| Age | Commit message (Collapse) | Author |
|---|
|
dpm_sysfs_remove() and device_pm_remove() are already called by
device_del() on device removal so there is no need to call
device_init_wakeup(dev, false) from the driver and it allows to remove the
.remove callback.
Link: https://lore.kernel.org/r/20191021155806.3625-2-alexandre.belloni@bootlin.com
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
|
|
dpm_sysfs_remove() and device_pm_remove() are already called by
device_del() on device removal so there is no need to call
device_init_wakeup(dev, false) from the driver and it allows to remove the
.remove callback.
Link: https://lore.kernel.org/r/20191021155806.3625-1-alexandre.belloni@bootlin.com
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
|
|
Never enable update interrupts when the time set on the rtc is invalid.
In that case, also avoid enabling the emulation because it will fail for
the same reason.
Link: https://lore.kernel.org/r/20191021155631.3342-2-alexandre.belloni@bootlin.com
Link: https://lore.kernel.org/r/CA+ASDXMarBG5C1Kz42B9i_iVZ1=i6GgH9Yja2cdmSueKD_As_g@mail.gmail.com
Reported-by: Jeffy Chen <jeffy.chen@rock-chips.com>
Reported-by: Brian Norris <briannorris@chromium.org>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
|
|
When setting the time in the future with the uie timer enabled,
rtc_timer_do_work will loop for a while because the expiration of the uie
timer was way before the current RTC time and a new timer will be enqueued
until the current rtc time is reached.
If the uie timer is enabled, disable it before setting the time and enable
it after expiring current timers (which may actually be an alarm).
This is the safest thing to do to ensure the uie timer is still
synchronized with the RTC, especially in the UIE emulation case.
Reported-by: syzbot+08116743f8ad6f9a6de7@syzkaller.appspotmail.com
Fixes: 6610e0893b8b ("RTC: Rework RTC code to use timerqueue for events")
Link: https://lore.kernel.org/r/20191020231320.8191-1-alexandre.belloni@bootlin.com
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
|
|
Directly call ktime_get_real_seconds instead of converting the result to a
struct rtc_time and then back to a time64_t.
Link: https://lore.kernel.org/r/20191016201223.30568-4-alexandre.belloni@bootlin.com
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
|
|
Call the 64bit versions of rtc_tm time conversion to avoid the y2038 issue.
Link: https://lore.kernel.org/r/20191016201223.30568-3-alexandre.belloni@bootlin.com
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
|
|
The driver drops the nanoseconds part of the timespec64, there is no need
to call ktime_get_real_ts64.
Link: https://lore.kernel.org/r/20191016201223.30568-2-alexandre.belloni@bootlin.com
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
|
|
Linux should handle when the pcf2127 watchdog feature is enabled by the
bootloader. This is done by checking the watchdog timer value during
init, and set the WDOG_HW_RUNNING flag if the value differs from zero.
Signed-off-by: Martin Hundebøll <martin@geanix.com>
Acked-by: Guenter Roeck <linux@roeck-us.net>
Link: https://lore.kernel.org/r/20191021080838.2789-1-martin@geanix.com
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
|
|
rv3028 provides clkout (enabled by default). Add clkout
to clock framework source and control from device tree for
variable frequency with enable and disable functionality.
Signed-off-by: Parthiban Nallathambi <pn@denx.de>
Link: https://lore.kernel.org/r/20191018100425.1687979-1-pn@denx.de
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
|
|
It is not necessary to call device_init_wakeup(dev, false) in .remove as
device_del will take care of that. It is also not necessary to
devm_free_irq. Finally, dev_pm_clear_wake_irq can be called
unconditionally.
Link: https://lore.kernel.org/r/20191019204941.6203-9-alexandre.belloni@bootlin.com
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
|
|
Rework the interrupt handling to avoid caching the values as the core is
already doing that. The core also always ensures the rtc_time passed for
the alarm is fully populated.
The only trick is in read_alarm where status needs to be read before the
alarm registers to ensure the potential irq is not cleared.
