We already have get_crypto_bytes to get access to hardware generated randomness. barebox as EFI loader would provide a handle for each HWRNG, so add a hwrng_get_crypto_bytes function that can be used to implement the load-side protocol.
Signed-off-by: Ahmad Fatoum <[email protected]> --- include/linux/hw_random.h | 6 +++++- include/stdlib.h | 2 ++ lib/random.c | 25 ++++++++++++------------- 3 files changed, 19 insertions(+), 14 deletions(-) diff --git a/include/linux/hw_random.h b/include/linux/hw_random.h index 116afd9721e5..e541abfa176e 100644 --- a/include/linux/hw_random.h +++ b/include/linux/hw_random.h @@ -36,12 +36,16 @@ struct hwrng { /* Register a new Hardware Random Number Generator driver. */ int hwrng_register(struct device_d *dev, struct hwrng *rng); -int hwrng_get_data(struct hwrng *rng, void *buffer, size_t size, int wait); #ifdef CONFIG_HWRNG struct hwrng *hwrng_get_first(void); +int hwrng_get_data(struct hwrng *rng, void *buffer, size_t size, int wait); #else static inline struct hwrng *hwrng_get_first(void) { return ERR_PTR(-ENODEV); }; +static inline int hwrng_get_data(struct hwrng *rng, void *buffer, size_t size, int wait) +{ + return -ENODEV; +} #endif void hwrng_unregister(struct hwrng *rng); diff --git a/include/stdlib.h b/include/stdlib.h index 8eb419e111f0..0305970557df 100644 --- a/include/stdlib.h +++ b/include/stdlib.h @@ -15,6 +15,8 @@ void srand(unsigned int seed); /* fill a buffer with pseudo-random data */ void get_random_bytes(void *buf, int len); int get_crypto_bytes(void *buf, int len); +struct hwrng; +int hwrng_get_crypto_bytes(struct hwrng *rng, void *buf, int len); static inline u32 random32(void) { diff --git a/lib/random.c b/lib/random.c index fb3580f9c086..c6532df55249 100644 --- a/lib/random.c +++ b/lib/random.c @@ -34,17 +34,8 @@ void get_random_bytes(void *_buf, int len) *buf++ = rand() % 256; } -/** - * get_crypto_bytes - get random numbers suitable for cryptographic needs. - */ -static int _get_crypto_bytes(void *buf, int len) +int hwrng_get_crypto_bytes(struct hwrng *rng, void *buf, int len) { - struct hwrng *rng; - - rng = hwrng_get_first(); - if (IS_ERR(rng)) - return PTR_ERR(rng); - while (len) { int bytes = hwrng_get_data(rng, buf, len, true); if (!bytes) @@ -60,13 +51,21 @@ static int _get_crypto_bytes(void *buf, int len) return 0; } +/** + * get_crypto_bytes - get random numbers suitable for cryptographic needs. + */ int get_crypto_bytes(void *buf, int len) { + struct hwrng *rng; int err; - err = _get_crypto_bytes(buf, len); - if (!err) - return 0; + rng = hwrng_get_first(); + err = PTR_ERR_OR_ZERO(rng); + if (!err) { + err = hwrng_get_crypto_bytes(rng, buf, len); + if (!err) + return 0; + } if (!IS_ENABLED(CONFIG_ALLOW_PRNG_FALLBACK)) { pr_err("error: no HWRNG available!\n"); -- 2.30.2
