xref: /linux/drivers/char/hw_random/core.c (revision be239684b18e1cdcafcf8c7face4a2f562c745ad)
1 /*
2  * hw_random/core.c: HWRNG core API
3  *
4  * Copyright 2006 Michael Buesch <m@bues.ch>
5  * Copyright 2005 (c) MontaVista Software, Inc.
6  *
7  * Please read Documentation/admin-guide/hw_random.rst for details on use.
8  *
9  * This software may be used and distributed according to the terms
10  * of the GNU General Public License, incorporated herein by reference.
11  */
12 
13 #include <linux/delay.h>
14 #include <linux/device.h>
15 #include <linux/err.h>
16 #include <linux/fs.h>
17 #include <linux/hw_random.h>
18 #include <linux/kernel.h>
19 #include <linux/kthread.h>
20 #include <linux/miscdevice.h>
21 #include <linux/module.h>
22 #include <linux/random.h>
23 #include <linux/sched.h>
24 #include <linux/sched/signal.h>
25 #include <linux/slab.h>
26 #include <linux/string.h>
27 #include <linux/uaccess.h>
28 
29 #define RNG_MODULE_NAME		"hw_random"
30 
31 #define RNG_BUFFER_SIZE (SMP_CACHE_BYTES < 32 ? 32 : SMP_CACHE_BYTES)
32 
33 static struct hwrng *current_rng;
34 /* the current rng has been explicitly chosen by user via sysfs */
35 static int cur_rng_set_by_user;
36 static struct task_struct *hwrng_fill;
37 /* list of registered rngs */
38 static LIST_HEAD(rng_list);
39 /* Protects rng_list and current_rng */
40 static DEFINE_MUTEX(rng_mutex);
41 /* Protects rng read functions, data_avail, rng_buffer and rng_fillbuf */
42 static DEFINE_MUTEX(reading_mutex);
43 static int data_avail;
44 static u8 *rng_buffer, *rng_fillbuf;
45 static unsigned short current_quality;
46 static unsigned short default_quality = 1024; /* default to maximum */
47 
48 module_param(current_quality, ushort, 0644);
49 MODULE_PARM_DESC(current_quality,
50 		 "current hwrng entropy estimation per 1024 bits of input -- obsolete, use rng_quality instead");
51 module_param(default_quality, ushort, 0644);
52 MODULE_PARM_DESC(default_quality,
53 		 "default maximum entropy content of hwrng per 1024 bits of input");
54 
55 static void drop_current_rng(void);
56 static int hwrng_init(struct hwrng *rng);
57 static int hwrng_fillfn(void *unused);
58 
59 static inline int rng_get_data(struct hwrng *rng, u8 *buffer, size_t size,
60 			       int wait);
61 
62 static size_t rng_buffer_size(void)
63 {
64 	return RNG_BUFFER_SIZE;
65 }
66 
67 static void add_early_randomness(struct hwrng *rng)
68 {
69 	int bytes_read;
70 
71 	mutex_lock(&reading_mutex);
72 	bytes_read = rng_get_data(rng, rng_fillbuf, 32, 0);
73 	mutex_unlock(&reading_mutex);
74 	if (bytes_read > 0) {
75 		size_t entropy = bytes_read * 8 * rng->quality / 1024;
76 		add_hwgenerator_randomness(rng_fillbuf, bytes_read, entropy, false);
77 	}
78 }
79 
80 static inline void cleanup_rng(struct kref *kref)
81 {
82 	struct hwrng *rng = container_of(kref, struct hwrng, ref);
83 
84 	if (rng->cleanup)
85 		rng->cleanup(rng);
86 
87 	complete(&rng->cleanup_done);
88 }
89 
90 static int set_current_rng(struct hwrng *rng)
91 {
92 	int err;
93 
94 	BUG_ON(!mutex_is_locked(&rng_mutex));
95 
