Merge tag 's390-5.11-1' of git://git.kernel.org/pub/scm/linux/kernel/git/s390/linux

Pull s390 updates from Heiko Carstens:

 - Add support for the hugetlb_cma command line option to allocate
   gigantic hugepages using CMA

 - Add arch_get_random_long() support.

 - Add ap bus userspace notifications.

 - Increase default size of vmalloc area to 512GB and otherwise let it
   increase dynamically by the size of physical memory. This should fix
   all occurrences where the vmalloc area was not large enough.

 - Completely get rid of set_fs() (aka select SET_FS) and rework address
   space handling while doing that; making address space handling much
   more simple.

 - Reimplement getcpu vdso syscall in C.

 - Add support for extended SCLP responses (> 4k). This allows e.g. to
   handle also potential large system configurations.

 - Simplify KASAN by removing 3-level page table support and only
   supporting 4-levels from now on.

 - Improve debug-ability of the kernel decompressor code, which now
   prints also stack traces and symbols in case of problems to the
   console.

 - Remove more power management leftovers.

 - Other various fixes and improvements all over the place.

* tag 's390-5.11-1' of git://git.kernel.org/pub/scm/linux/kernel/git/s390/linux: (62 commits)
  s390/mm: add support to allocate gigantic hugepages using CMA
  s390/crypto: add arch_get_random_long() support
  s390/smp: perform initial CPU reset also for SMT siblings
  s390/mm: use invalid asce for user space when switching to init_mm
  s390/idle: fix accounting with machine checks
  s390/idle: add missing mt_cycles calculation
  s390/boot: add build-id to decompressor
  s390/kexec_file: fix diag308 subcode when loading crash kernel
  s390/cio: fix use-after-free in ccw_device_destroy_console
  s390/cio: remove pm support from ccw bus driver
  s390/cio: remove pm support from css-bus driver
  s390/cio: remove pm support from IO subchannel drivers
  s390/cio: remove pm support from chsc subchannel driver
  s390/vmur: remove unused pm related functions
  s390/tape: remove unsupported PM functions
  s390/cio: remove pm support from eadm-sch drivers
  s390: remove pm support from console drivers
  s390/dasd: remove unused pm related functions
  s390/zfcp: remove pm support from zfcp driver
  s390/ap: let bus_register() add the AP bus sysfs attributes
  ...

2 files changed, 125 insertions, 38 deletions

diff --git a/arch/s390/crypto/arch_random.c b/arch/s390/crypto/arch_random.c
index dd95cdbd22ce..7b947728d57e 100644
--- a/arch/s390/crypto/arch_random.c
+++ b/arch/s390/crypto/arch_random.c
@@ -2,7 +2,7 @@
 /*
  * s390 arch random implementation.
  *
- * Copyright IBM Corp. 2017, 2018
+ * Copyright IBM Corp. 2017, 2020
  * Author(s): Harald Freudenberger
  *
  * The s390_arch_random_generate() function may be called from random.c
@@ -33,6 +33,7 @@
 #include <linux/slab.h>
 #include <linux/static_key.h>
 #include <linux/workqueue.h>
+#include <linux/moduleparam.h>
 #include <asm/cpacf.h>
 
 DEFINE_STATIC_KEY_FALSE(s390_arch_random_available);
@@ -99,6 +100,113 @@ static void arch_rng_refill_buffer(struct work_struct *unused)
 	queue_delayed_work(system_long_wq, &arch_rng_work, delay);
 }
 
