[linux.git] / crypto / algif_rng.c

/*
 * algif_rng: User-space interface for random number generators
 *
 * This file provides the user-space API for random number generators.
 *
 * Copyright (C) 2014, Stephan Mueller <[email protected]>
 *
 * Redistribution and use in source and binary forms, with or without
 * modification, are permitted provided that the following conditions
 * are met:
 * 1. Redistributions of source code must retain the above copyright
 *    notice, and the entire permission notice in its entirety,
 *    including the disclaimer of warranties.
 * 2. Redistributions in binary form must reproduce the above copyright
 *    notice, this list of conditions and the following disclaimer in the
 *    documentation and/or other materials provided with the distribution.
 * 3. The name of the author may not be used to endorse or promote
 *    products derived from this software without specific prior
 *    written permission.
 *
 * ALTERNATIVELY, this product may be distributed under the terms of
 * the GNU General Public License, in which case the provisions of the GPL2
 * are required INSTEAD OF the above restrictions.  (This clause is
 * necessary due to a potential bad interaction between the GPL and
 * the restrictions contained in a BSD-style copyright.)
 *
 * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED
 * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE, ALL OF
 * WHICH ARE HEREBY DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR BE
 * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
 * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT
 * OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR
 * BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
 * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE
 * USE OF THIS SOFTWARE, EVEN IF NOT ADVISED OF THE POSSIBILITY OF SUCH
 * DAMAGE.
 */

#include <linux/module.h>
#include <crypto/rng.h>
#include <linux/random.h>
#include <crypto/if_alg.h>
#include <linux/net.h>
#include <net/sock.h>

MODULE_LICENSE("GPL");
MODULE_AUTHOR("Stephan Mueller <[email protected]>");
MODULE_DESCRIPTION("User-space interface for random number generators");

struct rng_ctx {
#define MAXSIZE 128
	unsigned int len;
	struct crypto_rng *drng;
};

static int rng_recvmsg(struct socket *sock, struct msghdr *msg, size_t len,
		       int flags)
{
	struct sock *sk = sock->sk;
	struct alg_sock *ask = alg_sk(sk);
	struct rng_ctx *ctx = ask->private;
	int err = -EFAULT;
	int genlen = 0;
	u8 result[MAXSIZE];

	if (len == 0)
		return 0;
	if (len > MAXSIZE)
		len = MAXSIZE;

	/*
	 * although not strictly needed, this is a precaution against coding
	 * errors
	 */
	memset(result, 0, len);

	/*
	 * The enforcement of a proper seeding of an RNG is done within an
	 * RNG implementation. Some RNGs (DRBG, krng) do not need specific
	 * seeding as they automatically seed. The X9.31 DRNG will return
	 * an error if it was not seeded properly.
	 */
	genlen = crypto_rng_get_bytes(ctx->drng, result, len);
	if (genlen < 0)
		return genlen;

	err = memcpy_to_msg(msg, result, len);
	memzero_explicit(result, len);

	return err ? err : len;
}

static struct proto_ops algif_rng_ops = {
	.family		=	PF_ALG,

	.connect	=	sock_no_connect,
	.socketpair	=	sock_no_socketpair,
	.getname	=	sock_no_getname,
	.ioctl		=	sock_no_ioctl,
	.listen		=	sock_no_listen,
	.shutdown	=	sock_no_shutdown,
	.getsockopt	=	sock_no_getsockopt,
	.mmap		=	sock_no_mmap,
	.bind		=	sock_no_bind,
	.accept		=	sock_no_accept,
	.setsockopt	=	sock_no_setsockopt,
	.sendmsg	=	sock_no_sendmsg,
	.sendpage	=	sock_no_sendpage,

	.release	=	af_alg_release,
	.recvmsg	=	rng_recvmsg,
};

static void *rng_bind(const char *name, u32 type, u32 mask)
{
	return crypto_alloc_rng(name, type, mask);
}

static void rng_release(void *private)
{
	crypto_free_rng(private);
}

static void rng_sock_destruct(struct sock *sk)
{
	struct alg_sock *ask = alg_sk(sk);
	struct rng_ctx *ctx = ask->private;

	sock_kfree_s(sk, ctx, ctx->len);
	af_alg_release_parent(sk);
}

static int rng_accept_parent(void *private, struct sock *sk)
{
	struct rng_ctx *ctx;
	struct alg_sock *ask = alg_sk(sk);
	unsigned int len = sizeof(*ctx);

	ctx = sock_kmalloc(sk, len, GFP_KERNEL);
	if (!ctx)
		return -ENOMEM;

	ctx->len = len;

