From patchwork Wed Mar 2 13:31:26 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: Rui Salvaterra X-Patchwork-Id: 1599863 X-Patchwork-Delegate: rsalvaterra@gmail.com Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: bilbo.ozlabs.org; dkim=pass (2048-bit key; secure) header.d=lists.infradead.org header.i=@lists.infradead.org header.a=rsa-sha256 header.s=bombadil.20210309 header.b=djoGi7JJ; dkim=fail reason="signature verification failed" (2048-bit key; unprotected) header.d=gmail.com header.i=@gmail.com header.a=rsa-sha256 header.s=20210112 header.b=i39mY/U6; dkim-atps=neutral Authentication-Results: ozlabs.org; spf=none (no SPF record) smtp.mailfrom=lists.openwrt.org (client-ip=2607:7c80:54:e::133; helo=bombadil.infradead.org; envelope-from=openwrt-devel-bounces+incoming=patchwork.ozlabs.org@lists.openwrt.org; receiver=) Received: from bombadil.infradead.org (bombadil.infradead.org [IPv6:2607:7c80:54:e::133]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (No client certificate requested) by bilbo.ozlabs.org (Postfix) with ESMTPS id 4K7w8G00Jsz9sFk for ; Thu, 3 Mar 2022 00:34:37 +1100 (AEDT) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender: Content-Transfer-Encoding:Content-Type:List-Subscribe:List-Help:List-Post: List-Archive:List-Unsubscribe:List-Id:MIME-Version:Message-Id:Date:Subject:Cc :To:From:Reply-To:Content-ID:Content-Description:Resent-Date:Resent-From: Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:In-Reply-To:References: List-Owner; bh=ujHWoa1qAu0jVbTJMZ2UzI+0arGoq5Y+bPz1ZyxFiQ0=; b=djoGi7JJ4dabcZ 0hcGiJKjZDQ88CbiHVX8SXUNO09PNmFyGro15cU3X5K2et19CchXQbN/bPMnAQDEJ2qhKR4j6MPNF NwtHii07jHqfTe7BYF5KXPX1PAdbiOEoa3/62y5IMSPLxcKm2BQOmUYfGlhnsNPMpgJVBTAh1mUyN 80EODszVC+OEiMKQaOE3Hq4SRCSzD3q1DcU9kqpweHQ7Hr/WM8hrvAKQmpO6lIqaBT9H0/tN6T29O X+HFEXet6k3qzKjqLDudvORVz8pY2kReSA+AwH22M69d970YV1hYfspVuUTsQHElOHHywrNmzKJP+ Sp2xYHIYIqu34AtRYtZQ==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.94.2 #2 (Red Hat Linux)) id 1nPP4t-002oiL-KQ; Wed, 02 Mar 2022 13:31:40 +0000 Received: from mail-ed1-x52b.google.com ([2a00:1450:4864:20::52b]) by bombadil.infradead.org with esmtps (Exim 4.94.2 #2 (Red Hat Linux)) id 1nPP4p-002ogl-4m for openwrt-devel@lists.openwrt.org; Wed, 02 Mar 2022 13:31:37 +0000 Received: by mail-ed1-x52b.google.com with SMTP id w3so2258486edu.8 for ; Wed, 02 Mar 2022 05:31:32 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=from:to:cc:subject:date:message-id:mime-version :content-transfer-encoding; bh=Occ4avIL3Ffe4lq9hvJvovQiOCEI0KLnPv0fw28Kw3U=; b=i39mY/U6AjFNA69rHjML4EePj9Pc9Or3III9mzKqX3fpGhBZJdCvtKiHt2dGcRrLcG ARwAkBRr4OfPGjQlzh5a+yCgPQM6fjwiEesNat1CGDnRszSshbZx6jVYXapIygH1nDnl B3fHRvGaQjc7n+olt67B9r8o02kqcyX6w4MZR2Z8WsCiz3l22Vmj1lCUAve9pJdMD/2T Kh8e5Tu2sdjWbgunyAyqVWUi7DRhjuDhcRZ3RbKL5Hpx7HI6tzdta9liMpE4wrVB6E3b J7YZmhsAVLGYwTP2AB3xqt+A7lyC/BFRv6zMXckhaTDObB+lVfZuaLYrMWnD5PjHXIpi Ug4Q== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:from:to:cc:subject:date:message-id:mime-version :content-transfer-encoding; bh=Occ4avIL3Ffe4lq9hvJvovQiOCEI0KLnPv0fw28Kw3U=; b=kMWSw6iZVgcZoxs5+6KBpGtLHppjOFa+NTxTEfro5NsJ3aezDFbiemzn8yxoL+2qvX r5dToAwgIif+rUweRlObw7HxK4lrJYYllN3HYkaCpXqTxZPASFOLQjGhN7LQsuYseWML 6vTkUFgVG126KPe3quIC3bPU/kP6L+ncdMxaCnKCbx5z51SgruIvDPwb5vLS39uwFRb6 HA/GIPvZcIUBtt6QmRO3znHHuDxdkruMjA9fG5h7+wtpjqD6FGvuQU0WFxLCC7+Ildpx nkTrMRNd9vt1L/nfe6YkQYAbcqADNpjNSYqwJGLwbVV2Bi0FWoWhgIg0HhVpNFBdUiMr z3YQ== X-Gm-Message-State: AOAM530pHgvlh1RXBml7cftt44Oi3YGslBe/WVGebjrbY1tfC/IfsDVM IAtp0xSTxtsGaXpZpuz9m+m/r3l3lw== X-Google-Smtp-Source: ABdhPJzVzCXdVwP3+F4MO1RngCsdggpFXUbt8GY1DOrVpZDqTMfF1eaFR7VVfIld+NjDifxNH2eu2Q== X-Received: by 2002:a05:6402:1e89:b0:415:c597:2f8 with SMTP id