hermit/syscalls/
entropy.rs

1#[cfg(not(feature = "newlib"))]
2use core::mem::size_of;
3use core::slice;
4
5use hermit_sync::TicketMutex;
6
7use crate::arch;
8use crate::entropy::{self, Flags};
9use crate::errno::EINVAL;
10
11static PARK_MILLER_LEHMER_SEED: TicketMutex<u32> = TicketMutex::new(0);
12const RAND_MAX: u64 = 0x7fff_ffff;
13
14fn generate_park_miller_lehmer_random_number() -> u32 {
15	let mut seed = PARK_MILLER_LEHMER_SEED.lock();
16	let random = ((u64::from(*seed) * 48271) % RAND_MAX) as u32;
17	*seed = random;
18	random
19}
20
21unsafe fn read_entropy(buf: *mut u8, len: usize, flags: u32) -> isize {
22	let Some(flags) = Flags::from_bits(flags) else {
23		return -EINVAL as isize;
24	};
25
26	let buf = unsafe {
27		// Cap the number of bytes to be read at a time to isize::MAX to uphold
28		// the safety guarantees of `from_raw_parts`.
29		let len = usize::min(len, isize::MAX as usize);
30		buf.write_bytes(0, len);
31		slice::from_raw_parts_mut(buf, len)
32	};
33
34	let ret = entropy::read(buf, flags);
35	if ret < 0 {
36		warn!("Unable to read entropy! Fallback to a naive implementation!");
37		for i in &mut *buf {
38			*i = (generate_park_miller_lehmer_random_number() & 0xff)
39				.try_into()
40				.unwrap();
41		}
42		buf.len().try_into().unwrap()
43	} else {
44		ret
45	}
46}
47
48unsafe extern "C" fn __sys_read_entropy(buf: *mut u8, len: usize, flags: u32) -> isize {
49	unsafe { read_entropy(buf, len, flags) }
50}
51
52/// Fill `len` bytes in `buf` with cryptographically secure random data.
53///
54/// Returns either the number of bytes written to buf (a positive value) or
55/// * `-EINVAL` if `flags` contains unknown flags.
56/// * `-ENOSYS` if the system does not support random data generation.
57#[unsafe(no_mangle)]
58pub unsafe extern "C" fn sys_read_entropy(buf: *mut u8, len: usize, flags: u32) -> isize {
59	unsafe { kernel_function!(__sys_read_entropy(buf, len, flags)) }
60}
61
62/// Create a cryptographicly secure 32bit random number with the support of
63/// the underlying hardware. If the required hardware isn't available,
64/// the function returns `-1`.
65#[cfg(not(feature = "newlib"))]
66#[hermit_macro::system]
67#[unsafe(no_mangle)]
68pub unsafe extern "C" fn sys_secure_rand32(value: *mut u32) -> i32 {
69	let mut buf = value.cast();
70	let mut len = size_of::<u32>();
71	while len != 0 {
72		let res = unsafe { read_entropy(buf, len, 0) };
73		if res < 0 {
74			return -1;
75		}
76
77		buf = unsafe { buf.add(res as usize) };
78		len -= res as usize;
79	}
80
81	0
82}
83
84/// Create a cryptographicly secure 64bit random number with the support of
85/// the underlying hardware. If the required hardware isn't available,
86/// the function returns -1.
87#[cfg(not(feature = "newlib"))]
88#[hermit_macro::system]
89#[unsafe(no_mangle)]
90pub unsafe extern "C" fn sys_secure_rand64(value: *mut u64) -> i32 {
91	let mut buf = value.cast();
92	let mut len = size_of::<u64>();
93	while len != 0 {
94		let res = unsafe { read_entropy(buf, len, 0) };
95		if res < 0 {
96			return -1;
97		}
98
99		buf = unsafe { buf.add(res as usize) };
100		len -= res as usize;
101	}
102
103	0
104}
105
106/// The function computes a sequence of pseudo-random integers
107/// in the range of 0 to RAND_MAX
108#[hermit_macro::system]
109#[unsafe(no_mangle)]
110pub extern "C" fn sys_rand() -> u32 {
111	generate_park_miller_lehmer_random_number()
112}
113
114/// The function sets its argument as the seed for a new sequence
115/// of pseudo-random numbers to be returned by rand()
116#[hermit_macro::system]
117#[unsafe(no_mangle)]
118pub extern "C" fn sys_srand(seed: u32) {
119	*(PARK_MILLER_LEHMER_SEED.lock()) = seed;
120}
121
122pub(crate) fn init_entropy() {
123	let seed: u32 = arch::processor::get_timestamp() as u32;
124
125	*PARK_MILLER_LEHMER_SEED.lock() = seed;
126}