crypto: drbg - make drbg_fips_continuous_test() return bool

Currently, drbg_fips_continuous_test() only returns 0 and -EAGAIN, so an
early return from the *do*/*while* loop in drbg_get_random_bytes() just
isn't possible. Make drbg_fips_continuous_test() return bool instead of
*int* (using true instead of 0 and false instead of -EAGAIN). This way,
we can further simplify drbg_get_random_bytes()...

Found by Linux Verification Center (linuxtesting.org) with the Svace static
analysis tool.

Suggested-by: Herbert Xu <herbert@gondor.apana.org.au>
Signed-off-by: Sergey Shtylyov <s.shtylyov@omp.ru>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>

diff --git a/crypto/drbg.c b/crypto/drbg.c
index ab7da601a87fa1762a61a86b6d76c327c6ca7542..72d1d130dcc88a914adea7548af8b2da9fca7f6c 100644 (file)
--- a/crypto/drbg.c
+++ b/crypto/drbg.c
@@ -226,38 +226,37 @@ static inline unsigned short drbg_sec_strength(drbg_flag_t flags)
  * @entropy buffer of seed data to be checked
  *
  * return:
- *     0 on success
- *     -EAGAIN on when the CTRNG is not yet primed
- *     < 0 on error
+ *     %true on success
+ *     %false when the CTRNG is not yet primed
  */
-static int drbg_fips_continuous_test(struct drbg_state *drbg,
-                                    const unsigned char *entropy)
+static bool drbg_fips_continuous_test(struct drbg_state *drbg,
+                                     const unsigned char *entropy)
 {
        unsigned short entropylen = drbg_sec_strength(drbg->core->flags);
 
        if (!IS_ENABLED(CONFIG_CRYPTO_FIPS))
-               return 0;
+               return true;
 
        /* skip test if we test the overall system */
        if (list_empty(&drbg->test_data.list))
-               return 0;
+               return true;
        /* only perform test in FIPS mode */
        if (!fips_enabled)
-               return 0;
+               return true;
 
        if (!drbg->fips_primed) {
                /* Priming of FIPS test */
                memcpy(drbg->prev, entropy, entropylen);
                drbg->fips_primed = true;
                /* priming: another round is needed */
-               return -EAGAIN;
+               return false;
        }
        if (!memcmp(drbg->prev, entropy, entropylen))
                panic("DRBG continuous self test failed\n");
        memcpy(drbg->prev, entropy, entropylen);
 
        /* the test shall pass when the two values are not equal */
-       return 0;
+       return true;
 }
 
 /******************************************************************
@@ -847,14 +846,9 @@ static inline int drbg_get_random_bytes(struct drbg_state *drbg,
                                        unsigned char *entropy,
                                        unsigned int entropylen)
 {
-       int ret;
-
-       do {
+       do
                get_random_bytes(entropy, entropylen);
-               ret = drbg_fips_continuous_test(drbg, entropy);
-               if (ret && ret != -EAGAIN)
-                       return ret;
-       } while (ret);
+       while (!drbg_fips_continuous_test(drbg, entropy));
 
        return 0;
 }