96 	err = hwrng_init(rng);
97 	if (err)
98 		return err;
99 
100 	drop_current_rng();
101 	current_rng = rng;
102 
103 	/* if necessary, start hwrng thread */
104 	if (!hwrng_fill) {
105 		hwrng_fill = kthread_run(hwrng_fillfn, NULL, "hwrng");
106 		if (IS_ERR(hwrng_fill)) {
107 			pr_err("hwrng_fill thread creation failed\n");
108 			hwrng_fill = NULL;
109 		}
110 	}
111 
112 	return 0;
113 }
114 
115 static void drop_current_rng(void)
116 {
117 	BUG_ON(!mutex_is_locked(&rng_mutex));
118 	if (!current_rng)
119 		return;
120 
121 	/* decrease last reference for triggering the cleanup */
122 	kref_put(&current_rng->ref, cleanup_rng);
123 	current_rng = NULL;
124 }
125 
126 /* Returns ERR_PTR(), NULL or refcounted hwrng */
127 static struct hwrng *get_current_rng_nolock(void)
128 {
129 	if (current_rng)
130 		kref_get(&current_rng->ref);
131 
132 	return current_rng;
133 }
134 
135 static struct hwrng *get_current_rng(void)
136 {
137 	struct hwrng *rng;
138 
139 	if (mutex_lock_interruptible(&rng_mutex))
140 		return ERR_PTR(-ERESTARTSYS);
141 
142 	rng = get_current_rng_nolock();
143 
144 	mutex_unlock(&rng_mutex);
145 	return rng;
146 }
147 
148 static void put_rng(struct hwrng *rng)
149 {
150 	/*
151 	 * Hold rng_mutex here so we serialize in case they set_current_rng
152 	 * on rng again immediately.
153 	 */
154 	mutex_lock(&rng_mutex);
155 	if (rng)
156 		kref_put(&rng->ref, cleanup_rng);
157 	mutex_unlock(&rng_mutex);
158 }
159 
160 static int hwrng_init(struct hwrng *rng)
161 {
162 	if (kref_get_unless_zero(&rng->ref))
163 		goto skip_init;
164 
165 	if (rng->init) {
166 		int ret;
167 
168 		ret =  rng->init(rng);
169 		if (ret)
170 			return ret;
171 	}
172 
173 	kref_init(&rng->ref);
174 	reinit_completion(&rng->cleanup_done);
175 
176 skip_init:
177 	rng->quality = min_t(u16, min_t(u16, default_quality, 1024), rng->quality ?: 1024);
178 	current_quality = rng->quality; /* obsolete */
179 
180 	return 0;
181 }
182 
183 static int rng_dev_open(struct inode *inode, struct file *filp)
184 {
185 	/* enforce read-only access to this chrdev */
186 	if ((filp->f_mode & FMODE_READ) == 0)
187 		return -EINVAL;
188 	if (filp->f_mode & FMODE_WRITE)
189 		return -EINVAL;
190 	return 0;
191 }
192 
193 static inline int rng_get_data(struct hwrng *rng, u8 *buffer, size_t size,
194 			int wait) {
195 	int present;
196 
197 	BUG_ON(!mutex_is_locked(&reading_mutex));
198 	if (rng->read)
199 		return rng->read(rng, (void *)buffer, size, wait);
200 
201 	if (rng->data_present)
202 		present = rng->data_present(rng, wait);
203 	else
204 		present = 1;
205 
206 	if (present)
207 		return rng->data_read(rng, (u32 *)buffer);
208 
209 	return 0;
210 }
211 
212 static ssize_t rng_dev_read(struct file *filp, char __user *buf,
213 			    size_t size, loff_t *offp)
214 {
215 	u8 buffer[RNG_BUFFER_SIZE];
216 	ssize_t ret = 0;
217 	int err = 0;
218 	int bytes_read, len;
219 	struct hwrng *rng;
220 
221 	while (size) {
222 		rng = get_current_rng();
223 		if (IS_ERR(rng)) {
224 			err = PTR_ERR(rng);
225 			goto out;
226 		}
227 		if (!rng) {