Link: https://lore.kernel.org/r/20191019204941.6203-8-alexandre.belloni@bootlin.com
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
|
|
Use rtc_lock and rtc_unlock to lock the rtc from the interrupt handler.
This removes the need for a driver specific lock.
Link: https://lore.kernel.org/r/20191019204941.6203-7-alexandre.belloni@bootlin.com
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
|
|
Check whether regmap_read fails before continuing in the sysfs .show
callbacks.
Link: https://lore.kernel.org/r/20191019204941.6203-6-alexandre.belloni@bootlin.com
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
|
|
Use regmap_update_bits to update DS1343_CONTROL_REG in a race free manner
when setting the glitch filter.
Link: https://lore.kernel.org/r/20191019204941.6203-5-alexandre.belloni@bootlin.com
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
|
|
Use rtc_add_group to add the sysfs group in a race free manner.
This has the side effect of moving the files to their proper location.
Link: https://lore.kernel.org/r/20191019204941.6203-4-alexandre.belloni@bootlin.com
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
|
|
To avoid possible race condition, use regmap_bulk_write to write all the
date/time registers at once instead of sequentially.
Link: https://lore.kernel.org/r/20191019204941.6203-3-alexandre.belloni@bootlin.com
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
|
|
RTC_SET_CHARGE doesn't exist, the ioctl code is never used.
Link: https://lore.kernel.org/r/20191019204941.6203-2-alexandre.belloni@bootlin.com
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
|
|
This is a standard BCD rtc with a useless century bit (no leap year
correction after 2099).
Link: https://lore.kernel.org/r/20191019204941.6203-1-alexandre.belloni@bootlin.com
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
|
|
Let the rtc core check the date/time against the RTC range.
Link: https://lore.kernel.org/r/20191016201626.31309-5-alexandre.belloni@bootlin.com
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
|
|
This allows further improvement of the driver.
Link: https://lore.kernel.org/r/20191016201626.31309-4-alexandre.belloni@bootlin.com
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
|
|
The RTC core now has error messages in case of registration failure, there
is no need to have other messages in the drivers.
Link: https://lore.kernel.org/r/20191016201626.31309-3-alexandre.belloni@bootlin.com
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
|
|
err_return doesn't do anything special, simply return instead of goto.
Link: https://lore.kernel.org/r/20191016201626.31309-2-alexandre.belloni@bootlin.com
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
|
|
This is a standard BCD RTC that will fail in 2100.
Link: https://lore.kernel.org/r/20191016200848.30246-2-alexandre.belloni@bootlin.com
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
|
|
This allows further improvement of the driver and removes the need to
forward declare s35390a_driver.
Link: https://lore.kernel.org/r/20191016200848.30246-1-alexandre.belloni@bootlin.com
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
|
|
The correct location for this option is under platform driver, not i2c
drivers.
Link: https://lore.kernel.org/r/20191014155840.22554-1-alexandre.belloni@bootlin.com
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
|
|
SGI Octane (IP30) doesn't have RTC register directly mapped into CPU
address space, but accesses RTC registers with an address and data
register. This is now supported by additional access functions, which
are selected by a new field in platform data. Removed plat_read/plat_write
since there is no user and their usage could introduce lifetime issue,
when functions are placed in different modules.
Signed-off-by: Thomas Bogendoerfer <tbogendoerfer@suse.de>
Acked-by: Joshua Kinard <kumba@gentoo.org>
Reviewed-by: Joshua Kinard <kumba@gentoo.org>
Link: https://lore.kernel.org/r/20191014214621.25257-1-tbogendoerfer@suse.de
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
|
|
Simplify ioremapping of registers by using devm_platform_ioremap_resource.
Signed-off-by: Thomas Bogendoerfer <tbogendoerfer@suse.de>
Acked-by: Joshua Kinard <kumba@gentoo.org>
Link: https://lore.kernel.org/r/20191011150546.9186-2-tbogendoerfer@suse.de
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
|
|
A few of the fields in struct ds1685_priv aren't needed at all,
so we can remove it.