f9-20020a0564021e8900b00415c59702f8mr1523115edf.98.1646227891556; Wed, 02 Mar 2022 05:31:31 -0800 (PST) Received: from crystalwell.adg.lan (a109-49-8-180.cpe.netcabo.pt. [109.49.8.180]) by smtp.gmail.com with ESMTPSA id gv6-20020a170906f10600b006ccbf1af2a3sm6426548ejb.16.2022.03.02.05.31.30 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 02 Mar 2022 05:31:30 -0800 (PST) From: Rui Salvaterra To: openwrt-devel@lists.openwrt.org Cc: Jason@zx2c4.com, ynezz@true.cz, nbd@nbd.name, daniel@makrotopia.org, hauke@hauke-m.de, Rui Salvaterra Subject: [PATCH] ath9k: backport hw_random API support Date: Wed, 2 Mar 2022 13:31:26 +0000 Message-Id: <20220302133126.3182044-1-rsalvaterra@gmail.com> X-Mailer: git-send-email 2.35.1 MIME-Version: 1.0 X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20220302_053135_227781_A6AF69D9 X-CRM114-Status: GOOD ( 20.58 ) X-Spam-Score: -0.2 (/) X-Spam-Report: Spam detection software, running on the system "bombadil.infradead.org", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: Backport Jason's patch [1] implementing proper hw_random API support for the ath9k hwrng. The original code invoked add_hwgenerator_randomness to directly feed ADC entropy into the system pool. Since [...] Content analysis details: (-0.2 points, 5.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- -0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at https://www.dnswl.org/, no trust [2a00:1450:4864:20:0:0:0:52b listed in] [list.dnswl.org] -0.0 SPF_PASS SPF: sender matches SPF record 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record 0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail provider [rsalvaterra[at]gmail.com] -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid -0.1 DKIM_VALID_EF Message has a valid DKIM or DK signature from envelope-from domain X-BeenThere: openwrt-devel@lists.openwrt.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: OpenWrt Development List List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: "openwrt-devel" Errors-To: openwrt-devel-bounces+incoming=patchwork.ozlabs.org@lists.openwrt.org Backport Jason's patch [1] implementing proper hw_random API support for the ath9k hwrng. The original code invoked add_hwgenerator_randomness to directly feed ADC entropy into the system pool. Since add_hwgenerator_randomness blocks until the system is low on entropy, if there is another hw_random API-based hwrng selected in the system, both of them will race to feed the entropy pool on wake-up. This unpredictability of the entropy source is a potential security risk. By turning supported ath9k devices into proper hwrngs, we allow users to choose one, if any, as they see fit. [1] https://lore.kernel.org/all/20220216113323.53332-1-Jason@zx2c4.com/ Acked-by: Petr Štetiar Signed-off-by: Rui Salvaterra --- ...dom-API-instead-of-directly-dumping-.patch | 145 ++++++++++++++++++ 1 file changed, 145 insertions(+) create mode 100644 package/kernel/mac80211/patches/ath9k/020-v5.18-ath9k-use-hw_random-API-instead-of-directly-dumping-.patch diff --git a/package/kernel/mac80211/patches/ath9k/020-v5.18-ath9k-use-hw_random-API-instead-of-directly-dumping-.patch b/package/kernel/mac80211/patches/ath9k/020-v5.18-ath9k-use-hw_random-API-instead-of-directly-dumping-.patch new file mode 100644 index 0000000000..e6fcba8a9a --- /dev/null +++ b/package/kernel/mac80211/patches/ath9k/020-v5.18-ath9k-use-hw_random-API-instead-of-directly-dumping-.patch @@ -0,0 +1,145 @@ +From 26a3c8256d1940dbaf0449f0cc4f4c94e321e054 Mon Sep 17 00:00:00 2001 +From: "Jason A. Donenfeld" +Date: Wed, 16 Feb 2022 12:33:23 +0100 +Subject: [PATCH] ath9k: use hw_random API instead of directly dumping into + random.c +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +Hardware