Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit b277da0a authored by Mike Snitzer's avatar Mike Snitzer Committed by Jens Axboe
Browse files

block: disable entropy contributions for nonrot devices 



Clear QUEUE_FLAG_ADD_RANDOM in all block drivers that set
QUEUE_FLAG_NONROT.

Historically, all block devices have automatically made entropy
contributions.  But as previously stated in commit e2e1a148 ("block: add
sysfs knob for turning off disk entropy contributions"):
    - On SSD disks, the completion times aren't as random as they
      are for rotational drives. So it's questionable whether they
      should contribute to the random pool in the first place.
    - Calling add_disk_randomness() has a lot of overhead.

There are more reliable sources for randomness than non-rotational block
devices.  From a security perspective it is better to err on the side of
caution than to allow entropy contributions from unreliable "random"
sources.

Signed-off-by: default avatarMike Snitzer <snitzer@redhat.com>
Signed-off-by: default avatarJens Axboe <axboe@fb.com>
parent 7b7b7f7e

drivers/block/mtip32xx/mtip32xx.c

+1 −0
Original line number Diff line number Diff line
@@ -3952,6 +3952,7 @@ static int mtip_block_initialize(struct driver_data *dd) 


	/* Set device limits. */

	set_bit(QUEUE_FLAG_NONROT, &dd->queue->queue_flags);

	clear_bit(QUEUE_FLAG_ADD_RANDOM, &dd->queue->queue_flags);

	blk_queue_max_segments(dd->queue, MTIP_MAX_SG);

	blk_queue_physical_block_size(dd->queue, 4096);

	blk_queue_max_hw_sectors(dd->queue, 0xffff);

drivers/block/nbd.c

+1 −0
Original line number Diff line number Diff line
@@ -847,6 +847,7 @@ static int __init nbd_init(void) 
		 * Tell the block layer that we are not a rotational device

		 */

		queue_flag_set_unlocked(QUEUE_FLAG_NONROT, disk->queue);

		queue_flag_clear_unlocked(QUEUE_FLAG_ADD_RANDOM, disk->queue);

		disk->queue->limits.discard_granularity = 512;

		disk->queue->limits.max_discard_sectors = UINT_MAX;

		disk->queue->limits.discard_zeroes_data = 0;

drivers/block/null_blk.c

+1 −0
Original line number Diff line number Diff line
@@ -507,6 +507,7 @@ static int null_add_dev(void) 


	nullb->q->queuedata = nullb;

	queue_flag_set_unlocked(QUEUE_FLAG_NONROT, nullb->q);

	queue_flag_clear_unlocked(QUEUE_FLAG_ADD_RANDOM, nullb->q);



	disk = nullb->disk = alloc_disk_node(1, home_node);

	if (!disk)

drivers/block/nvme-core.c

+1 −0
Original line number Diff line number Diff line
@@ -1916,6 +1916,7 @@ static struct nvme_ns *nvme_alloc_ns(struct nvme_dev *dev, unsigned nsid, 
	ns->queue->queue_flags = QUEUE_FLAG_DEFAULT;

	queue_flag_set_unlocked(QUEUE_FLAG_NOMERGES, ns->queue);

	queue_flag_set_unlocked(QUEUE_FLAG_NONROT, ns->queue);

	queue_flag_clear_unlocked(QUEUE_FLAG_ADD_RANDOM, ns->queue);

	blk_queue_make_request(ns->queue, nvme_make_request);

	ns->dev = dev;

	ns->queue->queuedata = ns;

drivers/block/rsxx/dev.c

+1 −0
Original line number Diff line number Diff line
@@ -307,6 +307,7 @@ int rsxx_setup_dev(struct rsxx_cardinfo *card) 
	blk_queue_physical_block_size(card->queue, RSXX_HW_BLK_SIZE);



	queue_flag_set_unlocked(QUEUE_FLAG_NONROT, card->queue);

	queue_flag_clear_unlocked(QUEUE_FLAG_ADD_RANDOM, card->queue);

	if (rsxx_discard_supported(card)) {

		queue_flag_set_unlocked(QUEUE_FLAG_DISCARD, card->queue);

		blk_queue_max_discard_sectors(card->queue,