crypto: rng - Add crypto_stdrng_get_bytes()

All callers of crypto_get_default_rng() use the following sequence: crypto_get_default_rng() crypto_rng_get_bytes(crypto_default_rng, ...) crypto_put_default_rng() While it may have been intended that callers amortize the cost of getting and putting the "default RNG" (i.e. "stdrng") over multiple calls, in practice that optimization is never used. The callers just want a function that gets random bytes from the "stdrng". Therefore, add such a function: crypto_stdrng_get_bytes(). Importantly, this decouples the callers from the crypto_rng API. That allows a later commit to make this function simply call get_random_bytes_wait() unless the kernel is in "FIPS mode". Signed-off-by: Eric Biggers <ebiggers@kernel.org> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2026-04-18 03:23:53 -04:00 · 2026-03-25 17:14:57 -07:00
parent 590fa5d69c
commit 52b84667bb
2 changed files with 27 additions and 0 deletions
--- a/crypto/rng.c
+++ b/crypto/rng.c
@@ -145,6 +145,20 @@ void crypto_put_default_rng(void)
 }
 EXPORT_SYMBOL_GPL(crypto_put_default_rng);

+int crypto_stdrng_get_bytes(void *buf, unsigned int len)
+{
+	int err;
+
+	err = crypto_get_default_rng();
+	if (err)
+		return err;
+
+	err = crypto_rng_get_bytes(crypto_default_rng, buf, len);
+	crypto_put_default_rng();
+	return err;
+}
+EXPORT_SYMBOL_GPL(crypto_stdrng_get_bytes);
+
 #if defined(CONFIG_CRYPTO_RNG) || defined(CONFIG_CRYPTO_RNG_MODULE)
 int crypto_del_default_rng(void)
 {