5.4.284/v57-08-kzfree.patch b/backports/v57-5.4.284/v57-08-kzfree.patch new file mode 100644 index 0000000..ef46469 --- /dev/null +++ b/backports/v57-5.4.284/v57-08-kzfree.patch @@ -0,0 +1,44 @@ +--- linux-5.4/drivers/char/lrng/lrng_drng_chacha20.c.orig 2020-10-10 21:02:49.755374050 +0200 ++++ linux-5.4/drivers/char/lrng/lrng_drng_chacha20.c 2020-10-10 21:03:21.878506872 +0200 +@@ -224,7 +224,7 @@ static void lrng_cc20_drng_dealloc(void + } + + pr_debug("ChaCha20 core zeroized and freed\n"); +- kfree_sensitive(chacha20_state); ++ kzfree(chacha20_state); + } + + /******************************* Hash Operation *******************************/ +--- linux-5.4/drivers/char/lrng/lrng_drng_drbg.c.orig 2020-10-10 21:02:57.136404546 +0200 ++++ linux-5.4/drivers/char/lrng/lrng_drng_drbg.c 2020-10-10 21:03:37.311570965 +0200 +@@ -140,7 +140,7 @@ static void lrng_drbg_drng_dealloc(void + if (drbg && drbg->d_ops) + drbg->d_ops->crypto_fini(drbg); + drbg_dealloc_state(drbg); +- kfree_sensitive(drbg); ++ kzfree(drbg); + pr_info("DRBG deallocated\n"); + } + +--- linux-5.4/drivers/char/lrng/lrng_interface_dev_common.c.orig 2020-10-10 21:03:03.855432312 +0200 ++++ linux-5.4/drivers/char/lrng/lrng_interface_dev_common.c 2020-10-10 21:03:53.879639777 +0200 +@@ -432,7 +432,7 @@ static ssize_t lrng_read_common(char __u + + /* Wipe data just returned from memory */ + if (tmp_large) +- kfree_sensitive(tmp_large); ++ kzfree(tmp_large); + else + memzero_explicit(tmpbuf, sizeof(tmpbuf)); + +--- linux-5.4/drivers/char/lrng/lrng_testing.c.orig 2020-10-10 21:03:08.427451210 +0200 ++++ linux-5.4/drivers/char/lrng/lrng_testing.c 2020-10-10 21:04:08.620700995 +0200 +@@ -234,7 +234,7 @@ static int lrng_testing_extract_user(str + ret += i; + } + +- kfree_sensitive(tmp); ++ kzfree(tmp); + + if (ret > 0) + *ppos += ret; diff --git a/backports/v57-5.4.284/v57-09-ratelimit.patch b/backports/v57-5.4.284/v57-09-ratelimit.patch new file mode 100644 index 0000000..cf65210 --- /dev/null +++ b/backports/v57-5.4.284/v57-09-ratelimit.patch @@ -0,0 +1,10 @@ +--- linux-5.4/drivers/char/lrng/lrng_es_irq.c.orig 2020-10-10 21:00:01.282688553 +0200 ++++ linux-5.4/drivers/char/lrng/lrng_es_irq.c 2020-10-10 21:12:07.975025774 +0200 +@@ -12,6 +12,7 @@ + #include + #include + #include ++#include + + #include "lrng_internal.h" + #include "lrng_es_irq.h" diff --git a/backports/v57-5.4.284/v57-10-add_signal_header.patch b/backports/v57-5.4.284/v57-10-add_signal_header.patch new file mode 100644 index 0000000..89f979a --- /dev/null +++ b/backports/v57-5.4.284/v57-10-add_signal_header.patch @@ -0,0 +1,10 @@ +--- linux-5.4/drivers/char/lrng/lrng_interface_dev_common.c.orig 2022-05-17 15:42:53.065862532 -0400 ++++ linux-5.4/drivers/char/lrng/lrng_interface_dev_common.c 2022-05-17 15:43:35.844969625 -0400 +@@ -8,6 +8,7 @@ + #define pr_fmt(fmt) KBUILD_MODNAME ": " fmt + + #include ++#include + #include + + #include "lrng_drng_mgr.h" diff --git a/backports/v57-5.4.284/v57-11-revert-split-random_init.patch b/backports/v57-5.4.284/v57-11-revert-split-random_init.patch new file mode 100644 index 0000000..d361305 --- /dev/null +++ b/backports/v57-5.4.284/v57-11-revert-split-random_init.patch @@ -0,0 +1,22 @@ +--- linux-5.15.86/drivers/char/lrng/lrng_interface_random_kernel.c.orig 2023-01-07 21:29:56.529021762 +0100 ++++ linux-5.15.86/drivers/char/lrng/lrng_interface_random_kernel.c 2023-01-07 21:31:30.445338357 +0100 +@@ -34,15 +34,17 @@ static int __init lrng_parse_trust_bootl + } + early_param("random.trust_bootloader", lrng_parse_trust_bootloader); + +-void __init random_init_early(const char *command_line) ++static void __init random_init_early(const char *command_line) + { + lrng_rand_initialize_early(); + lrng_pool_insert_aux(command_line, strlen(command_line), 0); + } + +-void __init random_init(void) ++int __init random_init(const char *command_line) + { ++ random_init_early(command_line); + lrng_rand_initialize(); ++ return 0; + } + + bool lrng_ready_chain_has_sleeper(void) diff --git a/backports/v57-5.4.284/v57-12-revert_add_hwgenerator_randomness_update.patch b/backports/v57-5.4.284/v57-12-revert_add_hwgenerator_randomness_update.patch new file mode 100644 index 0000000..d88efd6 --- /dev/null +++ b/backports/v57-5.4.284/v57-12-revert_add_hwgenerator_randomness_update.patch @@ -0,0 +1,19 @@ +--- linux-6.1.14/drivers/char/lrng/lrng_interface_random_kernel.c.orig 2023-02-26 16:21:03.212109504 +0100 ++++ linux-6.1.14/drivers/char/lrng/lrng_interface_random_kernel.c 2023-02-26 16:21:22.284469755 +0100 +@@ -85,7 +85,7 @@ void lrng_kick_random_ready(void) + * @entropy_bits: amount of entropy in buffer (value is in bits) + */ + void add_hwgenerator_randomness(const void *buffer, size_t count, +- size_t entropy_bits, bool sleep_after) ++ size_t entropy_bits) + { + /* + * Suspend writing if we are fully loaded with entropy or if caller +@@ -96,7 +96,6 @@ void add_hwgenerator_randomness(const vo + wait_event_interruptible(lrng_write_wait, + (lrng_need_entropy() && entropy_bits) || + lrng_state_exseed_allow(lrng_noise_source_hw) || +- !sleep_after || + kthread_should_stop()); + lrng_state_exseed_set(lrng_noise_source_hw, false); + lrng_pool_insert_aux(buffer, count, entropy_bits); diff --git a/backports/v57-5.4.284/v57-13-add_terminator_sysctl_table.patch b/backports/v57-5.4.284/v57-13-add_terminator_sysctl_table.patch new file mode 100644 index 0000000..192ac91 --- /dev/null +++ b/backports/v57-5.4.284/v57-13-add_terminator_sysctl_table.patch @@ -0,0 +1,9 @@ +--- linux-5.15.152/drivers/char/lrng/lrng_sysctl.c.orig 2024-03-21 16:28:58.433989086 +0100 ++++ linux-5.15.152/drivers/char/lrng/lrng_sysctl.c 2024-03-21 16:23:20.407775043 +0100 +@@ -129,5 +129,6 @@ struct ctl_table random_table[] = { + .proc_handler = proc_dointvec, + .extra1 = &lrng_drng_reseed_max_min, + }, ++ { } + }; + diff --git a/backports/v57-5.4.284/v57-14-sysctl-unconstify.patch b/backports/v57-5.4.284/v57-14-sysctl-unconstify.patch new file mode 100644 index 0000000..484cebd --- /dev/null +++ b/backports/v57-5.4.284/v57-14-sysctl-unconstify.patch @@ -0,0 +1,29 @@ +--- linux-6.6.52/drivers/char/lrng/lrng_sysctl.c.orig 2024-09-28 22:10:40.683092569 +0200 ++++ linux-6.6.52/drivers/char/lrng/lrng_sysctl.c 2024-09-28 22:11:05.993141475 +0200 +@@ -23,7 +23,7 @@ + * returned as an ASCII string in the standard UUID format; if via the + * sysctl system call, as 16 bytes of binary data. + */ +-static int lrng_sysctl_do_uuid(const struct ctl_table *table, int write, ++static int lrng_sysctl_do_uuid(struct ctl_table *table, int write, + void *buffer, size_t *lenp, loff_t *ppos) + { + struct ctl_table fake_table; +@@ -50,7 +50,7 @@ static int lrng_sysctl_do_uuid(const str + return proc_dostring(&fake_table, write, buffer, lenp, ppos); + } + +-static int lrng_sysctl_do_entropy(const