@@ -243,6 +243,20 @@ do { \
#define net_random() prandom_u32()
#define net_srandom(seed) prandom_seed((__force u32)(seed))
+bool __net_get_random_once(void *buf, int nbytes, bool *done);
+
+/* BE CAREFUL: this function is not interrupt safe */
+#define net_get_random_once(buf, nbytes) \
+ ({ \
+ static bool ___done = false; \
+ bool ___ret = false; \
+ if (unlikely(!___done)) \
+ ___ret = __net_get_random_once(buf, \
+ nbytes, \
+ &___done); \
+ ___ret; \
+ })
+
extern int kernel_sendmsg(struct socket *sock, struct msghdr *msg,
struct kvec *vec, size_t num, size_t len);
extern int kernel_recvmsg(struct socket *sock, struct msghdr *msg,
@@ -338,3 +338,24 @@ void inet_proto_csum_replace16(__sum16 *sum, struct sk_buff *skb,
csum_unfold(*sum)));
}
EXPORT_SYMBOL(inet_proto_csum_replace16);
+
+bool __net_get_random_once(void *buf, int nbytes, bool *done)
+{
+ static DEFINE_SPINLOCK(lock);
+
+ spin_lock_bh(&lock);
+ if (*done) {
+ spin_unlock_bh(&lock);
+ return false;
+ }
+
+ get_random_bytes(buf, nbytes);
+ /* Make sure random data is published before toggeling done.
+ * There is no corresponding rmb.
+ */
+ smp_wmb();
+ *done = true;
+ spin_unlock_bh(&lock);
+ return true;
+}
+EXPORT_SYMBOL(__net_get_random_once);
net_get_random_once is a new macro which handles the initialization of secret keys. It is possible to call it in the fast path. Only the initialization depends on the spinlock and is rather slow. Otherwise it should get used just before the key is used to delay the entropy extration as late as possible to get better randomness. It returns true if the key got initialized. Cc: Eric Dumazet <edumazet@google.com> Cc: "David S. Miller" <davem@davemloft.net> Signed-off-by: Hannes Frederic Sowa <hannes@stressinduktion.org> --- include/linux/net.h | 14 ++++++++++++++ net/core/utils.c | 21 +++++++++++++++++++++ 2 files changed, 35 insertions(+)