+/*
+ * Here follows the implementation of s390_arch_get_random_long().
+ *
+ * The random longs to be pulled by arch_get_random_long() are
+ * prepared in an 4K buffer which is filled from the NIST 800-90
+ * compliant s390 drbg. By default the random long buffer is refilled
+ * 256 times before the drbg itself needs a reseed. The reseed of the
+ * drbg is done with 32 bytes fetched from the high quality (but slow)
+ * trng which is assumed to deliver 100% entropy. So the 32 * 8 = 256
+ * bits of entropy are spread over 256 * 4KB = 1MB serving 131072
+ * arch_get_random_long() invocations before reseeded.
+ *
+ * How often the 4K random long buffer is refilled with the drbg
+ * before the drbg is reseeded can be adjusted. There is a module
+ * parameter 's390_arch_rnd_long_drbg_reseed' accessible via
+ *   /sys/module/arch_random/parameters/rndlong_drbg_reseed
+ * or as kernel command line parameter
+ *   arch_random.rndlong_drbg_reseed=<value>
+ * This parameter tells how often the drbg fills the 4K buffer before
+ * it is re-seeded by fresh entropy from the trng.
+ * A value of 16 results in reseeding the drbg at every 16 * 4 KB = 64
+ * KB with 32 bytes of fresh entropy pulled from the trng. So a value
+ * of 16 would result in 256 bits entropy per 64 KB.
+ * A value of 256 results in 1MB of drbg output before a reseed of the
+ * drbg is done. So this would spread the 256 bits of entropy among 1MB.
+ * Setting this parameter to 0 forces the reseed to take place every
+ * time the 4K buffer is depleted, so the entropy rises to 256 bits
+ * entropy per 4K or 0.5 bit entropy per arch_get_random_long().  With
+ * setting this parameter to negative values all this effort is
+ * disabled, arch_get_random long() returns false and thus indicating
+ * that the arch_get_random_long() feature is disabled at all.
+ */
+
+static unsigned long rndlong_buf[512];
+static DEFINE_SPINLOCK(rndlong_lock);
+static int rndlong_buf_index;
+
+static int rndlong_drbg_reseed = 256;
+module_param_named(rndlong_drbg_reseed, rndlong_drbg_reseed, int, 0600);
+MODULE_PARM_DESC(rndlong_drbg_reseed, "s390 arch_get_random_long() drbg reseed");
+
+static inline void refill_rndlong_buf(void)
+{
+	static u8 prng_ws[240];
+	static int drbg_counter;
+
+	if (--drbg_counter < 0) {
+		/* need to re-seed the drbg */
+		u8 seed[32];
+
+		/* fetch seed from trng */
+		cpacf_trng(NULL, 0, seed, sizeof(seed));
+		/* seed drbg */
+		memset(prng_ws, 0, sizeof(prng_ws));
+		cpacf_prno(CPACF_PRNO_SHA512_DRNG_SEED,
+			   &prng_ws, NULL, 0, seed, sizeof(seed));
+		/* re-init counter for drbg */
+		drbg_counter = rndlong_drbg_reseed;
+	}
+
+	/* fill the arch_get_random_long buffer from drbg */
+	cpacf_prno(CPACF_PRNO_SHA512_DRNG_GEN, &prng_ws,
+		   (u8 *) rndlong_buf, sizeof(rndlong_buf),
+		   NULL, 0);
+}
+
+bool s390_arch_get_random_long(unsigned long *v)
+{
+	bool rc = false;
+	unsigned long flags;
+
+	/* arch_get_random_long() disabled ? */
+	if (rndlong_drbg_reseed < 0)
+		return false;
+
+	/* try to lock the random long lock */
+	if (!spin_trylock_irqsave(&rndlong_lock, flags))
+		return false;
+
+	if (--rndlong_buf_index >= 0) {
+		/* deliver next long value from the buffer */
+		*v = rndlong_buf[rndlong_buf_index];
+		rc = true;
+		goto out;
+	}
+
+	/* buffer is depleted and needs refill */
+	if (in_interrupt()) {
+		/* delay refill in interrupt context to next caller */
+		rndlong_buf_index = 0;
+		goto out;
+	}
+
+	/* refill random long buffer */
+	refill_rndlong_buf();
+	rndlong_buf_index = ARRAY_SIZE(rndlong_buf);
+
+	/* and provide one random long */
+	*v = rndlong_buf[--rndlong_buf_index];
+	rc = true;
+
+out:
+	spin_unlock_irqrestore(&rndlong_lock, flags);
+	return rc;
+}
+EXPORT_SYMBOL(s390_arch_get_random_long);
+
 static int __init s390_arch_random_init(void)
 {
 	/* all the needed PRNO subfunctions available ? */
diff --git a/arch/s390/crypto/prng.c b/arch/s390/crypto/prng.c
index 5057773f82e9..b2f219ec379c 100644
--- a/arch/s390/crypto/prng.c
+++ b/arch/s390/crypto/prng.c
@@ -674,20 +674,6 @@ static const struct file_operations prng_tdes_fops = {
 	.llseek		= noop_llseek,
 };
 