struct ctl_table *table, int write, ++static int lrng_sysctl_do_entropy(struct ctl_table *table, int write, + void *buffer, size_t *lenp, loff_t *ppos) + { + struct ctl_table fake_table; +@@ -62,7 +62,7 @@ static int lrng_sysctl_do_entropy(const + return proc_dointvec(&fake_table, write, buffer, lenp, ppos); + } + +-static int lrng_sysctl_do_poolsize(const struct ctl_table *table, int write, ++static int lrng_sysctl_do_poolsize(struct ctl_table *table, int write, + void *buffer, size_t *lenp, loff_t *ppos) + { + struct ctl_table fake_table; diff --git a/backports/v57-6.1.111/README.md b/backports/v57-6.1.111/README.md new file mode 100644 index 0000000..b099a1f --- /dev/null +++ b/backports/v57-6.1.111/README.md @@ -0,0 +1,13 @@ +# Backport Patches for Kernel 6.1 + +The patches allow applying the LRNG to older kernels. Perform the following +operations: + +1. apply all six-digit patches providing necessary code updates to + required before applying the LRNG patches. + +2. apply all LRNG patches from upstream - note, some hunks are expected + considering the original code base is written for a different kernel version + +3. apply all two-digit patches providing code updates after the LRNG patches + are applied. diff --git a/backports/v57-6.1.111/v57-01-add_arch_get_random_longs_early.patch b/backports/v57-6.1.111/v57-01-add_arch_get_random_longs_early.patch new file mode 100644 index 0000000..2248a7b --- /dev/null +++ b/backports/v57-6.1.111/v57-01-add_arch_get_random_longs_early.patch @@ -0,0 +1,62 @@ +--- linux-6.1.37/drivers/char/lrng/lrng_es_mgr.c.orig 2023-07-03 08:19:27.484926750 +0200 ++++ linux-6.1.37/drivers/char/lrng/lrng_es_mgr.c 2023-09-03 22:21:41.011317705 +0200 +@@ -381,6 +381,9 @@ void lrng_init_ops(struct entropy_buf *e + } + } + ++static size_t lrng_get_random_longs_early(unsigned long *v, size_t max_longs); ++static size_t lrng_get_random_seed_longs_early(unsigned long *v, ++ size_t max_longs); + void __init lrng_rand_initialize_early(void) + { + struct seed { +@@ -393,11 +396,11 @@ void __init lrng_rand_initialize_early(v + unsigned int i; + + for (i = 0; i < ARRAY_SIZE(seed.data); i += longs) { +- longs = arch_get_random_seed_longs(seed.data + i, ++ longs = lrng_get_random_seed_longs_early(seed.data + i, + ARRAY_SIZE(seed.data) - i); + if (longs) + continue; +- longs = arch_get_random_longs(seed.data + i, ++ longs = lrng_get_random_longs_early(seed.data + i, + ARRAY_SIZE(seed.data) - i); + if (longs) + continue; +@@ -429,6 +432,17 @@ void __init lrng_rand_initialize(void) + } + + #ifndef CONFIG_LRNG_RANDOM_IF ++static size_t lrng_get_random_longs_early(unsigned long *v, size_t max_longs) ++{ ++ return arch_get_random_longs(v, max_longs); ++} ++ ++static size_t lrng_get_random_seed_longs_early(unsigned long *v, ++ size_t max_longs) ++{ ++ return arch_get_random_seed_longs(v, max_longs); ++} ++ + static int __init lrng_rand_initialize_call(void) + { + lrng_rand_initialize_early(); +@@ -437,6 +451,17 @@ static int __init lrng_rand_initialize_c + } + + early_initcall(lrng_rand_initialize_call); ++#else ++static size_t lrng_get_random_longs_early(unsigned long *v, size_t max_longs) ++{ ++ return arch_get_random_longs_early(v, max_longs); ++} ++ ++static size_t lrng_get_random_seed_longs_early(unsigned long *v, ++ size_t max_longs) ++{ ++ return arch_get_random_seed_longs_early(v, max_longs); ++} + #endif + + /* Interface