diff options
| author | Jason A. Donenfeld <Jason@zx2c4.com> | 2021-12-24 19:17:58 +0100 |
|---|---|---|
| committer | Jason A. Donenfeld <Jason@zx2c4.com> | 2022-01-07 00:25:25 +0100 |
| commit | 0d9488ffbf2faddebc6bac055bfa6c93b94056a3 (patch) | |
| tree | 5a2001dbfd86c2f2e65cb37c75f560d515a53852 /drivers/char/random.c | |
| parent | random: use BLAKE2s instead of SHA1 in extraction (diff) | |
| download | linux-0d9488ffbf2faddebc6bac055bfa6c93b94056a3.tar.xz linux-0d9488ffbf2faddebc6bac055bfa6c93b94056a3.zip | |
random: do not sign extend bytes for rotation when mixing
By using `char` instead of `unsigned char`, certain platforms will sign
extend the byte when `w = rol32(*bytes++, input_rotate)` is called,
meaning that bit 7 is overrepresented when mixing. This isn't a real
problem (unless the mixer itself is already broken) since it's still
invertible, but it's not quite correct either. Fix this by using an
explicit unsigned type.
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
Diffstat (limited to 'drivers/char/random.c')
| -rw-r--r-- | drivers/char/random.c | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/drivers/char/random.c b/drivers/char/random.c index 99cce575a79c..82db125aaed7 100644 --- a/drivers/char/random.c +++ b/drivers/char/random.c @@ -546,7 +546,7 @@ static void _mix_pool_bytes(struct entropy_store *r, const void *in, unsigned long i, tap1, tap2, tap3, tap4, tap5; int input_rotate; int wordmask = r->poolinfo->poolwords - 1; - const char *bytes = in; + const unsigned char *bytes = in; __u32 w; tap1 = r->poolinfo->tap1; |