Signed-off-by: Thomas Bogendoerfer <tbogendoerfer@suse.de>
Acked-by: Joshua Kinard <kumba@gentoo.org>
Link: https://lore.kernel.org/r/20191011150546.9186-1-tbogendoerfer@suse.de
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
|
|
This patch fixes the warnings reported by static code analysis.
Updated calibval variable type to unsigned type from signed.
Signed-off-by: Srinivas Goud <srinivas.goud@xilinx.com>
Signed-off-by: Michal Simek <michal.simek@xilinx.com>
Link: https://lore.kernel.org/r/20765c4c27aa92c75426b82fd2815ebef6471492.1570544738.git.michal.simek@xilinx.com
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
|
|
If the RTC HW returns an invalid time, the rtc_year_days()
call would crash. This patch adds error logging in this
situation, and removes the tm_yday and tm_wday calculations.
These fields should not be relied upon by userspace
according to man rtc, and thus we don't need to calculate
them.
Signed-off-by: Nick Crews <ncrews@chromium.org>
Reviewed-by: Daniel Campello <campello@chromium.org>
Link: https://lore.kernel.org/r/20191004142608.170159-1-ncrews@chromium.org
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
|
|
The DS1347 can handle years from 0 to 9999, add century register support.
Link: https://lore.kernel.org/r/20191007134724.15505-10-alexandre.belloni@bootlin.com
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
|
|
Use regmap_update_bits instead of open coding. Also add proper error
handling.
Link: https://lore.kernel.org/r/20191007134724.15505-9-alexandre.belloni@bootlin.com
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
|
|
The comment in the probe function stating that it disables oscillator stop
detection and glitch filtering is incorrect as it sets bits 3 and 4 while
it should be setting 5 and 6 to achieve that. Then, it is safe to assume
that the oscillator failure detection is actually enabled.
Properly handle oscillator failures by returning -EINVAL when the time and
date are know to be incorrect and reset the flag when the time is set.
Link: https://lore.kernel.org/r/20191007134724.15505-8-alexandre.belloni@bootlin.com
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
|
|
The DS1347 handle dates from year 0000 to 9999. Leap years are claimed to
be handled correctly in the datasheet.
Link: https://lore.kernel.org/r/20191007134724.15505-7-alexandre.belloni@bootlin.com
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
|
|
This allows further improvement of the driver.
Link: https://lore.kernel.org/r/20191007134724.15505-6-alexandre.belloni@bootlin.com
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
|
|
Bit 7 of the minutes registers is ALM OUT. It indicates an alarm fired.
Mask it out when reading the time.
Link: https://lore.kernel.org/r/20191007134724.15505-5-alexandre.belloni@bootlin.com
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
|
|
Get 'driver_data' from 'struct device' directly. Going via spi_device is an
unnecessary step.
Link: https://lore.kernel.org/r/20191007134724.15505-4-alexandre.belloni@bootlin.com
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
|
|
DS1347_SECONDS_REG is read at probe time but the value is simply discarded.
Remove that useless read.
Link: https://lore.kernel.org/r/20191007134724.15505-3-alexandre.belloni@bootlin.com
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
|
|
Printing debugging (and opaque) information is not useful and only clutters
the boot log. Remove those messages.
Link: https://lore.kernel.org/r/20191007134724.15505-2-alexandre.belloni@bootlin.com
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
|
|
Use the more modern API to get the match data out of the of match table.
This saves some code, lines, and nicely avoids referencing the match
table when it is undefined with configurations where CONFIG_OF=n.