228 			err = -ENODEV;
229 			goto out;
230 		}
231 
232 		if (mutex_lock_interruptible(&reading_mutex)) {
233 			err = -ERESTARTSYS;
234 			goto out_put;
235 		}
236 		if (!data_avail) {
237 			bytes_read = rng_get_data(rng, rng_buffer,
238 				rng_buffer_size(),
239 				!(filp->f_flags & O_NONBLOCK));
240 			if (bytes_read < 0) {
241 				err = bytes_read;
242 				goto out_unlock_reading;
243 			} else if (bytes_read == 0 &&
244 				   (filp->f_flags & O_NONBLOCK)) {
245 				err = -EAGAIN;
246 				goto out_unlock_reading;
247 			}
248 
249 			data_avail = bytes_read;
250 		}
251 
252 		len = data_avail;
253 		if (len) {
254 			if (len > size)
255 				len = size;
256 
257 			data_avail -= len;
258 
259 			memcpy(buffer, rng_buffer + data_avail, len);
260 		}
261 		mutex_unlock(&reading_mutex);
262 		put_rng(rng);
263 
264 		if (len) {
265 			if (copy_to_user(buf + ret, buffer, len)) {
266 				err = -EFAULT;
267 				goto out;
268 			}
269 
270 			size -= len;
271 			ret += len;
272 		}
273 
274 
275 		if (need_resched())
276 			schedule_timeout_interruptible(1);
277 
278 		if (signal_pending(current)) {
279 			err = -ERESTARTSYS;
280 			goto out;
281 		}
282 	}
283 out:
284 	memzero_explicit(buffer, sizeof(buffer));
285 	return ret ? : err;
286 
287 out_unlock_reading:
288 	mutex_unlock(&reading_mutex);
289 out_put:
290 	put_rng(rng);
291 	goto out;
292 }
293 
294 static const struct file_operations rng_chrdev_ops = {
295 	.owner		= THIS_MODULE,
296 	.open		= rng_dev_open,
297 	.read		= rng_dev_read,
298 	.llseek		= noop_llseek,
299 };
300 
301 static const struct attribute_group *rng_dev_groups[];
302 
303 static struct miscdevice rng_miscdev = {
304 	.minor		= HWRNG_MINOR,
305 	.name		= RNG_MODULE_NAME,
306 	.nodename	= "hwrng",
307 	.fops		= &rng_chrdev_ops,
308 	.groups		= rng_dev_groups,
309 };
310 
311 static int enable_best_rng(void)
312 {
313 	struct hwrng *rng, *new_rng = NULL;
314 	int ret = -ENODEV;
315 
316 	BUG_ON(!mutex_is_locked(&rng_mutex));
317 
318 	/* no rng to use? */
319 	if (list_empty(&rng_list)) {
320 		drop_current_rng();
321 		cur_rng_set_by_user = 0;
322 		return 0;
323 	}
324 
325 	/* use the rng which offers the best quality */
326 	list_for_each_entry(rng, &rng_list, list) {
327 		if (!new_rng || rng->quality > new_rng->quality)
328 			new_rng = rng;
329 	}
330 
331 	ret = ((new_rng == current_rng) ? 0 : set_current_rng(new_rng));
332 	if (!ret)
333 		cur_rng_set_by_user = 0;
334 
335 	return ret;
336 }
337 
338 static ssize_t rng_current_store(struct device *dev,
339 				 struct device_attribute *attr,
340 				 const char *buf, size_t len)
341 {
342 	int err;
343 	struct hwrng *rng, *old_rng, *new_rng;
344 
345 	err = mutex_lock_interruptible(&rng_mutex);
346 	if (err)
347 		return -ERESTARTSYS;
348 
349 	old_rng = current_rng;
350 	if (sysfs_streq(buf, "")) {
351 		err = enable_best_rng();
352 	} else {
353 		list_for_each_entry(rng, &rng_list, list) {
354 			if (sysfs_streq(rng->name, buf)) {
355 				err = set_current_rng(rng);
356 				if (!err)
357 					cur_rng_set_by_user = 1;
358 				break;