-static struct miscdevice prng_sha512_dev = {
-	.name	= "prandom",
-	.minor	= MISC_DYNAMIC_MINOR,
-	.mode	= 0644,
-	.fops	= &prng_sha512_fops,
-};
-static struct miscdevice prng_tdes_dev = {
-	.name	= "prandom",
-	.minor	= MISC_DYNAMIC_MINOR,
-	.mode	= 0644,
-	.fops	= &prng_tdes_fops,
-};
-
-
 /* chunksize attribute (ro) */
 static ssize_t prng_chunksize_show(struct device *dev,
 				   struct device_attribute *attr,
@@ -801,18 +787,30 @@ static struct attribute *prng_sha512_dev_attrs[] = {
 	&dev_attr_strength.attr,
 	NULL
 };
+ATTRIBUTE_GROUPS(prng_sha512_dev);
+
 static struct attribute *prng_tdes_dev_attrs[] = {
 	&dev_attr_chunksize.attr,
 	&dev_attr_byte_counter.attr,
 	&dev_attr_mode.attr,
 	NULL
 };
+ATTRIBUTE_GROUPS(prng_tdes_dev);
 
-static struct attribute_group prng_sha512_dev_attr_group = {
-	.attrs = prng_sha512_dev_attrs
+static struct miscdevice prng_sha512_dev = {
+	.name	= "prandom",
+	.minor	= MISC_DYNAMIC_MINOR,
+	.mode	= 0644,
+	.fops	= &prng_sha512_fops,
+	.groups = prng_sha512_dev_groups,
 };
-static struct attribute_group prng_tdes_dev_attr_group = {
-	.attrs = prng_tdes_dev_attrs
+
+static struct miscdevice prng_tdes_dev = {
+	.name	= "prandom",
+	.minor	= MISC_DYNAMIC_MINOR,
+	.mode	= 0644,
+	.fops	= &prng_tdes_fops,
+	.groups = prng_tdes_dev_groups,
 };
 
 
@@ -867,13 +865,6 @@ static int __init prng_init(void)
 			prng_sha512_deinstantiate();
 			goto out;
 		}
-		ret = sysfs_create_group(&prng_sha512_dev.this_device->kobj,
-					 &prng_sha512_dev_attr_group);
-		if (ret) {
-			misc_deregister(&prng_sha512_dev);
-			prng_sha512_deinstantiate();
-			goto out;
-		}
 
 	} else {
 
@@ -898,14 +889,6 @@ static int __init prng_init(void)
 			prng_tdes_deinstantiate();
 			goto out;
 		}
-		ret = sysfs_create_group(&prng_tdes_dev.this_device->kobj,
-					 &prng_tdes_dev_attr_group);
-		if (ret) {
-			misc_deregister(&prng_tdes_dev);
-			prng_tdes_deinstantiate();
-			goto out;
-		}
-
 	}
 
 out:
@@ -916,13 +899,9 @@ out:
 static void __exit prng_exit(void)
 {
 	if (prng_mode == PRNG_MODE_SHA512) {
-		sysfs_remove_group(&prng_sha512_dev.this_device->kobj,
-				   &prng_sha512_dev_attr_group);
 		misc_deregister(&prng_sha512_dev);
 		prng_sha512_deinstantiate();
 	} else {
-		sysfs_remove_group(&prng_tdes_dev.this_device->kobj,
-				   &prng_tdes_dev_attr_group);
 		misc_deregister(&prng_tdes_dev);
 		prng_tdes_deinstantiate();
 	}