tjh.dev / kernel
Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
kernel os linux
fork atom

block: disable entropy contributions for nonrot devices

Clear QUEUE_FLAG_ADD_RANDOM in all block drivers that set
QUEUE_FLAG_NONROT.

Historically, all block devices have automatically made entropy
contributions. But as previously stated in commit e2e1a148 ("block: add
sysfs knob for turning off disk entropy contributions"):
- On SSD disks, the completion times aren't as random as they
are for rotational drives. So it's questionable whether they
should contribute to the random pool in the first place.
- Calling add_disk_randomness() has a lot of overhead.

There are more reliable sources for randomness than non-rotational block
devices. From a security perspective it is better to err on the side of
caution than to allow entropy contributions from unreliable "random"
sources.

Signed-off-by: Mike Snitzer <snitzer@redhat.com>
Signed-off-by: Jens Axboe <axboe@fb.com>

authored by

Mike Snitzer and committed by
Jens Axboe b277da0a 7b7b7f7e

+18 -2
+1
drivers/block/mtip32xx/mtip32xx.c
··· 3952 3952 3953 3953 /* Set device limits. */ 3954 3954 set_bit(QUEUE_FLAG_NONROT, &dd->queue->queue_flags); 3955 + clear_bit(QUEUE_FLAG_ADD_RANDOM, &dd->queue->queue_flags); 3955 3956 blk_queue_max_segments(dd->queue, MTIP_MAX_SG); 3956 3957 blk_queue_physical_block_size(dd->queue, 4096); 3957 3958 blk_queue_max_hw_sectors(dd->queue, 0xffff);
+1
drivers/block/nbd.c
··· 847 847 * Tell the block layer that we are not a rotational device 848 848 */ 849 849 queue_flag_set_unlocked(QUEUE_FLAG_NONROT, disk->queue); 850 + queue_flag_clear_unlocked(QUEUE_FLAG_ADD_RANDOM, disk->queue); 850 851 disk->queue->limits.discard_granularity = 512; 851 852 disk->queue->limits.max_discard_sectors = UINT_MAX; 852 853 disk->queue->limits.discard_zeroes_data = 0;
+1
drivers/block/null_blk.c
··· 507 507 508 508 nullb->q->queuedata = nullb; 509 509 queue_flag_set_unlocked(QUEUE_FLAG_NONROT, nullb->q); 510 + queue_flag_clear_unlocked(QUEUE_FLAG_ADD_RANDOM, nullb->q); 510 511 511 512 disk = nullb->disk = alloc_disk_node(1, home_node); 512 513 if (!disk)
+1
drivers/block/nvme-core.c
··· 1916 1916 ns->queue->queue_flags = QUEUE_FLAG_DEFAULT; 1917 1917 queue_flag_set_unlocked(QUEUE_FLAG_NOMERGES, ns->queue); 1918 1918 queue_flag_set_unlocked(QUEUE_FLAG_NONROT, ns->queue); 1919 + queue_flag_clear_unlocked(QUEUE_FLAG_ADD_RANDOM, ns->queue); 1919 1920 blk_queue_make_request(ns->queue, nvme_make_request); 1920 1921 ns->dev = dev; 1921 1922 ns->queue->queuedata = ns;
+1
drivers/block/rsxx/dev.c
··· 307 307 blk_queue_physical_block_size(card->queue, RSXX_HW_BLK_SIZE); 308 308 309 309 queue_flag_set_unlocked(QUEUE_FLAG_NONROT, card->queue); 310 + queue_flag_clear_unlocked(QUEUE_FLAG_ADD_RANDOM, card->queue); 310 311 if (rsxx_discard_supported(card)) { 311 312 queue_flag_set_unlocked(QUEUE_FLAG_DISCARD, card->queue); 312 313 blk_queue_max_discard_sectors(card->queue,
+1
drivers/block/skd_main.c
