crypto: drbg - add FIPS 140-2 CTRNG for noise source

	}

}

/*

 * FIPS 140-2 continuous self test for the noise source

 * The test is performed on the noise source input data. Thus, the function

 * implicitly knows the size of the buffer to be equal to the security

 * strength.

 *

 * Note, this function disregards the nonce trailing the entropy data during

 * initial seeding.

 *

 * drbg->drbg_mutex must have been taken.

 *

 * @drbg DRBG handle

 * @entropy buffer of seed data to be checked

 *

 * return:

 *	0 on success

 *	-EAGAIN on when the CTRNG is not yet primed

 *	< 0 on error

 */

static int drbg_fips_continuous_test(struct drbg_state *drbg,

				     const unsigned char *entropy)

{

	unsigned short entropylen = drbg_sec_strength(drbg->core->flags);

	int ret = 0;

	if (!IS_ENABLED(CONFIG_CRYPTO_FIPS))

		return 0;

	/* skip test if we test the overall system */

	if (list_empty(&drbg->test_data.list))

		return 0;

	/* only perform test in FIPS mode */

	if (!fips_enabled)

		return 0;

	if (!drbg->fips_primed) {

		/* Priming of FIPS test */

		memcpy(drbg->prev, entropy, entropylen);

		drbg->fips_primed = true;

		/* priming: another round is needed */

		return -EAGAIN;

	}

	ret = memcmp(drbg->prev, entropy, entropylen);

	if (!ret)

		panic("DRBG continuous self test failed\n");

	memcpy(drbg->prev, entropy, entropylen);

	/* the test shall pass when the two values are not equal */

	return 0;

}

/*

 * Convert an integer into a byte representation of this integer.

 * The byte representation is big-endian

	return ret;

}

static inline int drbg_get_random_bytes(struct drbg_state *drbg,

					unsigned char *entropy,

					unsigned int entropylen)

{

	int ret;

	do {

		get_random_bytes(entropy, entropylen);

		ret = drbg_fips_continuous_test(drbg, entropy);

		if (ret && ret != -EAGAIN)

			return ret;

	} while (ret);

	return 0;

}

static void drbg_async_seed(struct work_struct *work)

{

	struct drbg_string data;

					       seed_work);

	unsigned int entropylen = drbg_sec_strength(drbg->core->flags);

	unsigned char entropy[32];

	int ret;

	BUG_ON(!entropylen);

	BUG_ON(entropylen > sizeof(entropy));

	get_random_bytes(entropy, entropylen);

	drbg_string_fill(&data, entropy, entropylen);

	list_add_tail(&data.list, &seedlist);

	mutex_lock(&drbg->drbg_mutex);

	ret = drbg_get_random_bytes(drbg, entropy, entropylen);

	if (ret)

		goto unlock;

	/* If nonblocking pool is initialized, deactivate Jitter RNG */

	crypto_free_rng(drbg->jent);

	drbg->jent = NULL;

	if (drbg->seeded)

		drbg->reseed_threshold = drbg_max_requests(drbg);

unlock:

	mutex_unlock(&drbg->drbg_mutex);

	memzero_explicit(entropy, entropylen);

		BUG_ON((entropylen * 2) > sizeof(entropy));

		/* Get seed from in-kernel /dev/urandom */

		get_random_bytes(entropy, entropylen);

		ret = drbg_get_random_bytes(drbg, entropy, entropylen);

		if (ret)

			goto out;

		if (!drbg->jent) {

			drbg_string_fill(&data1, entropy, entropylen);

						   entropylen);

			if (ret) {

				pr_devel("DRBG: jent failed with %d\n", ret);

				return ret;

				goto out;

			}

			drbg_string_fill(&data1, entropy, entropylen * 2);

	ret = __drbg_seed(drbg, &seedlist, reseed);

out:

	memzero_explicit(entropy, entropylen * 2);

	return ret;

	drbg->reseed_ctr = 0;

	drbg->d_ops = NULL;

	drbg->core = NULL;

	if (IS_ENABLED(CONFIG_CRYPTO_FIPS)) {

		kzfree(drbg->prev);

		drbg->prev = NULL;

		drbg->fips_primed = false;

	}

}

/*

		drbg->scratchpad = PTR_ALIGN(drbg->scratchpadbuf, ret + 1);

	}

	if (IS_ENABLED(CONFIG_CRYPTO_FIPS)) {

		drbg->prev = kzalloc(drbg_sec_strength(drbg->core->flags),

				     GFP_KERNEL);

		if (!drbg->prev)

			goto fini;

		drbg->fips_primed = false;

	}

	return 0;

fini:

	bool seeded;		/* DRBG fully seeded? */

	bool pr;		/* Prediction resistance enabled? */

	bool fips_primed;	/* Continuous test primed? */

	unsigned char *prev;	/* FIPS 140-2 continuous test value */

	struct work_struct seed_work;	/* asynchronous seeding support */

	struct crypto_rng *jent;

	const struct drbg_state_ops *d_ops;