From owner-svn-src-head@freebsd.org  Sun Jul 19 16:05:24 2015
Return-Path: <owner-svn-src-head@freebsd.org>
Delivered-To: svn-src-head@mailman.ysv.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org
 [IPv6:2001:1900:2254:206a::19:1])
 by mailman.ysv.freebsd.org (Postfix) with ESMTP id B27309A5E55;
 Sun, 19 Jul 2015 16:05:24 +0000 (UTC)
 (envelope-from markm@FreeBSD.org)
Received: from repo.freebsd.org (repo.freebsd.org
 [IPv6:2001:1900:2254:2068::e6a:0])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (Client did not present a certificate)
 by mx1.freebsd.org (Postfix) with ESMTPS id 853E31612;
 Sun, 19 Jul 2015 16:05:24 +0000 (UTC)
 (envelope-from markm@FreeBSD.org)
Received: from repo.freebsd.org ([127.0.1.70])
 by repo.freebsd.org (8.14.9/8.14.9) with ESMTP id t6JG5N5M038486;
 Sun, 19 Jul 2015 16:05:23 GMT (envelope-from markm@FreeBSD.org)
Received: (from markm@localhost)
 by repo.freebsd.org (8.14.9/8.14.9/Submit) id t6JG5NV0038485;
 Sun, 19 Jul 2015 16:05:23 GMT (envelope-from markm@FreeBSD.org)
Message-Id: <201507191605.t6JG5NV0038485@repo.freebsd.org>
X-Authentication-Warning: repo.freebsd.org: markm set sender to
 markm@FreeBSD.org using -f
From: Mark Murray <markm@FreeBSD.org>
Date: Sun, 19 Jul 2015 16:05:23 +0000 (UTC)
To: src-committers@freebsd.org, svn-src-all@freebsd.org,
 svn-src-head@freebsd.org
Subject: svn commit: r285690 - head/sys/dev/random
X-SVN-Group: head
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
X-BeenThere: svn-src-head@freebsd.org
X-Mailman-Version: 2.1.20
Precedence: list
List-Id: SVN commit messages for the src tree for head/-current
 <svn-src-head.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/options/svn-src-head>,
 <mailto:svn-src-head-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/svn-src-head/>
List-Post: <mailto:svn-src-head@freebsd.org>
List-Help: <mailto:svn-src-head-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/svn-src-head>,
 <mailto:svn-src-head-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Sun, 19 Jul 2015 16:05:24 -0000

Author: markm
Date: Sun Jul 19 16:05:23 2015
New Revision: 285690
URL: https://svnweb.freebsd.org/changeset/base/285690

Log:
  Optimise the buffer-size calculation. It was possible to get one block too many.
  
  Approved by:	so (/dev/random blanket)

Modified:
  head/sys/dev/random/randomdev.c

Modified: head/sys/dev/random/randomdev.c
==============================================================================
--- head/sys/dev/random/randomdev.c	Sun Jul 19 15:44:51 2015	(r285689)
+++ head/sys/dev/random/randomdev.c	Sun Jul 19 16:05:23 2015	(r285690)
@@ -64,6 +64,9 @@ __FBSDID("$FreeBSD$");
 
 #define	RANDOM_UNIT	0
 
+/* Return the largest number >= x that is a multiple of m */
+#define CEIL_TO_MULTIPLE(x, m) ((((x) + (m) - 1)/(m))*(m))
+
 static d_read_t randomdev_read;
 static d_write_t randomdev_write;
 static d_poll_t randomdev_poll;
@@ -191,15 +194,15 @@ read_random_uio(struct uio *uio, bool no
 			 * which is what the underlying generator is expecting.
 			 * See the random_buf size requirements in the Yarrow/Fortuna code.
 			 */
-			read_len += RANDOM_BLOCKSIZE;
-			read_len -= read_len % RANDOM_BLOCKSIZE;
+			read_len = CEIL_TO_MULTIPLE(read_len, RANDOM_BLOCKSIZE);
+			/* Work in chunks page-sized or less */
 			read_len = MIN(read_len, PAGE_SIZE);
 			random_alg_context.ra_read(random_buf, read_len);
 			c = MIN(uio->uio_resid, read_len);
 			error = uiomove(random_buf, c, uio);
 			total_read += c;
 		}
-		if (total_read != uio->uio_resid && (error == ERESTART || error == EINTR) )
+		if (total_read != uio->uio_resid && (error == ERESTART || error == EINTR))
 			/* Return partial read, not error. */
 			error = 0;
 	}
@@ -217,7 +220,7 @@ read_random_uio(struct uio *uio, bool no
 u_int
 read_random(void *random_buf, u_int len)
 {
-	u_int read_len, total_read, c;
+	u_int read_len;
 	uint8_t local_buf[len + RANDOM_BLOCKSIZE];
 
 	KASSERT(random_buf != NULL, ("No suitable random buffer in %s", __func__));
@@ -228,22 +231,16 @@ read_random(void *random_buf, u_int len)
 		/* XXX: FIX!! Next line as an atomic operation? */
 		read_rate += (len + sizeof(uint32_t))/sizeof(uint32_t);
 #endif
-		read_len = len;
-		/*
-		 * Belt-and-braces.
-		 * Round up the read length to a crypto block size multiple,
-		 * which is what the underlying generator is expecting.
-		 */
-		read_len += RANDOM_BLOCKSIZE;
-		read_len -= read_len % RANDOM_BLOCKSIZE;
-		total_read = 0;
-		while (read_len) {
-			c = MIN(read_len, PAGE_SIZE);
-			random_alg_context.ra_read(&local_buf[total_read], c);
-			read_len -= c;
-			total_read += c;
+		if (len > 0) {
+			/*
+			 * Belt-and-braces.
+			 * Round up the read length to a crypto block size multiple,
+			 * which is what the underlying generator is expecting.
+			 */
+			read_len = CEIL_TO_MULTIPLE(len, RANDOM_BLOCKSIZE);
+			random_alg_context.ra_read(local_buf, read_len);
+			memcpy(random_buf, local_buf, len);
 		}
-		memcpy(random_buf, local_buf, len);
 	} else
 		len = 0;
 	return (len);