random: don't try to look at entropy_count outside the lock
As a non-atomic value, it's only safe to look at entropy_count when the
pool lock is held, so we move the BUG_ON inside the lock for correctness.
Also remove the spurious comment. It's ok for entropy_count to
temporarily exceed POOLBITS so long as it's left in a consistent state
when the lock is released.
This is a more correct, simple, and idiomatic fix for the bug in
8b76f46a2d
. I've left the reorderings introduced by that patch in place
as they're harmless, even though they don't properly deal with potential
atomicity issues.
Signed-off-by: Matt Mackall <mpm@selenic.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
This commit is contained in:
parent
71183c9480
commit
cda796a3d5
1 changed files with 2 additions and 3 deletions
|
@ -407,7 +407,7 @@ struct entropy_store {
|
|||
/* read-write data: */
|
||||
spinlock_t lock;
|
||||
unsigned add_ptr;
|
||||
int entropy_count; /* Must at no time exceed ->POOLBITS! */
|
||||
int entropy_count;
|
||||
int input_rotate;
|
||||
};
|
||||
|
||||
|
@ -767,11 +767,10 @@ static size_t account(struct entropy_store *r, size_t nbytes, int min,
|
|||
{
|
||||
unsigned long flags;
|
||||
|
||||
BUG_ON(r->entropy_count > r->poolinfo->POOLBITS);
|
||||
|
||||
/* Hold lock while accounting */
|
||||
spin_lock_irqsave(&r->lock, flags);
|
||||
|
||||
BUG_ON(r->entropy_count > r->poolinfo->POOLBITS);
|
||||
DEBUG_ENT("trying to extract %d bits from %s\n",
|
||||
nbytes * 8, r->name);
|
||||
|
||||
|
|
Loading…
Reference in a new issue