··· 4426 4426 q->limits.discard_zeroes_data = 1; 4427 4427 queue_flag_set_unlocked(QUEUE_FLAG_DISCARD, q); 4428 4428 queue_flag_set_unlocked(QUEUE_FLAG_NONROT, q); 4429 + queue_flag_clear_unlocked(QUEUE_FLAG_ADD_RANDOM, q); 4429 4430 4430 4431 spin_lock_irqsave(&skdev->lock, flags); 4431 4432 pr_debug("%s:%s:%d stopping %s queue\n",
+1
drivers/block/zram/zram_drv.c
··· 925 925 set_capacity(zram->disk, 0); 926 926 /* zram devices sort of resembles non-rotational disks */ 927 927 queue_flag_set_unlocked(QUEUE_FLAG_NONROT, zram->disk->queue); 928 + queue_flag_clear_unlocked(QUEUE_FLAG_ADD_RANDOM, zram->disk->queue); 928 929 /* 929 930 * To ensure that we always get PAGE_SIZE aligned 930 931 * and n*PAGE_SIZED sized I/O requests.
+3 -1
drivers/ide/ide-disk.c
··· 685 685 printk(KERN_INFO "%s: max request size: %dKiB\n", drive->name, 686 686 queue_max_sectors(q) / 2); 687 687 688 - if (ata_id_is_ssd(id)) 688 + if (ata_id_is_ssd(id)) { 689 689 queue_flag_set_unlocked(QUEUE_FLAG_NONROT, q); 690 + queue_flag_clear_unlocked(QUEUE_FLAG_ADD_RANDOM, q); 691 + } 690 692 691 693 /* calculate drive capacity, and select LBA if possible */ 692 694 ide_disk_get_capacity(drive);
+1
drivers/md/bcache/super.c
··· 842 842 q->limits.logical_block_size = block_size; 843 843 q->limits.physical_block_size = block_size; 844 844 set_bit(QUEUE_FLAG_NONROT, &d->disk->queue->queue_flags); 845 + clear_bit(QUEUE_FLAG_ADD_RANDOM, &d->disk->queue->queue_flags); 845 846 set_bit(QUEUE_FLAG_DISCARD, &d->disk->queue->queue_flags); 846 847 847 848 blk_queue_flush(q, REQ_FLUSH|REQ_FUA);
+1
drivers/mmc/card/queue.c
··· 210 210 211 211 blk_queue_prep_rq(mq->queue, mmc_prep_request); 212 212 queue_flag_set_unlocked(QUEUE_FLAG_NONROT, mq->queue); 213 + queue_flag_clear_unlocked(QUEUE_FLAG_ADD_RANDOM, mq->queue); 213 214 if (mmc_can_erase(card)) 214 215 mmc_queue_setup_discard(mq->queue, card); 215 216
+1
drivers/mtd/mtd_blkdevs.c
··· 417 417 blk_queue_logical_block_size(new->rq, tr->blksize); 418 418 419 419 queue_flag_set_unlocked(QUEUE_FLAG_NONROT, new->rq); 420 + queue_flag_clear_unlocked(QUEUE_FLAG_ADD_RANDOM, new->rq); 420 421 421 422 if (tr->discard) { 422 423 queue_flag_set_unlocked(QUEUE_FLAG_DISCARD, new->rq);
+1
drivers/s390/block/scm_blk.c
··· 386 386 blk_queue_max_hw_sectors(rq, nr_max_blk << 3); /* 8 * 512 = blk_size */ 387 387 blk_queue_max_segments(rq, nr_max_blk); 388 388 queue_flag_set_unlocked(QUEUE_FLAG_NONROT, rq); 389 + queue_flag_clear_unlocked(QUEUE_FLAG_ADD_RANDOM, rq); 389 390 scm_blk_dev_cluster_setup(bdev); 390 391 391 392 bdev->gendisk = alloc_disk(SCM_NR_PARTS);
+1
drivers/s390/block/xpram.c
··· 346 346 goto out; 347 347 } 348 348 queue_flag_set_unlocked(QUEUE_FLAG_NONROT, xpram_queues[i]); 349 + queue_flag_clear_unlocked(QUEUE_FLAG_ADD_RANDOM, xpram_queues[i]); 349 350 blk_queue_make_request(xpram_queues[i], xpram_make_request); 350 351 blk_queue_logical_block_size(xpram_queues[i], 4096); 351 352 }
+3 -1
drivers/scsi/sd.c
··· 2660 2660 2661 2661 rot = get_unaligned_be16(&buffer[4]); 2662 2662 2663 - if (rot == 1) 2663 + if (rot == 1) { 2664 2664 queue_flag_set_unlocked(QUEUE_FLAG_NONROT, sdkp->disk->queue); 2665 + queue_flag_clear_unlocked(QUEUE_FLAG_ADD_RANDOM, sdkp->disk->queue); 2666 + } 2665 2667 2666 2668 out: 2667 2669 kfree(buffer);