diff options
Diffstat (limited to 'crypto/ansi_cprng.c')
| -rw-r--r-- | crypto/ansi_cprng.c | 43 |
1 files changed, 13 insertions, 30 deletions
diff --git a/crypto/ansi_cprng.c b/crypto/ansi_cprng.c index d80ed4c1e009..3aa6e3834bfe 100644 --- a/crypto/ansi_cprng.c +++ b/crypto/ansi_cprng.c | |||
| @@ -187,7 +187,6 @@ static int _get_more_prng_bytes(struct prng_context *ctx) | |||
| 187 | /* Our exported functions */ | 187 | /* Our exported functions */ |
| 188 | static int get_prng_bytes(char *buf, size_t nbytes, struct prng_context *ctx) | 188 | static int get_prng_bytes(char *buf, size_t nbytes, struct prng_context *ctx) |
| 189 | { | 189 | { |
| 190 | unsigned long flags; | ||
| 191 | unsigned char *ptr = buf; | 190 | unsigned char *ptr = buf; |
| 192 | unsigned int byte_count = (unsigned int)nbytes; | 191 | unsigned int byte_count = (unsigned int)nbytes; |
| 193 | int err; | 192 | int err; |
| @@ -196,7 +195,7 @@ static int get_prng_bytes(char *buf, size_t nbytes, struct prng_context *ctx) | |||
| 196 | if (nbytes < 0) | 195 | if (nbytes < 0) |
| 197 | return -EINVAL; | 196 | return -EINVAL; |
| 198 | 197 | ||
| 199 | spin_lock_irqsave(&ctx->prng_lock, flags); | 198 | spin_lock_bh(&ctx->prng_lock); |
| 200 | 199 | ||
| 201 | err = -EINVAL; | 200 | err = -EINVAL; |
| 202 | if (ctx->flags & PRNG_NEED_RESET) | 201 | if (ctx->flags & PRNG_NEED_RESET) |
| @@ -268,7 +267,7 @@ empty_rbuf: | |||
| 268 | goto remainder; | 267 | goto remainder; |
| 269 | 268 | ||
| 270 | done: | 269 | done: |
| 271 | spin_unlock_irqrestore(&ctx->prng_lock, flags); | 270 | spin_unlock_bh(&ctx->prng_lock); |
| 272 | dbgprint(KERN_CRIT "returning %d from get_prng_bytes in context %p\n", | 271 | dbgprint(KERN_CRIT "returning %d from get_prng_bytes in context %p\n", |
| 273 | err, ctx); | 272 | err, ctx); |
| 274 | return err; | 273 | return err; |
| @@ -284,10 +283,9 @@ static int reset_prng_context(struct prng_context *ctx, | |||
| 284 | unsigned char *V, unsigned char *DT) | 283 | unsigned char *V, unsigned char *DT) |
| 285 | { | 284 | { |
| 286 | int ret; | 285 | int ret; |
| 287 | int rc = -EINVAL; | ||
| 288 | unsigned char *prng_key; | 286 | unsigned char *prng_key; |
| 289 | 287 | ||
| 290 | spin_lock(&ctx->prng_lock); | 288 | spin_lock_bh(&ctx->prng_lock); |
| 291 | ctx->flags |= PRNG_NEED_RESET; | 289 | ctx->flags |= PRNG_NEED_RESET; |
| 292 | 290 | ||
| 293 | prng_key = (key != NULL) ? key : (unsigned char *)DEFAULT_PRNG_KEY; | 291 | prng_key = (key != NULL) ? key : (unsigned char *)DEFAULT_PRNG_KEY; |
| @@ -308,34 +306,20 @@ static int reset_prng_context(struct prng_context *ctx, | |||
| 308 | memset(ctx->rand_data, 0, DEFAULT_BLK_SZ); | 306 | memset(ctx->rand_data, 0, DEFAULT_BLK_SZ); |
| 309 | memset(ctx->last_rand_data, 0, DEFAULT_BLK_SZ); | 307 | memset(ctx->last_rand_data, 0, DEFAULT_BLK_SZ); |
| 310 | 308 | ||
| 311 | if (ctx->tfm) | ||
