From: Andy Lutomirski <luto@kernel.org>
To: Theodore Tso <tytso@google.com>
Cc: LKML <linux-kernel@vger.kernel.org>,
Linux API <linux-api@vger.kernel.org>,
Kees Cook <keescook@chromium.org>,
"Jason A. Donenfeld" <Jason@zx2c4.com>,
Andy Lutomirski <luto@kernel.org>
Subject: [PATCH 2/7] random: Add GRND_INSECURE to return best-effort non-cryptographic bytes
Date: Thu, 29 Aug 2019 18:11:37 -0700 [thread overview]
Message-ID: <d4fdee4bf20ad37feaf22c39964b46e123ccd7e3.1567126741.git.luto@kernel.org> (raw)
In-Reply-To: <cover.1567126741.git.luto@kernel.org>
Signed-off-by: Andy Lutomirski <luto@kernel.org>
---
drivers/char/random.c | 11 +++++++++--
include/uapi/linux/random.h | 2 ++
2 files changed, 11 insertions(+), 2 deletions(-)
diff --git a/drivers/char/random.c b/drivers/char/random.c
index d152612e08fc..acabb870f222 100644
--- a/drivers/char/random.c
+++ b/drivers/char/random.c
@@ -2122,7 +2122,14 @@ SYSCALL_DEFINE3(getrandom, char __user *, buf, size_t, count,
{
int ret;
- if (flags & ~(GRND_NONBLOCK|GRND_RANDOM))
+ if (flags & ~(GRND_NONBLOCK|GRND_RANDOM|GRND_INSECURE))
+ return -EINVAL;
+
+ /*
+ * Requesting insecure and blocking randomness at the same time makes
+ * no sense.
+ */
+ if ((flags & (GRND_INSECURE|GRND_RANDOM)) == (GRND_INSECURE|GRND_RANDOM))
return -EINVAL;
if (count > INT_MAX)
@@ -2131,7 +2138,7 @@ SYSCALL_DEFINE3(getrandom, char __user *, buf, size_t, count,
if (flags & GRND_RANDOM)
return _random_read(flags & GRND_NONBLOCK, buf, count);
- if (!crng_ready()) {
+ if (!(flags & GRND_INSECURE) && !crng_ready()) {
if (flags & GRND_NONBLOCK)
return -EAGAIN;
ret = wait_for_random_bytes();
diff --git a/include/uapi/linux/random.h b/include/uapi/linux/random.h
index 26ee91300e3e..c092d20088d3 100644
--- a/include/uapi/linux/random.h
+++ b/include/uapi/linux/random.h
@@ -49,8 +49,10 @@ struct rand_pool_info {
*
* GRND_NONBLOCK Don't block and return EAGAIN instead
* GRND_RANDOM Use the /dev/random pool instead of /dev/urandom
+ * GRND_INSECURE Return non-cryptographic random bytes
*/
#define GRND_NONBLOCK 0x0001
#define GRND_RANDOM 0x0002
+#define GRND_INSECURE 0x0004
#endif /* _UAPI_LINUX_RANDOM_H */
--
2.21.0
next prev parent reply other threads:[~2019-08-30 1:11 UTC|newest]
Thread overview: 12+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-08-30 1:11 [PATCH 0/7] Rework random blocking Andy Lutomirski
2019-08-30 1:11 ` [PATCH 1/7] random: Don't wake crng_init_wait when crng_init == 1 Andy Lutomirski
2019-08-30 1:11 ` Andy Lutomirski [this message]
2019-08-30 1:11 ` [PATCH 3/7] random: Ignore GRND_RANDOM in getentropy(2) Andy Lutomirski
2019-08-30 1:11 ` [PATCH 4/7] random: Make /dev/random be almost like /dev/urandom Andy Lutomirski
2019-08-30 1:11 ` [PATCH 5/7] random: Remove the blocking pool Andy Lutomirski
2019-08-30 1:11 ` [PATCH 6/7] random: Delete code to pull data into pools Andy Lutomirski
2019-08-30 1:11 ` [PATCH 7/7] random: Remove kernel.random.read_wakeup_threshold Andy Lutomirski
2019-08-30 1:49 ` [PATCH 0/7] Rework random blocking Theodore Y. Ts'o
2019-08-30 2:01 ` Andy Lutomirski
2019-09-09 9:42 ` Pavel Machek
2019-09-09 22:57 ` Andy Lutomirski
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=d4fdee4bf20ad37feaf22c39964b46e123ccd7e3.1567126741.git.luto@kernel.org \
--to=luto@kernel.org \
--cc=Jason@zx2c4.com \
--cc=keescook@chromium.org \
--cc=linux-api@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=tytso@google.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).