Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit fe156368 authored by Jason A. Donenfeld's avatar Jason A. Donenfeld Committed by Greg Kroah-Hartman
Browse files

random: allow partial reads if later user copies fail 



commit 5209aed5137880fa229746cb521f715e55596460 upstream.

Rather than failing entirely if a copy_to_user() fails at some point,
instead we should return a partial read for the amount that succeeded
prior, unless none succeeded at all, in which case we return -EFAULT as
before.

This makes it consistent with other reader interfaces. For example, the
following snippet for /dev/zero outputs "4" followed by "1":

  int fd;
  void *x = mmap(NULL, 4096, PROT_WRITE, MAP_ANONYMOUS | MAP_PRIVATE, -1, 0);
  assert(x != MAP_FAILED);
  fd = open("/dev/zero", O_RDONLY);
  assert(fd >= 0);
  printf("%zd\n", read(fd, x, 4));
  printf("%zd\n", read(fd, x + 4095, 4));
  close(fd);

This brings that same standard behavior to the various RNG reader
interfaces.

While we're at it, we can streamline the loop logic a little bit.

Suggested-by: default avatarLinus Torvalds <torvalds@linux-foundation.org>
Cc: Jann Horn <jannh@google.com>
Signed-off-by: default avatarJason A. Donenfeld <Jason@zx2c4.com>
Signed-off-by: default avatarGreg Kroah-Hartman <gregkh@linuxfoundation.org>
parent 70788723

drivers/char/random.c

+12 −10
Original line number Diff line number Diff line
@@ -523,8 +523,7 @@ EXPORT_SYMBOL(get_random_bytes); 


static ssize_t get_random_bytes_user(void __user *buf, size_t nbytes)

{

	ssize_t ret = 0;

	size_t len;

	size_t len, left, ret = 0;

	u32 chacha_state[CHACHA_BLOCK_SIZE / sizeof(u32)];

	u8 output[CHACHA_BLOCK_SIZE];
@@ -543,37 +542,40 @@ static ssize_t get_random_bytes_user(void __user *buf, size_t nbytes) 
	 * the user directly.

	 */

	if (nbytes <= CHACHA_KEY_SIZE) {

		ret = copy_to_user(buf, &chacha_state[4], nbytes) ? -EFAULT : nbytes;

		ret = nbytes - copy_to_user(buf, &chacha_state[4], nbytes);

		goto out_zero_chacha;

	}



	do {

	for (;;) {

		chacha20_block(chacha_state, output);

		if (unlikely(chacha_state[12] == 0))

			++chacha_state[13];



		len = min_t(size_t, nbytes, CHACHA_BLOCK_SIZE);

		if (copy_to_user(buf, output, len)) {

			ret = -EFAULT;

		left = copy_to_user(buf, output, len);

		if (left) {

			ret += len - left;

			break;

		}



		nbytes -= len;

		buf += len;

		ret += len;

		nbytes -= len;

		if (!nbytes)

			break;



		BUILD_BUG_ON(PAGE_SIZE % CHACHA_BLOCK_SIZE != 0);

		if (!(ret % PAGE_SIZE) && nbytes) {

		if (ret % PAGE_SIZE == 0) {

			if (signal_pending(current))

				break;

			cond_resched();

		}

	} while (nbytes);

	}



	memzero_explicit(output, sizeof(output));

out_zero_chacha:

	memzero_explicit(chacha_state, sizeof(chacha_state));

	return ret;

	return ret ? ret : -EFAULT;

}



/*