crypto: skcipher - Use RNG interface instead of get_random_bytes

This patch makes the IV generators use the new RNG interface so
that the user can pick an RNG other than the default get_random_bytes.

Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>

1 files changed, 29 insertions, 5 deletions

diff --git a/crypto/chainiv.c b/crypto/chainiv.c
index cf68d4365347..7c37a497b860 100644
--- a/crypto/chainiv.c
+++ b/crypto/chainiv.c
@@ -14,11 +14,11 @@
  */
 
 #include <crypto/internal/skcipher.h>
+#include <crypto/rng.h>
 #include <linux/err.h>
 #include <linux/init.h>
 #include <linux/kernel.h>
 #include <linux/module.h>
-#include <linux/random.h>
 #include <linux/spinlock.h>
 #include <linux/string.h>
 #include <linux/workqueue.h>
@@ -83,6 +83,7 @@ static int chainiv_givencrypt_first(struct skcipher_givcrypt_request *req)
 {
         struct crypto_ablkcipher *geniv = skcipher_givcrypt_reqtfm(req);
         struct chainiv_ctx *ctx = crypto_ablkcipher_ctx(geniv);
+        int err = 0;
 
         spin_lock_bh(&ctx->lock);
         if (crypto_ablkcipher_crt(geniv)->givencrypt !=
@@ -90,11 +91,15 @@ static int chainiv_givencrypt_first(struct skcipher_givcrypt_request *req)
                 goto unlock;
 
         crypto_ablkcipher_crt(geniv)->givencrypt = chainiv_givencrypt;
-        get_random_bytes(ctx->iv, crypto_ablkcipher_ivsize(geniv));
+        err = crypto_rng_get_bytes(crypto_default_rng, ctx->iv,
+                                   crypto_ablkcipher_ivsize(geniv));
 
 unlock:
         spin_unlock_bh(&ctx->lock);
 
+        if (err)
+                return err;
+
         return chainiv_givencrypt(req);
 }
 
@@ -203,6 +208,7 @@ static int async_chainiv_givencrypt_first(struct skcipher_givcrypt_request *req)
 {
         struct crypto_ablkcipher *geniv = skcipher_givcrypt_reqtfm(req);
         struct async_chainiv_ctx *ctx = crypto_ablkcipher_ctx(geniv);
+        int err = 0;
 
         if (test_and_set_bit(CHAINIV_STATE_INUSE, &ctx->state))
                 goto out;
@@ -212,11 +218,15 @@ static int async_chainiv_givencrypt_first(struct skcipher_givcrypt_request *req)
                 goto unlock;
 
         crypto_ablkcipher_crt(geniv)->givencrypt = async_chainiv_givencrypt;
-        get_random_bytes(ctx->iv, crypto_ablkcipher_ivsize(geniv));
+        err = crypto_rng_get_bytes(crypto_default_rng, ctx->iv,
+                                   crypto_ablkcipher_ivsize(geniv));
 
 unlock:
         clear_bit(CHAINIV_STATE_INUSE, &ctx->state);
 
+        if (err)
+                return err;
+
 out:
         return async_chainiv_givencrypt(req);
 }
@@ -284,9 +294,13 @@ static struct crypto_instance *chainiv_alloc(struct rtattr **tb)
         if (IS_ERR(algt))
                 return ERR_PTR(err);
 
+        err = crypto_get_default_rng();
+        if (err)
+                return ERR_PTR(err);
+
         inst = skcipher_geniv_alloc(&chainiv_tmpl, tb, 0, 0);
         if (IS_ERR(inst))
-                goto out;
+                goto put_rng;
 
         inst->alg.cra_ablkcipher.givencrypt = chainiv_givencrypt_first;
 
@@ -311,12 +325,22 @@ static struct crypto_instance *chainiv_alloc(struct rtattr **tb)
 
 out:
         return inst;
+
+put_rng:
+        crypto_put_default_rng();
+        goto out;
+}
+
+static void chainiv_free(struct crypto_instance *inst)
+{
+        skcipher_geniv_free(inst);
+        crypto_put_default_rng();
 }
 
 static struct crypto_template chainiv_tmpl = {
         .name = "chainiv",
         .alloc = chainiv_alloc,
-        .free = skcipher_geniv_free,
+        .free = chainiv_free,
         .module = THIS_MODULE,
 };