OSCL-LXR linux-6.0.1/​crypto/​algif_rng.c	Source navigation Diff markup Identifier search General search
	Version: linux-6.0.1 spark-3.0.0 hadoop-3.2.0-src hadoop-3.3.0-src spark-2.4.7 linux-4.15.13 hadoop-2.7.4-src Revert   Change

 /*
  * algif_rng: User-space interface for random number generators
  *
  * This file provides the user-space API for random number generators.
  *
  * Copyright (C) 2014, Stephan Mueller <smueller@chronox.de>
  *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions
  * are met:
  * 1. Redistributions of source code must retain the above copyright
  *    notice, and the entire permission notice in its entirety,
  *    including the disclaimer of warranties.
  * 2. Redistributions in binary form must reproduce the above copyright
  *    notice, this list of conditions and the following disclaimer in the
  *    documentation and/or other materials provided with the distribution.
  * 3. The name of the author may not be used to endorse or promote
  *    products derived from this software without specific prior
  *    written permission.
  *
  * ALTERNATIVELY, this product may be distributed under the terms of
  * the GNU General Public License, in which case the provisions of the GPL2
  * are required INSTEAD OF the above restrictions.  (This clause is
  * necessary due to a potential bad interaction between the GPL and
  * the restrictions contained in a BSD-style copyright.)
  *
  * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED
  * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
  * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE, ALL OF
  * WHICH ARE HEREBY DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR BE
  * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
  * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT
  * OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR
  * BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
  * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
  * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE
  * USE OF THIS SOFTWARE, EVEN IF NOT ADVISED OF THE POSSIBILITY OF SUCH
  * DAMAGE.
  */
 
 #include <linux/capability.h>
 #include <linux/module.h>
 #include <crypto/rng.h>
 #include <linux/random.h>
 #include <crypto/if_alg.h>
 #include <linux/net.h>
 #include <net/sock.h>
 
 MODULE_LICENSE("GPL");
 MODULE_AUTHOR("Stephan Mueller <smueller@chronox.de>");
 MODULE_DESCRIPTION("User-space interface for random number generators");
 
 struct rng_ctx {
 #define MAXSIZE 128
     unsigned int len;
     struct crypto_rng *drng;
     u8 *addtl;
     size_t addtl_len;
 };
 
 struct rng_parent_ctx {
     struct crypto_rng *drng;
     u8 *entropy;
 };
 
 static void rng_reset_addtl(struct rng_ctx *ctx)
 {
     kfree_sensitive(ctx->addtl);
     ctx->addtl = NULL;
     ctx->addtl_len = 0;
 }
 
 static int _rng_recvmsg(struct crypto_rng *drng, struct msghdr *msg, size_t len,
             u8 *addtl, size_t addtl_len)
 {
     int err = 0;
     int genlen = 0;
     u8 result[MAXSIZE];
 
     if (len == 0)
         return 0;
     if (len > MAXSIZE)
         len = MAXSIZE;
 
     /*
      * although not strictly needed, this is a precaution against coding
      * errors
      */
     memset(result, 0, len);
 
     /*
      * The enforcement of a proper seeding of an RNG is done within an
      * RNG implementation. Some RNGs (DRBG, krng) do not need specific
      * seeding as they automatically seed. The X9.31 DRNG will return
      * an error if it was not seeded properly.
      */
     genlen = crypto_rng_generate(drng, addtl, addtl_len, result, len);
     if (genlen < 0)
         return genlen;
 
     err = memcpy_to_msg(msg, result, len);
     memzero_explicit(result, len);
 
     return err ? err : len;
 }
 
 static int rng_recvmsg(struct socket *sock, struct msghdr *msg, size_t len,
                int flags)
 {
     struct sock *sk = sock->sk;
     struct alg_sock *ask = alg_sk(sk);
     struct rng_ctx *ctx = ask->private;
 
     return _rng_recvmsg(ctx->drng, msg, len, NULL, 0);
 }
 
 static int rng_test_recvmsg(struct socket *sock, struct msghdr *msg, size_t len,
                 int flags)
 {
     struct sock *sk = sock->sk;
     struct alg_sock *ask = alg_sk(sk);
     struct rng_ctx *ctx = ask->private;
     int ret;
 
     lock_sock(sock->sk);
     ret = _rng_recvmsg(ctx->drng, msg, len, ctx->addtl, ctx->addtl_len);
     rng_reset_addtl(ctx);
     release_sock(sock->sk);
 
     return ret;
 }
 
 static int rng_test_sendmsg(struct socket *sock, struct msghdr *msg, size_t len)
 {
     int err;
     struct alg_sock *ask = alg_sk(sock->sk);
     struct rng_ctx *ctx = ask->private;
 
     lock_sock(sock->sk);
     if (len > MAXSIZE) {
         err = -EMSGSIZE;
         goto unlock;
     }
 
     rng_reset_addtl(ctx);
     ctx->addtl = kmalloc(len, GFP_KERNEL);
     if (!ctx->addtl) {
         err = -ENOMEM;
         goto unlock;
     }
 
     err = memcpy_from_msg(ctx->addtl, msg, len);
     if (err) {
         rng_reset_addtl(ctx);
         goto unlock;
     }
     ctx->addtl_len = len;
 
 unlock:
     release_sock(sock->sk);
     return err ? err : len;
 }
 
 static struct proto_ops algif_rng_ops = {
     .family     =   PF_ALG,
 
     .connect    =   sock_no_connect,
     .socketpair =   sock_no_socketpair,
     .getname    =   sock_no_getname,
     .ioctl      =   sock_no_ioctl,
     .listen     =   sock_no_listen,
     .shutdown   =   sock_no_shutdown,
     .mmap       =   sock_no_mmap,
     .bind       =   sock_no_bind,
     .accept     =   sock_no_accept,
     .sendmsg    =   sock_no_sendmsg,
     .sendpage   =   sock_no_sendpage,
 