Cc: Arnd Bergmann <arnd@arndb.de>
Cc: Geert Uytterhoeven <geert@linux-m68k.org>
Cc: Jason Cooper <jason@lakedaemon.net>
Cc: Andrew Lunn <andrew@lunn.ch>
Cc: Gregory Clement <gregory.clement@bootlin.com>
Cc: Sebastian Hesselbarth <sebastian.hesselbarth@gmail.com>
Cc: Alessandro Zummo <a.zummo@towertech.it>
Cc: Alexandre Belloni <alexandre.belloni@bootlin.com>
Cc: Rob Herring <robh+dt@kernel.org>
Cc: Frank Rowand <frowand.list@gmail.com>
Cc: <linux-rtc@vger.kernel.org>
Signed-off-by: Stephen Boyd <swboyd@chromium.org>
Link: https://lore.kernel.org/r/20191004214334.149976-4-swboyd@chromium.org
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
|
|
platform_get_irq_byname() might return -errno which later would be
cast to an unsigned int and used in request_irq().
Signed-off-by: Krzysztof Kozlowski <krzk@kernel.org>
Tested-by: Adam Thomson <Adam.Thomson.Opensource@diasemi.com>
Link: https://lore.kernel.org/r/20191004150510.6278-1-krzk@kernel.org
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
|
|
This is a standard BCD RTC that will fail in 2100. The century bits don't
help because 2100 will be considered a leap year while it is not.
Link: https://lore.kernel.org/r/20191003213544.5359-1-alexandre.belloni@bootlin.com
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
|
|
Use devm_platform_ioremap_resource() to simplify the code a bit.
This is detected by coccinelle.
Signed-off-by: YueHaibing <yuehaibing@huawei.com>
Link: https://lore.kernel.org/r/20191006102953.57536-2-yuehaibing@huawei.com
Link: https://lore.kernel.org/r/20191006102953.57536-3-yuehaibing@huawei.com
Link: https://lore.kernel.org/r/20191006102953.57536-4-yuehaibing@huawei.com
Link: https://lore.kernel.org/r/20191006102953.57536-5-yuehaibing@huawei.com
Link: https://lore.kernel.org/r/20191006102953.57536-6-yuehaibing@huawei.com
Link: https://lore.kernel.org/r/20191006102953.57536-7-yuehaibing@huawei.com
Link: https://lore.kernel.org/r/20191006102953.57536-8-yuehaibing@huawei.com
Link: https://lore.kernel.org/r/20191006102953.57536-9-yuehaibing@huawei.com
Link: https://lore.kernel.org/r/20191006102953.57536-10-yuehaibing@huawei.com
Link: https://lore.kernel.org/r/20191006102953.57536-11-yuehaibing@huawei.com
Link: https://lore.kernel.org/r/20191006102953.57536-12-yuehaibing@huawei.com
Link: https://lore.kernel.org/r/20191006102953.57536-13-yuehaibing@huawei.com
Link: https://lore.kernel.org/r/20191006102953.57536-14-yuehaibing@huawei.com
Link: https://lore.kernel.org/r/20191006102953.57536-15-yuehaibing@huawei.com
Link: https://lore.kernel.org/r/20191006102953.57536-16-yuehaibing@huawei.com
Link: https://lore.kernel.org/r/20191006102953.57536-17-yuehaibing@huawei.com
Link: https://lore.kernel.org/r/20191006102953.57536-18-yuehaibing@huawei.com
Link: https://lore.kernel.org/r/20191006102953.57536-19-yuehaibing@huawei.com
Link: https://lore.kernel.org/r/20191006102953.57536-20-yuehaibing@huawei.com
Link: https://lore.kernel.org/r/20191006102953.57536-21-yuehaibing@huawei.com
Link: https://lore.kernel.org/r/20191006102953.57536-22-yuehaibing@huawei.com
Link: https://lore.kernel.org/r/20191006102953.57536-23-yuehaibing@huawei.com
Link: https://lore.kernel.org/r/20191006102953.57536-24-yuehaibing@huawei.com
Link: https://lore.kernel.org/r/20191006102953.57536-25-yuehaibing@huawei.com
Link: https://lore.kernel.org/r/20191006102953.57536-26-yuehaibing@huawei.com
Link: https://lore.kernel.org/r/20191006102953.57536-27-yuehaibing@huawei.com
Link: https://lore.kernel.org/r/20191006102953.57536-28-yuehaibing@huawei.com
Link: https://lore.kernel.org/r/20191006102953.57536-29-yuehaibing@huawei.com
Link: https://lore.kernel.org/r/20191006102953.57536-30-yuehaibing@huawei.com
Link: https://lore.kernel.org/r/20191006102953.57536-31-yuehaibing@huawei.com
Link: https://lore.kernel.org/r/20191006102953.57536-32-yuehaibing@huawei.com
Link: https://lore.kernel.org/r/20191006102953.57536-33-yuehaibing@huawei.com
Link: https://lore.kernel.org/r/20191006102953.57536-34-yuehaibing@huawei.com
Link: https://lore.kernel.org/r/20191006102953.57536-35-yuehaibing@huawei.com
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
|
|
Simplify probe by using a known wrapper function.