359 			}
360 		}
361 	}
362 	new_rng = get_current_rng_nolock();
363 	mutex_unlock(&rng_mutex);
364 
365 	if (new_rng) {
366 		if (new_rng != old_rng)
367 			add_early_randomness(new_rng);
368 		put_rng(new_rng);
369 	}
370 
371 	return err ? : len;
372 }
373 
374 static ssize_t rng_current_show(struct device *dev,
375 				struct device_attribute *attr,
376 				char *buf)
377 {
378 	ssize_t ret;
379 	struct hwrng *rng;
380 
381 	rng = get_current_rng();
382 	if (IS_ERR(rng))
383 		return PTR_ERR(rng);
384 
385 	ret = snprintf(buf, PAGE_SIZE, "%s\n", rng ? rng->name : "none");
386 	put_rng(rng);
387 
388 	return ret;
389 }
390 
391 static ssize_t rng_available_show(struct device *dev,
392 				  struct device_attribute *attr,
393 				  char *buf)
394 {
395 	int err;
396 	struct hwrng *rng;
397 
398 	err = mutex_lock_interruptible(&rng_mutex);
399 	if (err)
400 		return -ERESTARTSYS;
401 	buf[0] = '\0';
402 	list_for_each_entry(rng, &rng_list, list) {
403 		strlcat(buf, rng->name, PAGE_SIZE);
404 		strlcat(buf, " ", PAGE_SIZE);
405 	}
406 	strlcat(buf, "\n", PAGE_SIZE);
407 	mutex_unlock(&rng_mutex);
408 
409 	return strlen(buf);
410 }
411 
412 static ssize_t rng_selected_show(struct device *dev,
413 				 struct device_attribute *attr,
414 				 char *buf)
415 {
416 	return sysfs_emit(buf, "%d\n", cur_rng_set_by_user);
417 }
418 
419 static ssize_t rng_quality_show(struct device *dev,
420 				struct device_attribute *attr,
421 				char *buf)
422 {
423 	ssize_t ret;
424 	struct hwrng *rng;
425 
426 	rng = get_current_rng();
427 	if (IS_ERR(rng))
428 		return PTR_ERR(rng);
429 
430 	if (!rng) /* no need to put_rng */
431 		return -ENODEV;
432 
433 	ret = sysfs_emit(buf, "%hu\n", rng->quality);
434 	put_rng(rng);
435 
436 	return ret;
437 }
438 
439 static ssize_t rng_quality_store(struct device *dev,
440 				 struct device_attribute *attr,
441 				 const char *buf, size_t len)
442 {
443 	u16 quality;
444 	int ret = -EINVAL;
445 
446 	if (len < 2)
447 		return -EINVAL;
448 
449 	ret = mutex_lock_interruptible(&rng_mutex);
450 	if (ret)
451 		return -ERESTARTSYS;
452 
453 	ret = kstrtou16(buf, 0, &quality);
454 	if (ret || quality > 1024) {
455 		ret = -EINVAL;
456 		goto out;
457 	}
458 
459 	if (!current_rng) {
460 		ret = -ENODEV;
461 		goto out;
462 	}
463 
464 	current_rng->quality = quality;
465 	current_quality = quality; /* obsolete */
466 
467 	/* the best available RNG may have changed */
468 	ret = enable_best_rng();
469 
470 out:
471 	mutex_unlock(&rng_mutex);
472 	return ret ? ret : len;
473 }
474 
475 static DEVICE_ATTR_RW(rng_current);
476 static DEVICE_ATTR_RO(rng_available);
477 static DEVICE_ATTR_RO(rng_selected);
478 static DEVICE_ATTR_RW(rng_quality);
479 
480 static struct attribute *rng_dev_attrs[] = {
481 	&dev_attr_rng_current.attr,
482 	&dev_attr_rng_available.attr,
483 	&dev_attr_rng_selected.attr,
484 	&dev_attr_rng_quality.attr,
485 	NULL
486 };
487 
488 ATTRIBUTE_GROUPS(rng_dev);
489 
490 static void __exit unregister_miscdev(void)
491 {
492 	misc_deregister(&rng_miscdev);
493 }
494 