     .release    =   af_alg_release,
     .recvmsg    =   rng_recvmsg,
 };
 
 static struct proto_ops __maybe_unused algif_rng_test_ops = {
     .family     =   PF_ALG,
 
     .connect    =   sock_no_connect,
     .socketpair =   sock_no_socketpair,
     .getname    =   sock_no_getname,
     .ioctl      =   sock_no_ioctl,
     .listen     =   sock_no_listen,
     .shutdown   =   sock_no_shutdown,
     .mmap       =   sock_no_mmap,
     .bind       =   sock_no_bind,
     .accept     =   sock_no_accept,
     .sendpage   =   sock_no_sendpage,
 
     .release    =   af_alg_release,
     .recvmsg    =   rng_test_recvmsg,
     .sendmsg    =   rng_test_sendmsg,
 };
 
 static void *rng_bind(const char *name, u32 type, u32 mask)
 {
     struct rng_parent_ctx *pctx;
     struct crypto_rng *rng;
 
     pctx = kzalloc(sizeof(*pctx), GFP_KERNEL);
     if (!pctx)
         return ERR_PTR(-ENOMEM);
 
     rng = crypto_alloc_rng(name, type, mask);
     if (IS_ERR(rng)) {
         kfree(pctx);
         return ERR_CAST(rng);
     }
 
     pctx->drng = rng;
     return pctx;
 }
 
 static void rng_release(void *private)
 {
     struct rng_parent_ctx *pctx = private;
 
     if (unlikely(!pctx))
         return;
     crypto_free_rng(pctx->drng);
     kfree_sensitive(pctx->entropy);
     kfree_sensitive(pctx);
 }
 
 static void rng_sock_destruct(struct sock *sk)
 {
     struct alg_sock *ask = alg_sk(sk);
     struct rng_ctx *ctx = ask->private;
 
     rng_reset_addtl(ctx);
     sock_kfree_s(sk, ctx, ctx->len);
     af_alg_release_parent(sk);
 }
 
 static int rng_accept_parent(void *private, struct sock *sk)
 {
     struct rng_ctx *ctx;
     struct rng_parent_ctx *pctx = private;
     struct alg_sock *ask = alg_sk(sk);
     unsigned int len = sizeof(*ctx);
 
     ctx = sock_kmalloc(sk, len, GFP_KERNEL);
     if (!ctx)
         return -ENOMEM;
 
     ctx->len = len;
     ctx->addtl = NULL;
     ctx->addtl_len = 0;
 
     /*
      * No seeding done at that point -- if multiple accepts are
      * done on one RNG instance, each resulting FD points to the same
      * state of the RNG.
      */
 
     ctx->drng = pctx->drng;
     ask->private = ctx;
     sk->sk_destruct = rng_sock_destruct;
 
     /*
      * Non NULL pctx->entropy means that CAVP test has been initiated on
      * this socket, replace proto_ops algif_rng_ops with algif_rng_test_ops.
      */
     if (IS_ENABLED(CONFIG_CRYPTO_USER_API_RNG_CAVP) && pctx->entropy)
         sk->sk_socket->ops = &algif_rng_test_ops;
 
     return 0;
 }
 
 static int rng_setkey(void *private, const u8 *seed, unsigned int seedlen)
 {
     struct rng_parent_ctx *pctx = private;
     /*
      * Check whether seedlen is of sufficient size is done in RNG
      * implementations.
      */
     return crypto_rng_reset(pctx->drng, seed, seedlen);
 }
 
 static int __maybe_unused rng_setentropy(void *private, sockptr_t entropy,
                      unsigned int len)
 {
     struct rng_parent_ctx *pctx = private;
     u8 *kentropy = NULL;
 
     if (!capable(CAP_SYS_ADMIN))
         return -EACCES;
 
     if (pctx->entropy)
         return -EINVAL;
 
     if (len > MAXSIZE)
         return -EMSGSIZE;
 
     if (len) {
         kentropy = memdup_sockptr(entropy, len);
         if (IS_ERR(kentropy))
             return PTR_ERR(kentropy);
     }
 
     crypto_rng_alg(pctx->drng)->set_ent(pctx->drng, kentropy, len);
     /*
      * Since rng doesn't perform any memory management for the entropy
      * buffer, save kentropy pointer to pctx now to free it after use.
      */
     pctx->entropy = kentropy;
     return 0;
 }
 
 static const struct af_alg_type algif_type_rng = {
     .bind       =   rng_bind,
     .release    =   rng_release,
     .accept     =   rng_accept_parent,
     .setkey     =   rng_setkey,
 #ifdef CONFIG_CRYPTO_USER_API_RNG_CAVP
     .setentropy =   rng_setentropy,
 #endif
     .ops        =   &algif_rng_ops,
     .name       =   "rng",
     .owner      =   THIS_MODULE
 };
 
 static int __init rng_init(void)
 {
     return af_alg_register_type(&algif_type_rng);
 }
 
 static void __exit rng_exit(void)
 {
     int err = af_alg_unregister_type(&algif_type_rng);
     BUG_ON(err);
 }
 
 module_init(rng_init);
 module_exit(rng_exit);

This page was automatically generated by the 2.1.0 LXR engine. The LXR team