summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorJason A. Donenfeld <Jason@zx2c4.com>2017-07-16 19:22:06 +0200
committerHerbert Xu <herbert@gondor.apana.org.au>2017-07-28 11:56:00 +0200
commitc2176f0098d994050c88d34d37c551d033f2f18f (patch)
treeb419a0bc96214cd9e896da300f380bb3ea013a3c
parentcrypto: stm32 - Support for STM32 HASH module (diff)
downloadlinux-c2176f0098d994050c88d34d37c551d033f2f18f.tar.xz
linux-c2176f0098d994050c88d34d37c551d033f2f18f.zip
crypto: rng - ensure that the RNG is ready before using
Otherwise, we might be seeding the RNG using bad randomness, which is dangerous. The one use of this function from within the kernel -- not from userspace -- is being removed (keys/big_key), so that call site isn't relevant in assessing this. Cc: Herbert Xu <herbert@gondor.apana.org.au> Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
-rw-r--r--crypto/rng.c6
1 files changed, 4 insertions, 2 deletions
diff --git a/crypto/rng.c b/crypto/rng.c
index 5e8469244960..b4a618668161 100644
--- a/crypto/rng.c
+++ b/crypto/rng.c
@@ -43,12 +43,14 @@ int crypto_rng_reset(struct crypto_rng *tfm, const u8 *seed, unsigned int slen)
if (!buf)
return -ENOMEM;
- get_random_bytes(buf, slen);
+ err = get_random_bytes_wait(buf, slen);
+ if (err)
+ goto out;
seed = buf;
}
err = crypto_rng_alg(tfm)->seed(tfm, seed, slen);
-
+out:
kzfree(buf);
return err;
}