	/*
	 * No seeding done at that point -- if multiple accepts are
	 * done on one RNG instance, each resulting FD points to the same
	 * state of the RNG.
	 */

	ctx->drng = private;
	ask->private = ctx;
	sk->sk_destruct = rng_sock_destruct;

	return 0;
}

static int rng_setkey(void *private, const u8 *seed, unsigned int seedlen)
{
	/*
	 * Check whether seedlen is of sufficient size is done in RNG
	 * implementations.
	 */
	return crypto_rng_reset(private, seed, seedlen);
}

static const struct af_alg_type algif_type_rng = {
	.bind		=	rng_bind,
	.release	=	rng_release,
	.accept		=	rng_accept_parent,
	.setkey		=	rng_setkey,
	.ops		=	&algif_rng_ops,
	.name		=	"rng",
	.owner		=	THIS_MODULE
};

static int __init rng_init(void)
{
	return af_alg_register_type(&algif_type_rng);
}

static void __exit rng_exit(void)
{
	int err = af_alg_unregister_type(&algif_type_rng);
	BUG_ON(err);
}

module_init(rng_init);
module_exit(rng_exit);
Commit	Line	Data
5afdfd22 SM	1	/*
	2	* algif_rng: User-space interface for random number generators
	3	*
	4	* This file provides the user-space API for random number generators.
	5	*
	6	* Copyright (C) 2014, Stephan Mueller <[email protected]>
	7	*
	8	* Redistribution and use in source and binary forms, with or without
	9	* modification, are permitted provided that the following conditions
	10	* are met:
	11	* 1. Redistributions of source code must retain the above copyright
	12	* notice, and the entire permission notice in its entirety,
	13	* including the disclaimer of warranties.
	14	* 2. Redistributions in binary form must reproduce the above copyright
	15	* notice, this list of conditions and the following disclaimer in the
	16	* documentation and/or other materials provided with the distribution.
	17	* 3. The name of the author may not be used to endorse or promote
	18	* products derived from this software without specific prior
	19	* written permission.
	20	*
	21	* ALTERNATIVELY, this product may be distributed under the terms of
	22	* the GNU General Public License, in which case the provisions of the GPL2
	23	* are required INSTEAD OF the above restrictions. (This clause is
	24	* necessary due to a potential bad interaction between the GPL and
	25	* the restrictions contained in a BSD-style copyright.)
	26	*
	27	* THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED
	28	* WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
	29	* OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE, ALL OF
	30	* WHICH ARE HEREBY DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE
	31	* LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
	32	* CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT
	33	* OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR
	34	* BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
	35	* LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
	36	* (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE
	37	* USE OF THIS SOFTWARE, EVEN IF NOT ADVISED OF THE POSSIBILITY OF SUCH
	38	* DAMAGE.
	39	*/
	40
	41	#include <linux/module.h>
	42	#include <crypto/rng.h>
	43	#include <linux/random.h>
	44	#include <crypto/if_alg.h>
	45	#include <linux/net.h>
	46	#include <net/sock.h>
	47
	48	MODULE_LICENSE("GPL");
	49	MODULE_AUTHOR("Stephan Mueller <[email protected]>");
	50	MODULE_DESCRIPTION("User-space interface for random number generators");
	51
	52	struct rng_ctx {
	53	#define MAXSIZE 128
	54	unsigned int len;
	55	struct crypto_rng *drng;
	56	};
	57