495 static int __init register_miscdev(void)
496 {
497 	return misc_register(&rng_miscdev);
498 }
499 
500 static int hwrng_fillfn(void *unused)
501 {
502 	size_t entropy, entropy_credit = 0; /* in 1/1024 of a bit */
503 	long rc;
504 
505 	while (!kthread_should_stop()) {
506 		unsigned short quality;
507 		struct hwrng *rng;
508 
509 		rng = get_current_rng();
510 		if (IS_ERR(rng) || !rng)
511 			break;
512 		mutex_lock(&reading_mutex);
513 		rc = rng_get_data(rng, rng_fillbuf,
514 				  rng_buffer_size(), 1);
515 		if (current_quality != rng->quality)
516 			rng->quality = current_quality; /* obsolete */
517 		quality = rng->quality;
518 		mutex_unlock(&reading_mutex);
519 
520 		if (rc <= 0)
521 			hwrng_msleep(rng, 10000);
522 
523 		put_rng(rng);
524 
525 		if (rc <= 0)
526 			continue;
527 
528 		/* If we cannot credit at least one bit of entropy,
529 		 * keep track of the remainder for the next iteration
530 		 */
531 		entropy = rc * quality * 8 + entropy_credit;
532 		if ((entropy >> 10) == 0)
533 			entropy_credit = entropy;
534 
535 		/* Outside lock, sure, but y'know: randomness. */
536 		add_hwgenerator_randomness((void *)rng_fillbuf, rc,
537 					   entropy >> 10, true);
538 	}
539 	hwrng_fill = NULL;
540 	return 0;
541 }
542 
543 int hwrng_register(struct hwrng *rng)
544 {
545 	int err = -EINVAL;
546 	struct hwrng *tmp;
547 	bool is_new_current = false;
548 
549 	if (!rng->name || (!rng->data_read && !rng->read))
550 		goto out;
551 
552 	mutex_lock(&rng_mutex);
553 
554 	/* Must not register two RNGs with the same name. */
555 	err = -EEXIST;
556 	list_for_each_entry(tmp, &rng_list, list) {
557 		if (strcmp(tmp->name, rng->name) == 0)
558 			goto out_unlock;
559 	}
560 	list_add_tail(&rng->list, &rng_list);
561 
562 	init_completion(&rng->cleanup_done);
563 	complete(&rng->cleanup_done);
564 	init_completion(&rng->dying);
565 
566 	if (!current_rng ||
567 	    (!cur_rng_set_by_user && rng->quality > current_rng->quality)) {
568 		/*
569 		 * Set new rng as current as the new rng source
570 		 * provides better entropy quality and was not
571 		 * chosen by userspace.
572 		 */
573 		err = set_current_rng(rng);
574 		if (err)
575 			goto out_unlock;
576 		/* to use current_rng in add_early_randomness() we need
577 		 * to take a ref
578 		 */
579 		is_new_current = true;
580 		kref_get(&rng->ref);
581 	}
582 	mutex_unlock(&rng_mutex);
583 	if (is_new_current || !rng->init) {
584 		/*
585 		 * Use a new device's input to add some randomness to
586 		 * the system.  If this rng device isn't going to be
587 		 * used right away, its init function hasn't been
588 		 * called yet by set_current_rng(); so only use the
589 		 * randomness from devices that don't need an init callback
590 		 */
591 		add_early_randomness(rng);
592 	}
593 	if (is_new_current)
594 		put_rng(rng);
595 	return 0;
596 out_unlock:
597 	mutex_unlock(&rng_mutex);
598 out:
599 	return err;
600 }
601 EXPORT_SYMBOL_GPL(hwrng_register);
602 
603 void hwrng_unregister(struct hwrng *rng)
604 {
605 	struct hwrng *old_rng, *new_rng;
606 	int err;
