Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 7f9f864a authored by Andy Lutomirski's avatar Andy Lutomirski Committed by Greg Kroah-Hartman
Browse files

random: add GRND_INSECURE to return best-effort non-cryptographic bytes 



commit 75551dbf112c992bc6c99a972990b3f272247e23 upstream.

Signed-off-by: default avatarAndy Lutomirski <luto@kernel.org>
Link: https://lore.kernel.org/r/d5473b56cf1fa900ca4bd2b3fc1e5b8874399919.1577088521.git.luto@kernel.org


Signed-off-by: default avatarTheodore Ts'o <tytso@mit.edu>
Signed-off-by: default avatarJason A. Donenfeld <Jason@zx2c4.com>
Signed-off-by: default avatarGreg Kroah-Hartman <gregkh@linuxfoundation.org>
parent 479d3970

drivers/char/random.c

+9 −2
Original line number Diff line number Diff line
@@ -2217,7 +2217,14 @@ SYSCALL_DEFINE3(getrandom, char __user *, buf, size_t, count, 
{

	int ret;



	if (flags & ~(GRND_NONBLOCK|GRND_RANDOM))

	if (flags & ~(GRND_NONBLOCK|GRND_RANDOM|GRND_INSECURE))

		return -EINVAL;



	/*

	 * Requesting insecure and blocking randomness at the same time makes

	 * no sense.

	 */

	if ((flags & (GRND_INSECURE|GRND_RANDOM)) == (GRND_INSECURE|GRND_RANDOM))

		return -EINVAL;



	if (count > INT_MAX)
@@ -2226,7 +2233,7 @@ SYSCALL_DEFINE3(getrandom, char __user *, buf, size_t, count, 
	if (flags & GRND_RANDOM)

		return _random_read(flags & GRND_NONBLOCK, buf, count);



	if (!crng_ready()) {

	if (!(flags & GRND_INSECURE) && !crng_ready()) {

		if (flags & GRND_NONBLOCK)

			return -EAGAIN;

		ret = wait_for_random_bytes();

include/uapi/linux/random.h

+2 −0
Original line number Diff line number Diff line
@@ -49,8 +49,10 @@ struct rand_pool_info { 
 *

 * GRND_NONBLOCK	Don't block and return EAGAIN instead

 * GRND_RANDOM		Use the /dev/random pool instead of /dev/urandom

 * GRND_INSECURE	Return non-cryptographic random bytes

 */

#define GRND_NONBLOCK	0x0001

#define GRND_RANDOM	0x0002

#define GRND_INSECURE	0x0004



#endif /* _UAPI_LINUX_RANDOM_H */