crypto: rng - ensure that the RNG is ready before using

Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git

kernel os linux

Otherwise, we might be seeding the RNG using bad randomness, which is
dangerous. The one use of this function from within the kernel -- not
from userspace -- is being removed (keys/big_key), so that call site
isn't relevant in assessing this.

Cc: Herbert Xu <herbert@gondor.apana.org.au>
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>

authored by

Jason A. Donenfeld and committed by

Herbert Xu 8 years ago c2176f00 8a1012d3

+4 -2

1 changed file

expand all

crypto

rng.c

+4 -2

crypto/rng.c

··· 43 43 if (!buf) 44 44 return -ENOMEM; 45 45 46 - get_random_bytes(buf, slen); 46 + err = get_random_bytes_wait(buf, slen); 47 + if (err) 48 + goto out; 47 49 seed = buf; 48 50 } 49 51 50 52 err = crypto_rng_alg(tfm)->seed(tfm, seed, slen); 51 - 53 + out: 52 54 kzfree(buf); 53 55 return err; 54 56 }