Commit 7dff99b3 authored by Linus Torvalds's avatar Linus Torvalds
Browse files

Remove WARN_ALL_UNSEEDED_RANDOM kernel config option 



This config option goes way back - it used to be an internal debug
option to random.c (at that point called DEBUG_RANDOM_BOOT), then was
renamed and exposed as a config option as CONFIG_WARN_UNSEEDED_RANDOM,
and then further renamed to the current CONFIG_WARN_ALL_UNSEEDED_RANDOM.

It was all done with the best of intentions: the more limited
rate-limited reports were reporting some cases, but if you wanted to see
all the gory details, you'd enable this "ALL" option.

However, it turns out - perhaps not surprisingly - that when people
don't care about and fix the first rate-limited cases, they most
certainly don't care about any others either, and so warning about all
of them isn't actually helping anything.

And the non-ratelimited reporting causes problems, where well-meaning
people enable debug options, but the excessive flood of messages that
nobody cares about will hide actual real information when things go
wrong.

I just got a kernel bug report (which had nothing to do with randomness)
where two thirds of the the truncated dmesg was just variations of

   random: get_random_u32 called from __get_random_u32_below+0x10/0x70 with crng_init=0

and in the process early boot messages had been lost (in addition to
making the messages that _hadn't_ been lost harder to read).

The proper way to find these things for the hypothetical developer that
cares - if such a person exists - is almost certainly with boot time
tracing.  That gives you the option to get call graphs etc too, which is
likely a requirement for fixing any problems anyway.

See Documentation/trace/boottime-trace.rst for that option.

And if we for some reason do want to re-introduce actual printing of
these things, it will need to have some uniqueness filtering rather than
this "just print it all" model.

Fixes: cc1e127b ("random: remove ratelimiting for in-kernel unseeded randomness")
Acked-by: default avatarJason Donenfeld <Jason@zx2c4.com>
Signed-off-by: default avatarLinus Torvalds <torvalds@linux-foundation.org>
parent 551d4420

drivers/char/random.c

+1 −11
Original line number Diff line number Diff line
@@ -96,8 +96,7 @@ static ATOMIC_NOTIFIER_HEAD(random_ready_notifier); 
/* Control how we warn userspace. */

static struct ratelimit_state urandom_warning =

	RATELIMIT_STATE_INIT_FLAGS("urandom_warning", HZ, 3, RATELIMIT_MSG_ON_RELEASE);

static int ratelimit_disable __read_mostly =

	IS_ENABLED(CONFIG_WARN_ALL_UNSEEDED_RANDOM);

static int ratelimit_disable __read_mostly = 0;

module_param_named(ratelimit_disable, ratelimit_disable, int, 0644);

MODULE_PARM_DESC(ratelimit_disable, "Disable random ratelimit suppression");
@@ -168,12 +167,6 @@ int __cold execute_with_initialized_rng(struct notifier_block *nb) 
	return ret;

}



#define warn_unseeded_randomness() \

	if (IS_ENABLED(CONFIG_WARN_ALL_UNSEEDED_RANDOM) && !crng_ready()) \

		printk_deferred(KERN_NOTICE "random: %s called from %pS with crng_init=%d\n", \

				__func__, (void *)_RET_IP_, crng_init)





/*********************************************************************

 *

 * Fast key erasure RNG, the "crng".
@@ -434,7 +427,6 @@ static void _get_random_bytes(void *buf, size_t len) 
 */

void get_random_bytes(void *buf, size_t len)

{

	warn_unseeded_randomness();

	_get_random_bytes(buf, len);

}

EXPORT_SYMBOL(get_random_bytes);
@@ -523,8 +515,6 @@ type get_random_ ##type(void) \ 
	struct batch_ ##type *batch;						\

	unsigned long next_gen;							\

										\

	warn_unseeded_randomness();						\

										\

	if  (!crng_ready()) {							\

		_get_random_bytes(&ret, sizeof(ret));				\

		return ret;							\

kernel/configs/debug.config

+0 −1
Original line number Diff line number Diff line
@@ -29,7 +29,6 @@ CONFIG_SECTION_MISMATCH_WARN_ONLY=y 
# CONFIG_UBSAN_ALIGNMENT is not set

# CONFIG_UBSAN_DIV_ZERO is not set

# CONFIG_UBSAN_TRAP is not set

# CONFIG_WARN_ALL_UNSEEDED_RANDOM is not set

CONFIG_DEBUG_FS=y

CONFIG_DEBUG_FS_ALLOW_ALL=y

CONFIG_DEBUG_IRQFLAGS=y

lib/Kconfig.debug

+0 −27
Original line number Diff line number Diff line
@@ -1766,33 +1766,6 @@ config STACKTRACE 
	  It is also used by various kernel debugging features that require

	  stack trace generation.



config WARN_ALL_UNSEEDED_RANDOM

	bool "Warn for all uses of unseeded randomness"

	default n

	help

	  Some parts of the kernel contain bugs relating to their use of

	  cryptographically secure random numbers before it's actually possible

	  to generate those numbers securely. This setting ensures that these

	  flaws don't go unnoticed, by enabling a message, should this ever

	  occur. This will allow people with obscure setups to know when things

	  are going wrong, so that they might contact developers about fixing

	  it.



	  Unfortunately, on some models of some architectures getting

	  a fully seeded CRNG is extremely difficult, and so this can

	  result in dmesg getting spammed for a surprisingly long

	  time.  This is really bad from a security perspective, and

	  so architecture maintainers really need to do what they can

	  to get the CRNG seeded sooner after the system is booted.

	  However, since users cannot do anything actionable to

	  address this, by default this option is disabled.



	  Say Y here if you want to receive warnings for all uses of

	  unseeded randomness.  This will be of use primarily for

	  those developers interested in improving the security of

	  Linux kernels running on their architecture (or

	  subarchitecture).



config DEBUG_KOBJECT

	bool "kobject debugging"

	depends on DEBUG_KERNEL