This issue was detected by using the Coccinelle software.
Signed-off-by: Markus Elfring <elfring@users.sourceforge.net>
Link: https://lore.kernel.org/r/4552ef52-f218-93b1-6dfa-668d137676f8@web.de
Link: https://lore.kernel.org/r/5ecfcf43-d6b2-1a38-dee8-b8806f30bc83@web.de
Link: https://lore.kernel.org/r/25448e11-c43f-9ae0-4c43-6f789accc026@web.de
Reviewed-by: Akinobu Mita <akinobu.mita@gmail.com>
Link: https://lore.kernel.org/r/8c17a59c-82ff-aa6b-5653-a38d786d3e83@web.de
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
|
|
For rtc drivers where rtc->range_max is set U64_MAX, like the PS3 rtc,
rtc_valid_range() always returns -ERANGE. This is because the local
variable range_max has type time64_t, so the test
if (time < range_min || time > range_max)
return -ERANGE;
becomes (time < range_min || time > -1), which always evaluates to true.
timeu64_t should be used, since it's the type of rtc->range_max.
Signed-off-by: Emmanuel Nicolet <emmanuel.nicolet@gmail.com>
Link: https://lore.kernel.org/r/20190927110446.GA6289@gmail.com
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
|
|
Use of_device_get_match_data() since all platforms should now use DT
bindings. AVR32 architecture has been removed in
commit 26202873bb51 ("avr32: remove support for AVR32 architecture").
Signed-off-by: Claudiu Beznea <claudiu.beznea@microchip.com>
Link: https://lore.kernel.org/r/1569500132-21164-1-git-send-email-claudiu.beznea@microchip.com
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
|
|
git://git.kernel.org/pub/scm/linux/kernel/git/soc/soc
Pull ARM SoC fixes from Olof Johansson:
"A few fixes that have trickled in through the merge window:
- Video fixes for OMAP due to panel-dpi driver removal
- Clock fixes for OMAP that broke no-idle quirks + nfsroot on DRA7
- Fixing arch version on ASpeed ast2500
- Two fixes for reset handling on ARM SCMI"
* tag 'armsoc-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/soc/soc:
ARM: aspeed: ast2500 is ARMv6K
reset: reset-scmi: add missing handle initialisation
firmware: arm_scmi: reset: fix reset_state assignment in scmi_domain_reset
bus: ti-sysc: Remove unpaired sysc_clkdm_deny_idle()
ARM: dts: logicpd-som-lv: Fix i2c2 and i2c3 Pin mux
ARM: dts: am3517-evm: Fix missing video
ARM: dts: logicpd-torpedo-baseboard: Fix missing video
ARM: omap2plus_defconfig: Fix missing video
bus: ti-sysc: Fix handling of invalid clocks
bus: ti-sysc: Fix clock handling for no-idle quirks
|
|
Pull more MMC updates from Ulf Hansson:
"A couple more updates/fixes for MMC:
- sdhci-pci: Add Genesys Logic GL975x support
- sdhci-tegra: Recover loss in throughput for DMA
- sdhci-of-esdhc: Fix DMA bug"
* tag 'mmc-v5.4-2' of git://git.kernel.org/pub/scm/linux/kernel/git/ulfh/mmc:
mmc: host: sdhci-pci: Add Genesys Logic GL975x support
mmc: tegra: Implement ->set_dma_mask()
mmc: sdhci: Let drivers define their DMA mask
mmc: sdhci-of-esdhc: set DMA snooping based on DMA coherence
mmc: sdhci: improve ADMA error reporting
|
|
Merge active entropy generation updates.