random number generators are supposed to use the hw_random +framework. This commit turns ath9k's kthread-based design into a proper +hw_random driver. + +Cc: Toke Høiland-Jørgensen +Cc: Kalle Valo +Cc: Rui Salvaterra +Cc: Dominik Brodowski +Cc: Herbert Xu +Signed-off-by: Jason A. Donenfeld +Signed-off-by: Rui Salvaterra +--- + drivers/net/wireless/ath/ath9k/ath9k.h | 3 +- + drivers/net/wireless/ath/ath9k/rng.c | 72 +++++++++++--------------- + 2 files changed, 33 insertions(+), 42 deletions(-) + +--- a/drivers/net/wireless/ath/ath9k/ath9k.h ++++ b/drivers/net/wireless/ath/ath9k/ath9k.h +@@ -1071,8 +1071,9 @@ struct ath_softc { + #endif + + #ifdef CPTCFG_ATH9K_HWRNG ++ struct hwrng rng_ops; + u32 rng_last; +- struct task_struct *rng_task; ++ char rng_name[sizeof("ath9k_65535")]; + #endif + }; + +--- a/drivers/net/wireless/ath/ath9k/rng.c ++++ b/drivers/net/wireless/ath/ath9k/rng.c +@@ -21,11 +21,6 @@ + #include "hw.h" + #include "ar9003_phy.h" + +-#define ATH9K_RNG_BUF_SIZE 320 +-#define ATH9K_RNG_ENTROPY(x) (((x) * 8 * 10) >> 5) /* quality: 10/32 */ +- +-static DECLARE_WAIT_QUEUE_HEAD(rng_queue); +- + static int ath9k_rng_data_read(struct ath_softc *sc, u32 *buf, u32 buf_size) + { + int i, j; +@@ -71,61 +66,56 @@ static u32 ath9k_rng_delay_get(u32 fail_ + return delay; + } + +-static int ath9k_rng_kthread(void *data) ++static int ath9k_rng_read(struct hwrng *rng, void *buf, size_t max, bool wait) + { +- int bytes_read; +- struct ath_softc *sc = data; +- u32 *rng_buf; +- u32 delay, fail_stats = 0; +- +- rng_buf = kmalloc_array(ATH9K_RNG_BUF_SIZE, sizeof(u32), GFP_KERNEL); +- if (!rng_buf) +- goto out; +- +- while (!kthread_should_stop()) { +- bytes_read = ath9k_rng_data_read(sc, rng_buf, +- ATH9K_RNG_BUF_SIZE); +- if (unlikely(!bytes_read)) { +- delay = ath9k_rng_delay_get(++fail_stats); +- wait_event_interruptible_timeout(rng_queue, +- kthread_should_stop(), +- msecs_to_jiffies(delay)); +- continue; ++ struct ath_softc *sc = container_of(rng, struct ath_softc, rng_ops); ++ u32 fail_stats = 0, word; ++ int bytes_read = 0; ++ ++ for (;;) { ++ if (max & ~3UL) ++ bytes_read = ath9k_rng_data_read(sc, buf, max >> 2); ++ if ((max & 3UL) && ath9k_rng_data_read(sc, &word, 1)) { ++ memcpy(buf + bytes_read, &word, max & 3UL); ++ bytes_read += max & 3UL; ++ memzero_explicit(&word, sizeof(word)); + } ++ if (!wait || !max || likely(bytes_read) || fail_stats > 110) ++ break; + +- fail_stats = 0; +- +- /* sleep until entropy bits under write_wakeup_threshold */ +- add_hwgenerator_randomness((void *)rng_buf, bytes_read, +- ATH9K_RNG_ENTROPY(bytes_read)); ++ msleep_interruptible(ath9k_rng_delay_get(++fail_stats)); + } + +- kfree(rng_buf); +-out: +- sc->rng_task = NULL; +- +- return 0; ++ if (wait && !bytes_read && max) ++ bytes_read = -EIO; ++ return bytes_read; + } + + void ath9k_rng_start(struct ath_softc *sc) + { ++ static atomic_t serial = ATOMIC_INIT(0); + struct ath_hw *ah = sc->sc_ah; + +- if (sc->rng_task) ++ if (sc->rng_ops.read) + return; + + if (!AR_SREV_9300_20_OR_LATER(ah)) + return; + +- sc->rng_task = kthread_run(ath9k_rng_kthread, sc, "ath9k-hwrng"); +- if (IS_ERR(sc->rng_task)) +- sc->rng_task = NULL; ++ snprintf(sc->rng_name, sizeof(sc->rng_name), "ath9k_%u", ++ (atomic_inc_return(&serial) - 1) & U16_MAX); ++ sc->rng_ops.name = sc->rng_name; ++ sc->rng_ops.read = ath9k_rng_read; ++ sc->rng_ops.quality = 320; ++ ++ if (devm_hwrng_register(sc->dev, &sc->rng_ops)) ++ sc->rng_ops.read = NULL; + } + + void ath9k_rng_stop(struct ath_softc *sc) + { +- if (sc->rng_task) { +- kthread_stop(sc->rng_task); +- sc->rng_task = NULL; ++ if (sc->rng_ops.read) { ++ devm_hwrng_unregister(sc->dev, &sc->rng_ops); ++ sc->rng_ops.read = NULL; + } + }