random: simplify accounting code

With this we handle "reserved" in just one place.  As a bonus the
code becomes less nested, and the "wakeup_write" flag variable
becomes unnecessary.  The variable "flags" was already unused.

This code behaves identically to the previous version except in
two pathological cases that don't occur.  If the argument "nbytes"
is already less than "min", then we didn't previously enforce
"min".  If r->limit is false while "reserved" is nonzero, then we
previously applied "reserved" in checking whether we had enough
bits, even though we don't apply it to actually limit how many we
take.  The callers of account() never exercise either of these cases.

Before the previous commit, it was possible for "nbytes" to be less
than "min" if userspace chose a pathological configuration, but no
longer.

Cc: Jiri Kosina <jkosina@suse.cz>
Cc: "H. Peter Anvin" <hpa@zytor.com>
Signed-off-by: Greg Price <price@mit.edu>
Signed-off-by: "Theodore Ts'o" <tytso@mit.edu>

diff --git a/drivers/char/random.c b/drivers/char/random.c
index 70b8ebf08edd2646a0ae0b932452029b9813870c..ded4339be8f9100d4b7fd6195ff4bbc551fc621c 100644 (file)
--- a/drivers/char/random.c
+++ b/drivers/char/random.c
@@ -964,8 +964,6 @@ static void push_to_pool(struct work_struct *work)
 static size_t account(struct entropy_store *r, size_t nbytes, int min,
                      int reserved)
 {
-       unsigned long flags;
-       int wakeup_write = 0;
        int have_bytes;
        int entropy_count, orig;
        size_t ibytes;
@@ -977,24 +975,19 @@ retry:
        entropy_count = orig = ACCESS_ONCE(r->entropy_count);
        have_bytes = entropy_count >> (ENTROPY_SHIFT + 3);
        ibytes = nbytes;
-       if (have_bytes < min + reserved) {
+       /* If limited, never pull more than available */
+       if (r->limit)
+               ibytes = min_t(size_t, ibytes, have_bytes - reserved);
+       if (ibytes < min)
                ibytes = 0;
-       } else {
-               /* If limited, never pull more than available */
-               if (r->limit)
-                       ibytes = min_t(size_t, ibytes, have_bytes - reserved);
-               entropy_count = max_t(int, 0,
-                           entropy_count - (ibytes << (ENTROPY_SHIFT + 3)));
-               if (cmpxchg(&r->entropy_count, orig, entropy_count) != orig)
-                       goto retry;
-
-               if ((r->entropy_count >> ENTROPY_SHIFT)
-                   < random_write_wakeup_thresh)
-                       wakeup_write = 1;
-       }
+       entropy_count = max_t(int, 0,
+                             entropy_count - (ibytes << (ENTROPY_SHIFT + 3)));
+       if (cmpxchg(&r->entropy_count, orig, entropy_count) != orig)
+               goto retry;
 
        trace_debit_entropy(r->name, 8 * ibytes);
-       if (wakeup_write) {
+       if (ibytes &&
+           (r->entropy_count >> ENTROPY_SHIFT) < random_write_wakeup_thresh) {
                wake_up_interruptible(&random_write_wait);
                kill_fasync(&fasync, SIGIO, POLL_OUT);
        }