Stop pulling DRBG code into non-FIPS kernels

[PATCH 09/11] crypto: rng - Make crypto_stdrng_get_bytes() use normal RNG in non-FIPS mode

Posted by Eric Biggers 1 week ago

"stdrng" is needed only in "FIPS mode".  Therefore, make
crypto_stdrng_get_bytes() delegate to either the normal Linux RNG or to
"stdrng", depending on the current mode.

This will eliminate the need to built the SP800-90A DRBG and its
dependencies into CRYPTO_FIPS=n kernels.

Signed-off-by: Eric Biggers <ebiggers@kernel.org>
---
 crypto/rng.c         |  4 ++--
 include/crypto/rng.h | 15 +++++++++++++--
 2 files changed, 15 insertions(+), 4 deletions(-)

diff --git a/crypto/rng.c b/crypto/rng.c
index f52f4793f9ea..1d4b9177bad4 100644
--- a/crypto/rng.c
+++ b/crypto/rng.c
@@ -140,11 +140,11 @@ static void crypto_put_default_rng(void)
 	mutex_lock(&crypto_default_rng_lock);
 	crypto_default_rng_refcnt--;
 	mutex_unlock(&crypto_default_rng_lock);
 }
 
-int crypto_stdrng_get_bytes(void *buf, unsigned int len)
+int __crypto_stdrng_get_bytes(void *buf, unsigned int len)
 {
 	int err;
 
 	err = crypto_get_default_rng();
 	if (err)
@@ -152,11 +152,11 @@ int crypto_stdrng_get_bytes(void *buf, unsigned int len)
 
 	err = crypto_rng_get_bytes(crypto_default_rng, buf, len);
 	crypto_put_default_rng();
 	return err;
 }
-EXPORT_SYMBOL_GPL(crypto_stdrng_get_bytes);
+EXPORT_SYMBOL_GPL(__crypto_stdrng_get_bytes);
 
 #if defined(CONFIG_CRYPTO_RNG) || defined(CONFIG_CRYPTO_RNG_MODULE)
 int crypto_del_default_rng(void)
 {
 	int err = -EBUSY;
diff --git a/include/crypto/rng.h b/include/crypto/rng.h
index f61e037afed9..07f494b2c881 100644
--- a/include/crypto/rng.h
+++ b/include/crypto/rng.h
@@ -10,10 +10,12 @@
 #define _CRYPTO_RNG_H
 
 #include <linux/atomic.h>
 #include <linux/container_of.h>
 #include <linux/crypto.h>
+#include <linux/fips.h>
+#include <linux/random.h>
 
 struct crypto_rng;
 
 /**
  * struct rng_alg - random number generator definition
@@ -55,22 +57,31 @@ struct rng_alg {
 
 struct crypto_rng {
 	struct crypto_tfm base;
 };
 
+int __crypto_stdrng_get_bytes(void *buf, unsigned int len);
+
 /**
  * crypto_stdrng_get_bytes() - get cryptographically secure random bytes
  * @buf: output buffer holding the random numbers
  * @len: length of the output buffer
  *
  * This function fills the caller-allocated buffer with random numbers using the
- * highest-priority "stdrng" algorithm in the crypto_rng subsystem.
+ * normal Linux RNG if fips_enabled=0, or the highest-priority "stdrng"
+ * algorithm in the crypto_rng subsystem if fips_enabled=1.
  *
  * Context: May sleep
  * Return: 0 function was successful; < 0 if an error occurred
  */
-int crypto_stdrng_get_bytes(void *buf, unsigned int len);
+static inline int crypto_stdrng_get_bytes(void *buf, unsigned int len)
+{
+	might_sleep();
+	if (fips_enabled)
+		return __crypto_stdrng_get_bytes(buf, len);
+	return get_random_bytes_wait(buf, len);
+}
 
 /**
  * DOC: Random number generator API
  *
  * The random number generator API is used with the ciphers of type
-- 
2.53.0

[PATCH 01/11] crypto: rng - Add crypto_stdrng_get_bytes()
[PATCH 02/11] crypto: dh - Use crypto_stdrng_get_bytes()
[PATCH 03/11] crypto: ecc - Use crypto_stdrng_get_bytes()
[PATCH 04/11] crypto: geniv - Use crypto_stdrng_get_bytes()
[PATCH 05/11] crypto: hisilicon/hpre - Use crypto_stdrng_get_bytes()
[PATCH 06/11] crypto: intel/keembay-ocs-ecc - Use crypto_stdrng_get_bytes()
[PATCH 07/11] net: tipc: Use crypto_stdrng_get_bytes()
[PATCH 08/11] crypto: rng - Unexport "default RNG" symbols
[PATCH 09/11] crypto: rng - Make crypto_stdrng_get_bytes() use normal RNG in non-FIPS mode
[PATCH 10/11] crypto: fips - Depend on CRYPTO_DRBG=y
[PATCH 11/11] crypto: rng - Don't pull in DRBG when CRYPTO_FIPS=n