requesting a reseed of the DRNG */ diff --git a/backports/v57-6.1.111/v57-02-revert_add_hwgenerator_randomness_update.patch b/backports/v57-6.1.111/v57-02-revert_add_hwgenerator_randomness_update.patch new file mode 100644 index 0000000..d88efd6 --- /dev/null +++ b/backports/v57-6.1.111/v57-02-revert_add_hwgenerator_randomness_update.patch @@ -0,0 +1,19 @@ +--- linux-6.1.14/drivers/char/lrng/lrng_interface_random_kernel.c.orig 2023-02-26 16:21:03.212109504 +0100 ++++ linux-6.1.14/drivers/char/lrng/lrng_interface_random_kernel.c 2023-02-26 16:21:22.284469755 +0100 +@@ -85,7 +85,7 @@ void lrng_kick_random_ready(void) + * @entropy_bits: amount of entropy in buffer (value is in bits) + */ + void add_hwgenerator_randomness(const void *buffer, size_t count, +- size_t entropy_bits, bool sleep_after) ++ size_t entropy_bits) + { + /* + * Suspend writing if we are fully loaded with entropy or if caller +@@ -96,7 +96,6 @@ void add_hwgenerator_randomness(const vo + wait_event_interruptible(lrng_write_wait, + (lrng_need_entropy() && entropy_bits) || + lrng_state_exseed_allow(lrng_noise_source_hw) || +- !sleep_after || + kthread_should_stop()); + lrng_state_exseed_set(lrng_noise_source_hw, false); + lrng_pool_insert_aux(buffer, count, entropy_bits); diff --git a/backports/v57-6.1.111/v57-03-config_base_small.patch b/backports/v57-6.1.111/v57-03-config_base_small.patch new file mode 100644 index 0000000..ef87cf8 --- /dev/null +++ b/backports/v57-6.1.111/v57-03-config_base_small.patch @@ -0,0 +1,11 @@ +--- linux-6.6.43/drivers/char/lrng/lrng_interface_dev_common.c.orig 2024-07-28 22:07:52.457903187 +0200 ++++ linux-6.6.43/drivers/char/lrng/lrng_interface_dev_common.c 2024-07-28 22:08:16.905132650 +0200 +@@ -111,7 +111,7 @@ ssize_t lrng_read_common(char __user *bu + * request sizes, such as 16 or 32 bytes, avoid a kmalloc overhead for + * those by using the stack variable of tmpbuf. + */ +- if (!IS_ENABLED(CONFIG_BASE_SMALL) && (nbytes > sizeof(tmpbuf))) { ++ if (!CONFIG_BASE_SMALL && (nbytes > sizeof(tmpbuf))) { + tmplen = min_t(u32, nbytes, LRNG_DRNG_MAX_REQSIZE); + tmp_large = kmalloc(tmplen + LRNG_KCAPI_ALIGN, GFP_KERNEL); + if (!tmp_large) diff --git a/backports/v57-6.1.111/v57-04-sysctl-unconstify.patch b/backports/v57-6.1.111/v57-04-sysctl-unconstify.patch new file mode 100644 index 0000000..484cebd --- /dev/null +++ b/backports/v57-6.1.111/v57-04-sysctl-unconstify.patch @@ -0,0 +1,29 @@ +--- linux-6.6.52/drivers/char/lrng/lrng_sysctl.c.orig 2024-09-28 22:10:40.683092569 +0200 ++++ linux-6.6.52/drivers/char/lrng/lrng_sysctl.c 2024-09-28 22:11:05.993141475 +0200 +@@ -23,7 +23,7 @@ + * returned as an ASCII string in the standard UUID format; if via the + * sysctl system call, as 16 bytes of binary data. + */ +-static int lrng_sysctl_do_uuid(const struct ctl_table *table, int write, ++static int lrng_sysctl_do_uuid(struct ctl_table *table, int write, + void *buffer, size_t *lenp, loff_t *ppos) + { + struct ctl_table fake_table; +@@ -50,7 +50,7 @@ static int lrng_sysctl_do_uuid(const str + return proc_dostring(&fake_table, write, buffer, lenp, ppos); + } + +-static int lrng_sysctl_do_entropy(const struct ctl_table *table, int write, ++static int lrng_sysctl_do_entropy(struct ctl_table *table, int write, + void *buffer, size_t *lenp, loff_t *ppos) + { + struct ctl_table fake_table; +@@ -62,7 +62,7 @@ static int lrng_sysctl_do_entropy(const + return