~hc/RK356X_SDK_RELEASE.git

..	..	@@ -38,6 +38,7 @@
38	38	* DAMAGE.
39	39	*/
40	40
	41	+#include <linux/capability.h>
41	42	#include <linux/module.h>
42	43	#include <crypto/rng.h>
43	44	#include <linux/random.h>
..	..	@@ -53,15 +54,26 @@
53	54	#define MAXSIZE 128
54	55	unsigned int len;
55	56	struct crypto_rng *drng;
	57	+ u8 *addtl;
	58	+ size_t addtl_len;
56	59	};
57	60
58		-static int rng_recvmsg(struct socket sock, struct msghdr msg, size_t len,
59		- int flags)
	61	+struct rng_parent_ctx {
	62	+ struct crypto_rng *drng;
	63	+ u8 *entropy;
	64	+};
	65	+
	66	+static void rng_reset_addtl(struct rng_ctx *ctx)
60	67	{
61		- struct sock *sk = sock->sk;
62		- struct alg_sock *ask = alg_sk(sk);
63		- struct rng_ctx *ctx = ask->private;
64		- int err = -EFAULT;
	68	+ kfree_sensitive(ctx->addtl);
	69	+ ctx->addtl = NULL;
	70	+ ctx->addtl_len = 0;
	71	+}
	72	+
	73	+static int _rng_recvmsg(struct crypto_rng drng, struct msghdr msg, size_t len,
	74	+ u8 *addtl, size_t addtl_len)
	75	+{
	76	+ int err = 0;
65	77	int genlen = 0;
66	78	u8 result[MAXSIZE];
67	79
..	..	@@ -82,13 +94,70 @@
82	94	* seeding as they automatically seed. The X9.31 DRNG will return
83	95	* an error if it was not seeded properly.
84	96	*/
85		- genlen = crypto_rng_get_bytes(ctx->drng, result, len);
	97	+ genlen = crypto_rng_generate(drng, addtl, addtl_len, result, len);
86	98	if (genlen < 0)
87	99	return genlen;
88	100
89	101	err = memcpy_to_msg(msg, result, len);
90	102	memzero_explicit(result, len);
91	103
	104	+ return err ? err : len;
	105	+}
	106	+
	107	+static int rng_recvmsg(struct socket sock, struct msghdr msg, size_t len,
	108	+ int flags)
	109	+{
	110	+ struct sock *sk = sock->sk;
	111	+ struct alg_sock *ask = alg_sk(sk);
	112	+ struct rng_ctx *ctx = ask->private;
	113	+
	114	+ return _rng_recvmsg(ctx->drng, msg, len, NULL, 0);
	115	+}
	116	+
	117	+static int rng_test_recvmsg(struct socket sock, struct msghdr msg, size_t len,
	118	+ int flags)
	119	+{
	120	+ struct sock *sk = sock->sk;
	121	+ struct alg_sock *ask = alg_sk(sk);
	122	+ struct rng_ctx *ctx = ask->private;
	123	+ int ret;
	124	+
	125	+ lock_sock(sock->sk);
	126	+ ret = _rng_recvmsg(ctx->drng, msg, len, ctx->addtl, ctx->addtl_len);
	127	+ rng_reset_addtl(ctx);
	128	+ release_sock(sock->sk);
	129	+
	130	+ return ret;
	131	+}
	132	+
	133	+static int rng_test_sendmsg(struct socket sock, struct msghdr msg, size_t len)
	134	+{
	135	+ int err;
	136	+ struct alg_sock *ask = alg_sk(sock->sk);
	137	+ struct rng_ctx *ctx = ask->private;
	138	+
	139	+ lock_sock(sock->sk);
	140	+ if (len > MAXSIZE) {
	141	+ err = -EMSGSIZE;
	142	+ goto unlock;
	143	+ }
	144	+
	145	+ rng_reset_addtl(ctx);
	146	+ ctx->addtl = kmalloc(len, GFP_KERNEL);
	147	+ if (!ctx->addtl) {
	148	+ err = -ENOMEM;
	149	+ goto unlock;
	150	+ }
	151	+
	152	+ err = memcpy_from_msg(ctx->addtl, msg, len);
	153	+ if (err) {
	154	+ rng_reset_addtl(ctx);
	155	+ goto unlock;
	156	+ }
	157	+ ctx->addtl_len = len;
	158	+
	159	+unlock:
	160	+ release_sock(sock->sk);
92	161	return err ? err : len;
93	162	}
94	163
..	..	@@ -101,11 +170,9 @@
101	170	.ioctl = sock_no_ioctl,
102	171	.listen = sock_no_listen,
103	172	.shutdown = sock_no_shutdown,
104		- .getsockopt = sock_no_getsockopt,
105	173	.mmap = sock_no_mmap,
106	174	.bind = sock_no_bind,
107	175	.accept = sock_no_accept,
108		- .setsockopt = sock_no_setsockopt,
109	176	.sendmsg = sock_no_sendmsg,
110	177	.sendpage = sock_no_sendpage,
111	178
..	..	@@ -113,14 +180,53 @@
113	180	.recvmsg = rng_recvmsg,
114	181	};
115	182
	183	+static struct proto_ops __maybe_unused algif_rng_test_ops = {
	184	+ .family = PF_ALG,
	185	+
	186	+ .connect = sock_no_connect,
	187	+ .socketpair = sock_no_socketpair,
	188	+ .getname = sock_no_getname,
	189	+ .ioctl = sock_no_ioctl,
	190	+ .listen = sock_no_listen,
	191	+ .shutdown = sock_no_shutdown,
	192	+ .mmap = sock_no_mmap,
	193	+ .bind = sock_no_bind,
	194	+ .accept = sock_no_accept,