1b784140 YX	58	static int rng_recvmsg(struct socket sock, struct msghdr msg, size_t len,
1b784140 YX	59	int flags)
5afdfd22 SM	60	{
	61	struct sock *sk = sock->sk;
	62	struct alg_sock *ask = alg_sk(sk);
	63	struct rng_ctx *ctx = ask->private;
	64	int err = -EFAULT;
	65	int genlen = 0;
	66	u8 result[MAXSIZE];
	67
	68	if (len == 0)
	69	return 0;
	70	if (len > MAXSIZE)
	71	len = MAXSIZE;
	72
	73	/*
	74	* although not strictly needed, this is a precaution against coding
	75	* errors
	76	*/
	77	memset(result, 0, len);
	78
	79	/*
	80	* The enforcement of a proper seeding of an RNG is done within an
	81	* RNG implementation. Some RNGs (DRBG, krng) do not need specific
	82	* seeding as they automatically seed. The X9.31 DRNG will return
	83	* an error if it was not seeded properly.
	84	*/
	85	genlen = crypto_rng_get_bytes(ctx->drng, result, len);
	86	if (genlen < 0)
	87	return genlen;
	88
	89	err = memcpy_to_msg(msg, result, len);
2ef4d5c4	90	memzero_explicit(result, len);
5afdfd22 SM	91
	92	return err ? err : len;
	93	}
	94
	95	static struct proto_ops algif_rng_ops = {
	96	.family = PF_ALG,
	97
	98	.connect = sock_no_connect,
	99	.socketpair = sock_no_socketpair,
	100	.getname = sock_no_getname,
	101	.ioctl = sock_no_ioctl,
	102	.listen = sock_no_listen,
	103	.shutdown = sock_no_shutdown,
	104	.getsockopt = sock_no_getsockopt,
	105	.mmap = sock_no_mmap,
	106	.bind = sock_no_bind,
	107	.accept = sock_no_accept,
	108	.setsockopt = sock_no_setsockopt,
5afdfd22 SM	109	.sendmsg = sock_no_sendmsg,
	110	.sendpage = sock_no_sendpage,
	111
	112	.release = af_alg_release,
	113	.recvmsg = rng_recvmsg,
	114	};
	115
	116	static void rng_bind(const char name, u32 type, u32 mask)
	117	{
	118	return crypto_alloc_rng(name, type, mask);
	119	}
	120
	121	static void rng_release(void *private)
	122	{
	123	crypto_free_rng(private);
	124	}
	125
	126	static void rng_sock_destruct(struct sock *sk)
	127	{
	128	struct alg_sock *ask = alg_sk(sk);
	129	struct rng_ctx *ctx = ask->private;
	130
	131	sock_kfree_s(sk, ctx, ctx->len);
	132	af_alg_release_parent(sk);
	133	}
	134
	135	static int rng_accept_parent(void private, struct sock sk)
	136	{
	137	struct rng_ctx *ctx;
	138	struct alg_sock *ask = alg_sk(sk);
	139	unsigned int len = sizeof(*ctx);
	140
	141	ctx = sock_kmalloc(sk, len, GFP_KERNEL);
	142	if (!ctx)
	143	return -ENOMEM;
	144
	145	ctx->len = len;
	146
	147	/*
	148	* No seeding done at that point -- if multiple accepts are
	149	* done on one RNG instance, each resulting FD points to the same
	150	* state of the RNG.
	151	*/
	152
	153	ctx->drng = private;
	154	ask->private = ctx;
	155	sk->sk_destruct = rng_sock_destruct;
	156
	157	return 0;
	158	}
	159
	160	static int rng_setkey(void private, const u8 seed, unsigned int seedlen)
	161	{
	162	/*
	163	* Check whether seedlen is of sufficient size is done in RNG
	164	* implementations.
	165	*/
654ae152	166	return crypto_rng_reset(private, seed, seedlen);
5afdfd22 SM	167	}
	168
	169	static const struct af_alg_type algif_type_rng = {
	170	.bind = rng_bind,
	171	.release = rng_release,
	172	.accept = rng_accept_parent,
	173	.setkey = rng_setkey,
	174	.ops = &algif_rng_ops,
	175	.name = "rng",
	176	.owner = THIS_MODULE
	177	};
	178
	179	static int __init rng_init(void)
	180	{
	181	return af_alg_register_type(&algif_type_rng);
	182	}
	183
598de369	184	static void __exit rng_exit(void)
5afdfd22 SM	185	{
	186	int err = af_alg_unregister_type(&algif_type_rng);
	187	BUG_ON(err);
	188	}
	189
	190	module_init(rng_init);
	191	module_exit(rng_exit);