This is admittedly partly "for discussion". We need to have a way
forward for the boot time deadlocks where user space ends up waiting for
more entropy, but no entropy is forthcoming because the system is
entirely idle just waiting for something to happen.
While this was triggered by what is arguably a user space bug with
GDM/gnome-session asking for secure randomness during early boot, when
they didn't even need any such truly secure thing, the issue ends up
being that our "getrandom()" interface is prone to that kind of
confusion, because people don't think very hard about whether they want
to block for sufficient amounts of entropy.
The approach here-in is to decide to not just passively wait for entropy
to happen, but to start actively collecting it if it is missing. This
is not necessarily always possible, but if the architecture has a CPU
cycle counter, there is a fair amount of noise in the exact timings of
reasonably complex loads.
We may end up tweaking the load and the entropy estimates, but this
should be at least a reasonable starting point.
As part of this, we also revert the revert of the ext4 IO pattern
improvement that ended up triggering the reported lack of external
entropy.
* getrandom() active entropy waiting:
Revert "Revert "ext4: make __ext4_get_inode_loc plug""
random: try to actively add entropy rather than passively wait for it
|
|
For 5.3 we had to revert a nice ext4 IO pattern improvement, because it
caused a bootup regression due to lack of entropy at bootup together
with arguably broken user space that was asking for secure random
numbers when it really didn't need to.
See commit 72dbcf721566 (Revert "ext4: make __ext4_get_inode_loc plug").
This aims to solve the issue by actively generating entropy noise using
the CPU cycle counter when waiting for the random number generator to
initialize. This only works when you have a high-frequency time stamp
counter available, but that's the case on all modern x86 CPU's, and on
most other modern CPU's too.
What we do is to generate jitter entropy from the CPU cycle counter
under a somewhat complex load: calling the scheduler while also
guaranteeing a certain amount of timing noise by also triggering a
timer.
I'm sure we can tweak this, and that people will want to look at other
alternatives, but there's been a number of papers written on jitter
entropy, and this should really be fairly conservative by crediting one
bit of entropy for every timer-induced jump in the cycle counter. Not
because the timer itself would be all that unpredictable, but because
the interaction between the timer and the loop is going to be.
Even if (and perhaps particularly if) the timer actually happens on
another CPU, the cacheline interaction between the loop that reads the
cycle counter and the timer itself firing is going to add perturbations
to the cycle counter values that get mixed into the entropy pool.
As Thomas pointed out, with a modern out-of-order CPU, even quite simple
loops show a fair amount of hard-to-predict timing variability even in
the absense of external interrupts. But this tries to take that further
by actually having a fairly complex interaction.
This is not going to solve the entropy issue for architectures that have
no CPU cycle counter, but it's not clear how (and if) that is solvable,
and the hardware in question is largely starting to be irrelevant. And
by doing this we can at least avoid some of the even more contentious
approaches (like making the entropy waiting time out in order to avoid
the possibly unbounded waiting).
Cc: Ahmed Darwish <darwish.07@gmail.com>
Cc: Thomas Gleixner <tglx@linutronix.de>
Cc: Theodore Ts'o <tytso@mit.edu>
Cc: Nicholas Mc Guire <hofrat@opentech.at>
Cc: Andy Lutomirski <luto@kernel.org>
Cc: Kees Cook <keescook@chromium.org>
Cc: Willy Tarreau <w@1wt.eu>
Cc: Alexander E. Patrakov <patrakov@gmail.com>
Cc: Lennart Poettering <mzxreary@0pointer.de>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
|