	195	+ .sendpage = sock_no_sendpage,
	196	+
	197	+ .release = af_alg_release,
	198	+ .recvmsg = rng_test_recvmsg,
	199	+ .sendmsg = rng_test_sendmsg,
	200	+};
	201	+
116	202	static void rng_bind(const char name, u32 type, u32 mask)
117	203	{
118		- return crypto_alloc_rng(name, type, mask);
	204	+ struct rng_parent_ctx *pctx;
	205	+ struct crypto_rng *rng;
	206	+
	207	+ pctx = kzalloc(sizeof(*pctx), GFP_KERNEL);
	208	+ if (!pctx)
	209	+ return ERR_PTR(-ENOMEM);
	210	+
	211	+ rng = crypto_alloc_rng(name, type, mask);
	212	+ if (IS_ERR(rng)) {
	213	+ kfree(pctx);
	214	+ return ERR_CAST(rng);
	215	+ }
	216	+
	217	+ pctx->drng = rng;
	218	+ return pctx;
119	219	}
120	220
121	221	static void rng_release(void *private)
122	222	{
123		- crypto_free_rng(private);
	223	+ struct rng_parent_ctx *pctx = private;
	224	+
	225	+ if (unlikely(!pctx))
	226	+ return;
	227	+ crypto_free_rng(pctx->drng);
	228	+ kfree_sensitive(pctx->entropy);
	229	+ kfree_sensitive(pctx);
124	230	}
125	231
126	232	static void rng_sock_destruct(struct sock *sk)
..	..	@@ -128,6 +234,7 @@
128	234	struct alg_sock *ask = alg_sk(sk);
129	235	struct rng_ctx *ctx = ask->private;
130	236
	237	+ rng_reset_addtl(ctx);
131	238	sock_kfree_s(sk, ctx, ctx->len);
132	239	af_alg_release_parent(sk);
133	240	}
..	..	@@ -135,6 +242,7 @@
135	242	static int rng_accept_parent(void private, struct sock sk)
136	243	{
137	244	struct rng_ctx *ctx;
	245	+ struct rng_parent_ctx *pctx = private;
138	246	struct alg_sock *ask = alg_sk(sk);
139	247	unsigned int len = sizeof(*ctx);
140	248
..	..	@@ -143,6 +251,8 @@
143	251	return -ENOMEM;
144	252
145	253	ctx->len = len;
	254	+ ctx->addtl = NULL;
	255	+ ctx->addtl_len = 0;
146	256
147	257	/*
148	258	* No seeding done at that point -- if multiple accepts are
..	..	@@ -150,20 +260,58 @@
150	260	* state of the RNG.
151	261	*/
152	262
153		- ctx->drng = private;
	263	+ ctx->drng = pctx->drng;
154	264	ask->private = ctx;
155	265	sk->sk_destruct = rng_sock_destruct;
	266	+
	267	+ /*
	268	+ * Non NULL pctx->entropy means that CAVP test has been initiated on
	269	+ * this socket, replace proto_ops algif_rng_ops with algif_rng_test_ops.
	270	+ */
	271	+ if (IS_ENABLED(CONFIG_CRYPTO_USER_API_RNG_CAVP) && pctx->entropy)
	272	+ sk->sk_socket->ops = &algif_rng_test_ops;
156	273
157	274	return 0;
158	275	}
159	276
160	277	static int rng_setkey(void private, const u8 seed, unsigned int seedlen)
161	278	{
	279	+ struct rng_parent_ctx *pctx = private;
162	280	/*
163	281	* Check whether seedlen is of sufficient size is done in RNG
164	282	* implementations.
165	283	*/
166		- return crypto_rng_reset(private, seed, seedlen);
	284	+ return crypto_rng_reset(pctx->drng, seed, seedlen);
	285	+}
	286	+
	287	+static int __maybe_unused rng_setentropy(void *private, sockptr_t entropy,
	288	+ unsigned int len)
	289	+{
	290	+ struct rng_parent_ctx *pctx = private;
	291	+ u8 *kentropy = NULL;
	292	+
	293	+ if (!capable(CAP_SYS_ADMIN))
	294	+ return -EACCES;
	295	+
	296	+ if (pctx->entropy)
	297	+ return -EINVAL;
	298	+
	299	+ if (len > MAXSIZE)
	300	+ return -EMSGSIZE;
	301	+
	302	+ if (len) {
	303	+ kentropy = memdup_sockptr(entropy, len);
	304	+ if (IS_ERR(kentropy))
	305	+ return PTR_ERR(kentropy);
	306	+ }
	307	+
	308	+ crypto_rng_alg(pctx->drng)->set_ent(pctx->drng, kentropy, len);
	309	+ /*
	310	+ * Since rng doesn't perform any memory management for the entropy
	311	+ * buffer, save kentropy pointer to pctx now to free it after use.
	312	+ */
	313	+ pctx->entropy = kentropy;
	314	+ return 0;
167	315	}
168	316
169	317	static const struct af_alg_type algif_type_rng = {
..	..	@@ -171,6 +319,9 @@
171	319	.release = rng_release,
172	320	.accept = rng_accept_parent,
173	321	.setkey = rng_setkey,
	322	+#ifdef CONFIG_CRYPTO_USER_API_RNG_CAVP
	323	+ .setentropy = rng_setentropy,
	324	+#endif
174	325	.ops = &algif_rng_ops,
175	326	.name = "rng",
176	327	.owner = THIS_MODULE