| 312 | crypto_free_cipher(ctx->tfm); | ||
| 313 | |||
| 314 | ctx->tfm = crypto_alloc_cipher("aes", 0, 0); | ||
| 315 | if (IS_ERR(ctx->tfm)) { | ||
| 316 | dbgprint(KERN_CRIT "Failed to alloc tfm for context %p\n", | ||
| 317 | ctx); | ||
| 318 | ctx->tfm = NULL; | ||
| 319 | goto out; | ||
| 320 | } | ||
| 321 | |||
| 322 | ctx->rand_data_valid = DEFAULT_BLK_SZ; | 309 | ctx->rand_data_valid = DEFAULT_BLK_SZ; |
| 323 | 310 | ||
| 324 | ret = crypto_cipher_setkey(ctx->tfm, prng_key, klen); | 311 | ret = crypto_cipher_setkey(ctx->tfm, prng_key, klen); |
| 325 | if (ret) { | 312 | if (ret) { |
| 326 | dbgprint(KERN_CRIT "PRNG: setkey() failed flags=%x\n", | 313 | dbgprint(KERN_CRIT "PRNG: setkey() failed flags=%x\n", |
| 327 | crypto_cipher_get_flags(ctx->tfm)); | 314 | crypto_cipher_get_flags(ctx->tfm)); |
| 328 | crypto_free_cipher(ctx->tfm); | ||
| 329 | goto out; | 315 | goto out; |
| 330 | } | 316 | } |
| 331 | 317 | ||
| 332 | rc = 0; | 318 | ret = 0; |
| 333 | ctx->flags &= ~PRNG_NEED_RESET; | 319 | ctx->flags &= ~PRNG_NEED_RESET; |
| 334 | out: | 320 | out: |
| 335 | spin_unlock(&ctx->prng_lock); | 321 | spin_unlock_bh(&ctx->prng_lock); |
| 336 | 322 | return ret; | |
| 337 | return rc; | ||
| 338 | |||
| 339 | } | 323 | } |
| 340 | 324 | ||
| 341 | static int cprng_init(struct crypto_tfm *tfm) | 325 | static int cprng_init(struct crypto_tfm *tfm) |
| @@ -343,6 +327,12 @@ static int cprng_init(struct crypto_tfm *tfm) | |||
| 343 | struct prng_context *ctx = crypto_tfm_ctx(tfm); | 327 | struct prng_context *ctx = crypto_tfm_ctx(tfm); |
| 344 | 328 | ||
| 345 | spin_lock_init(&ctx->prng_lock); | 329 | spin_lock_init(&ctx->prng_lock); |
| 330 | ctx->tfm = crypto_alloc_cipher("aes", 0, 0); | ||
| 331 | if (IS_ERR(ctx->tfm)) { | ||
| 332 | dbgprint(KERN_CRIT "Failed to alloc tfm for context %p\n", | ||
| 333 | ctx); | ||
| 334 | return PTR_ERR(ctx->tfm); | ||
| 335 | } | ||
| 346 | 336 | ||
| 347 | if (reset_prng_context(ctx, NULL, DEFAULT_PRNG_KSZ, NULL, NULL) < 0) | 337 | if (reset_prng_context(ctx, NULL, DEFAULT_PRNG_KSZ, NULL, NULL) < 0) |
| 348 | return -EINVAL; | 338 | return -EINVAL; |
| @@ -418,17 +408,10 @@ static struct crypto_alg rng_alg = { | |||
| 418 | /* Module initalization */ | 408 | /* Module initalization */ |
| 419 | static int __init prng_mod_init(void) | 409 | static int __init prng_mod_init(void) |
| 420 | { | 410 | { |
| 421 | int ret = 0; | ||
| 422 | |||
| 423 | if (fips_enabled) | 411 | if (fips_enabled) |
| 424 | rng_alg.cra_priority += 200; | 412 | rng_alg.cra_priority += 200; |
| 425 | 413 | ||
| 426 | ret = crypto_register_alg(&rng_alg); | 414 | return crypto_register_alg(&rng_alg); |
| 427 | |||
| 428 | if (ret) | ||
| 429 | goto out; | ||
| 430 | out: | ||
| 431 | return 0; | ||
| 432 | } | 415 | } |
| 433 | 416 | ||
| 434 | static void __exit prng_mod_fini(void) | 417 | static void __exit prng_mod_fini(void) |