proc_dointvec(&fake_table, write, buffer, lenp, ppos); + } + +-static int lrng_sysctl_do_poolsize(const struct ctl_table *table, int write, ++static int lrng_sysctl_do_poolsize(struct ctl_table *table, int write, + void *buffer, size_t *lenp, loff_t *ppos) + { + struct ctl_table fake_table; diff --git a/backports/v57-6.6.52/README.md b/backports/v57-6.6.52/README.md new file mode 100644 index 0000000..8117db8 --- /dev/null +++ b/backports/v57-6.6.52/README.md @@ -0,0 +1,13 @@ +# Backport Patches for Kernel 6.6 + +The patches allow applying the LRNG to older kernels. Perform the following +operations: + +1. apply all six-digit patches providing necessary code updates to + required before applying the LRNG patches. + +2. apply all LRNG patches from upstream - note, some hunks are expected + considering the original code base is written for a different kernel version + +3. apply all two-digit patches providing code updates after the LRNG patches + are applied. diff --git a/backports/v57-6.6.52/v57-01-config_base_small.patch b/backports/v57-6.6.52/v57-01-config_base_small.patch new file mode 100644 index 0000000..ef87cf8 --- /dev/null +++ b/backports/v57-6.6.52/v57-01-config_base_small.patch @@ -0,0 +1,11 @@ +--- linux-6.6.43/drivers/char/lrng/lrng_interface_dev_common.c.orig 2024-07-28 22:07:52.457903187 +0200 ++++ linux-6.6.43/drivers/char/lrng/lrng_interface_dev_common.c 2024-07-28 22:08:16.905132650 +0200 +@@ -111,7 +111,7 @@ ssize_t lrng_read_common(char __user *bu + * request sizes, such as 16 or 32 bytes, avoid a kmalloc overhead for + * those by using the stack variable of tmpbuf. + */ +- if (!IS_ENABLED(CONFIG_BASE_SMALL) && (nbytes > sizeof(tmpbuf))) { ++ if (!CONFIG_BASE_SMALL && (nbytes > sizeof(tmpbuf))) { + tmplen = min_t(u32, nbytes, LRNG_DRNG_MAX_REQSIZE); + tmp_large = kmalloc(tmplen + LRNG_KCAPI_ALIGN, GFP_KERNEL); + if (!tmp_large) diff --git a/backports/v57-6.6.52/v57-02-sysctl-unconstify.patch b/backports/v57-6.6.52/v57-02-sysctl-unconstify.patch new file mode 100644 index 0000000..484cebd --- /dev/null +++ b/backports/v57-6.6.52/v57-02-sysctl-unconstify.patch @@ -0,0 +1,29 @@ +--- linux-6.6.52/drivers/char/lrng/lrng_sysctl.c.orig 2024-09-28 22:10:40.683092569 +0200 ++++ linux-6.6.52/drivers/char/lrng/lrng_sysctl.c 2024-09-28 22:11:05.993141475 +0200 +@@ -23,7 +23,7 @@ + * returned as an ASCII string in the standard UUID format; if via the + * sysctl system call, as 16 bytes of binary data. + */ +-static int lrng_sysctl_do_uuid(const struct ctl_table *table, int write, ++static int lrng_sysctl_do_uuid(struct ctl_table *table, int write, + void *buffer, size_t *lenp, loff_t *ppos) + { + struct ctl_table fake_table; +@@ -50,7 +50,7 @@ static int lrng_sysctl_do_uuid(const str + return proc_dostring(&fake_table, write, buffer, lenp, ppos); + } + +-static int lrng_sysctl_do_entropy(const struct ctl_table *table, int write, ++static int lrng_sysctl_do_entropy(struct ctl_table *table, int write, + void *buffer, size_t *lenp, loff_t *ppos) + { + struct ctl_table fake_table; +@@ -62,7 +62,7 @@ static int lrng_sysctl_do_entropy(const + return proc_dointvec(&fake_table, write, buffer, lenp, ppos); + } + +-static int lrng_sysctl_do_poolsize(const struct ctl_table *table, int write, ++static int lrng_sysctl_do_poolsize(struct ctl_table *table, int write, + void *buffer, size_t *lenp, loff_t *ppos) + { + struct ctl_table fake_table;