ACK: [SRU][Focal][PATCH 1/1] crypto: jitter - consider 32 LSB for APT
Marcelo Henrique Cerri
marcelo.cerri at canonical.com
Tue Jun 18 19:52:47 UTC 2024
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
On Tue, Jun 18 2024, Gerald Yang wrote:
> From: Stephan Müller <smueller at chronox.de>
>
> BugLink: https://bugs.launchpad.net/bugs/2069715
>
> The APT compares the current time stamp with a pre-set value. The
> current code only considered the 4 LSB only. Yet, after reviews by
> mathematicians of the user space Jitter RNG version >= 3.1.0, it was
> concluded that the APT can be calculated on the 32 LSB of the time
> delta. Thi change is applied to the kernel.
>
> This fixes a bug where an AMD EPYC fails this test as its RDTSC value
> contains zeros in the LSB. The most appropriate fix would have been to
> apply a GCD calculation and divide the time stamp by the GCD. Yet, this
> is a significant code change that will be considered for a future
> update. Note, tests showed that constantly the GCD always was 32 on
> these systems, i.e. the 5 LSB were always zero (thus failing the APT
> since it only considered the 4 LSB for its calculation).
>
> Signed-off-by: Stephan Mueller <smueller at chronox.de>
> Signed-off-by: Herbert Xu <herbert at gondor.apana.org.au>
> (cherry picked from commit 552d03a223eda3df84526ab2c1f4d82e15eaee7a)
> Signed-off-by: Gerald Yang <gerald.yang at canonical.com>
> ---
> crypto/jitterentropy.c | 3 +--
> 1 file changed, 1 insertion(+), 2 deletions(-)
>
> diff --git a/crypto/jitterentropy.c b/crypto/jitterentropy.c
> index 57f4a1ac738b..7d45a70111c8 100644
> --- a/crypto/jitterentropy.c
> +++ b/crypto/jitterentropy.c
> @@ -265,7 +265,6 @@ static int jent_stuck(struct rand_data *ec, __u64 current_delta)
> {
> __u64 delta2 = jent_delta(ec->last_delta, current_delta);
> __u64 delta3 = jent_delta(ec->last_delta2, delta2);
> - unsigned int delta_masked = current_delta & JENT_APT_WORD_MASK;
>
> ec->last_delta = current_delta;
> ec->last_delta2 = delta2;
> @@ -274,7 +273,7 @@ static int jent_stuck(struct rand_data *ec, __u64 current_delta)
> * Insert the result of the comparison of two back-to-back time
> * deltas.
> */
> - jent_apt_insert(ec, delta_masked);
> + jent_apt_insert(ec, current_delta);
>
> if (!current_delta || !delta2 || !delta3) {
> /* RCT with a stuck bit */
> --
> 2.25.1
Looks good to me. The fix was introduced in 5.17, but the upstream 5.15
stable tree received the fix and it was applied to Jammy as well.
Target kernel is correct and we should apply it to the generic kernel.
Thank you!
Acked-by: Marcelo Henrique Cerri <marcelo.cerri at canonical.com>
- --
Regards,
Marcelo
-----BEGIN PGP SIGNATURE-----
iQHQBAEBCgA6FiEExJjLjAfVL0XbfEr56e82LoessAkFAmZx5Y8cHG1hcmNlbG8u
Y2VycmlAY2Fub25pY2FsLmNvbQAKCRDp7zYuh6ywCf53C/9aH7gyMYoPd81TIy4S
SV3vGsBsnBfGjoMJHiaFvRTdAMFwMDY7Xif+g1v9woRWY61RWW0qt4lYKdU8g/bY
woHwzBzTACoAb28aaWBPLNzaa5oCt8wjZR1XpxjQJ89roW2lbrrSWfdgwDCtNdIL
FVEgLJg2Sp1IL2O6jI5b94NNvbK5gyxxQCMblzdNm6ssO2IIlGwwwcfxIFsATnoy
Le1mxUfhO8C15rpzu523MgCsEUoSSEWWcnkBuBqptkSH02rpXNMk+7Bu32zQ6TQP
FrPas8Wwhg6gH+Wu2yyRhT5o7Qub5/8Gor3PfDw1tC7vnTIoC0os8Vh3tjQNrtU6
M8GI5CNoyBeVkjLP53199RWCNGNExGy8QhmRb3Iz2a7u0R1ELSpEeMKbhb6h49KK
TR/gBvxGfwjOBNMvzIpsUlUDzIih3pGJsVFWTNlZr76UvE1pc58bXCUyVXcJdlzQ
p05TF3jw62WUzwTi6Eg7nUyiZ2U8oTR3On6QjrfLV0ZKkKQ=
=hO1k
-----END PGP SIGNATURE-----
More information about the kernel-team
mailing list