shithub: riscv

Download patch

ref: 7713145638f45c07c47b9ef8c859d518d88f6127
parent: a12180612649d5aebb2ca7e6c7727c41becb4549
author: cinap_lenrek <[email protected]>
date: Sat Sep 10 22:09:07 EDT 2016

kernel: make randomread() fault reentrant

we now access the user buffer in randomread() outside of the lock,
only copying and advancing the chacha state under the lock. this
means we can use randomread() within the fault handling path now
without fearing deadlock. this also allows multiple readers to
generate random numbers in parallel.

--- a/sys/src/9/port/random.c
+++ b/sys/src/9/port/random.c
@@ -86,22 +86,37 @@
 }
 
 ulong
-randomread(void *xp, ulong n)
+randomread(void *p, ulong n)
 {
+	Chachastate c;
+	ulong b;
+
 	if(n == 0)
 		return 0;
 
 	if(hwrandbuf != nil)
-		(*hwrandbuf)(xp, n);
+		(*hwrandbuf)(p, n);
 
-	if(waserror()){
-		qunlock(rs);
-		nexterror();
-	}
+	/* copy chacha state and advance block counter */
 	qlock(rs);
-	chacha_encrypt((uchar*)xp, n, rs);
+	c = *rs;
+	b = rs->input[12];
+	rs->input[12] += (n + ChachaBsize-1)/ChachaBsize;
+	if(rs->input[12] < b) rs->input[13]++;
 	qunlock(rs);
-	poperror();
 
+	/* encrypt the buffer, can fault */
+	chacha_encrypt((uchar*)p, n, &c);
+
+	/* prevent state leakage */
+	memset(&c, 0, sizeof(c));
+
 	return n;
+}
+
+/* used by fastrand() */
+void
+genrandom(uchar *p, int n)
+{
+	randomread(p, n);
 }