607 
608 	mutex_lock(&rng_mutex);
609 
610 	old_rng = current_rng;
611 	list_del(&rng->list);
612 	complete_all(&rng->dying);
613 	if (current_rng == rng) {
614 		err = enable_best_rng();
615 		if (err) {
616 			drop_current_rng();
617 			cur_rng_set_by_user = 0;
618 		}
619 	}
620 
621 	new_rng = get_current_rng_nolock();
622 	if (list_empty(&rng_list)) {
623 		mutex_unlock(&rng_mutex);
624 		if (hwrng_fill)
625 			kthread_stop(hwrng_fill);
626 	} else
627 		mutex_unlock(&rng_mutex);
628 
629 	if (new_rng) {
630 		if (old_rng != new_rng)
631 			add_early_randomness(new_rng);
632 		put_rng(new_rng);
633 	}
634 
635 	wait_for_completion(&rng->cleanup_done);
636 }
637 EXPORT_SYMBOL_GPL(hwrng_unregister);
638 
639 static void devm_hwrng_release(struct device *dev, void *res)
640 {
641 	hwrng_unregister(*(struct hwrng **)res);
642 }
643 
644 static int devm_hwrng_match(struct device *dev, void *res, void *data)
645 {
646 	struct hwrng **r = res;
647 
648 	if (WARN_ON(!r || !*r))
649 		return 0;
650 
651 	return *r == data;
652 }
653 
654 int devm_hwrng_register(struct device *dev, struct hwrng *rng)
655 {
656 	struct hwrng **ptr;
657 	int error;
658 
659 	ptr = devres_alloc(devm_hwrng_release, sizeof(*ptr), GFP_KERNEL);
660 	if (!ptr)
661 		return -ENOMEM;
662 
663 	error = hwrng_register(rng);
664 	if (error) {
665 		devres_free(ptr);
666 		return error;
667 	}
668 
669 	*ptr = rng;
670 	devres_add(dev, ptr);
671 	return 0;
672 }
673 EXPORT_SYMBOL_GPL(devm_hwrng_register);
674 
675 void devm_hwrng_unregister(struct device *dev, struct hwrng *rng)
676 {
677 	devres_release(dev, devm_hwrng_release, devm_hwrng_match, rng);
678 }
679 EXPORT_SYMBOL_GPL(devm_hwrng_unregister);
680 
681 long hwrng_msleep(struct hwrng *rng, unsigned int msecs)
682 {
683 	unsigned long timeout = msecs_to_jiffies(msecs) + 1;
684 
685 	return wait_for_completion_interruptible_timeout(&rng->dying, timeout);
686 }
687 EXPORT_SYMBOL_GPL(hwrng_msleep);
688 
689 long hwrng_yield(struct hwrng *rng)
690 {
691 	return wait_for_completion_interruptible_timeout(&rng->dying, 1);
692 }
693 EXPORT_SYMBOL_GPL(hwrng_yield);
694 
695 static int __init hwrng_modinit(void)
696 {
697 	int ret;
698 
699 	/* kmalloc makes this safe for virt_to_page() in virtio_rng.c */
700 	rng_buffer = kmalloc(rng_buffer_size(), GFP_KERNEL);
701 	if (!rng_buffer)
702 		return -ENOMEM;
703 
704 	rng_fillbuf = kmalloc(rng_buffer_size(), GFP_KERNEL);
705 	if (!rng_fillbuf) {
706 		kfree(rng_buffer);
707 		return -ENOMEM;
708 	}
709 
710 	ret = register_miscdev();
711 	if (ret) {
712 		kfree(rng_fillbuf);
713 		kfree(rng_buffer);
714 	}
715 
716 	return ret;
717 }
718 
719 static void __exit hwrng_modexit(void)
720 {
721 	mutex_lock(&rng_mutex);
722 	BUG_ON(current_rng);
723 	kfree(rng_buffer);
724 	kfree(rng_fillbuf);
725 	mutex_unlock(&rng_mutex);
726 
727 	unregister_miscdev();
728 }
729 
730 fs_initcall(hwrng_modinit); /* depends on misc_register() */
731 module_exit(hwrng_modexit);
732 
733 MODULE_DESCRIPTION("H/W Random Number Generator (RNG) driver");
734 MODULE_LICENSE("GPL");
735