Techwizz/kernel-fxtec-pro1x
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

crypto: rng - ensure that the RNG is ready before using

Browse source 
Otherwise, we might be seeding the RNG using bad randomness, which is
dangerous. The one use of this function from within the kernel -- not
from userspace -- is being removed (keys/big_key), so that call site
isn't relevant in assessing this.

Cc: Herbert Xu <herbert@gondor.apana.org.au>
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
This commit is contained in:
Jason A. Donenfeld 2017-07-16 19:22:06 +02:00 committed by Herbert Xu
parent 8a1012d3f2
commit c2176f0098
1 changed files with 4 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

6
crypto/rng.c
View file

@ -43,12 +43,14 @@ int crypto_rng_reset(struct crypto_rng *tfm, const u8 *seed, unsigned int slen)
if (!buf) if (!buf)
return -ENOMEM; return -ENOMEM;
get_random_bytes(buf, slen); err = get_random_bytes_wait(buf, slen);
if (err)
goto out;
seed = buf; seed = buf;
} }
err = crypto_rng_alg(tfm)->seed(tfm, seed, slen); err = crypto_rng_alg(tfm)->seed(tfm, seed, slen);
out:
kzfree(buf); kzfree(buf);
return err; return err;
} }