diff options
| author | Thomas Gleixner <tglx@linutronix.de> | 2020-06-30 12:07:51 +0200 |
|---|---|---|
| committer | Thomas Gleixner <tglx@linutronix.de> | 2020-06-30 12:07:51 +0200 |
| commit | 775a75f3d61c6fc82bedc5b727784d3cb7089d81 (patch) | |
| tree | b2869d8a2378b79448add1f41f01982b7fae82fb /crypto/drbg.c | |
| parent | 3278a1722acf54316ac94db3f3a83aed32857edc (diff) | |
| parent | d2868ae33ab257f2273d436b38cc390414a9384f (diff) | |
| download | linux-crypto-775a75f3d61c6fc82bedc5b727784d3cb7089d81.tar.gz linux-crypto-775a75f3d61c6fc82bedc5b727784d3cb7089d81.zip | |
Merge tag 'irqchip-fixes-5.8-1' of git://git.kernel.org/pub/scm/linux/kernel/git/maz/arm-platforms into irq/urgent
Pull irqchip fixes from Marc Zyngier:
- Fix atomicity of affinity update in the GIC driver
- Don't sleep in atomic when waiting for a GICv4.1 RD to respond
- Fix a couple of typos in user-visible messages
Diffstat (limited to 'crypto/drbg.c')
| -rw-r--r-- | crypto/drbg.c | 30 |
1 files changed, 22 insertions, 8 deletions
diff --git a/crypto/drbg.c b/crypto/drbg.c index b6929eb5..37526eb8 100644 --- a/crypto/drbg.c +++ b/crypto/drbg.c @@ -1087,10 +1087,6 @@ static void drbg_async_seed(struct work_struct *work) if (ret) goto unlock; - /* If nonblocking pool is initialized, deactivate Jitter RNG */ - crypto_free_rng(drbg->jent); - drbg->jent = NULL; - /* Set seeded to false so that if __drbg_seed fails the * next generate call will trigger a reseed. */ @@ -1168,7 +1164,23 @@ static int drbg_seed(struct drbg_state *drbg, struct drbg_string *pers, entropylen); if (ret) { pr_devel("DRBG: jent failed with %d\n", ret); - goto out; + + /* + * Do not treat the transient failure of the + * Jitter RNG as an error that needs to be + * reported. The combined number of the + * maximum reseed threshold times the maximum + * number of Jitter RNG transient errors is + * less than the reseed threshold required by + * SP800-90A allowing us to treat the + * transient errors as such. + * + * However, we mandate that at least the first + * seeding operation must succeed with the + * Jitter RNG. + */ + if (!reseed || ret != -EAGAIN) + goto out; } drbg_string_fill(&data1, entropy, entropylen * 2); @@ -1294,8 +1306,10 @@ static inline int drbg_alloc_state(struct drbg_state *drbg) if (IS_ENABLED(CONFIG_CRYPTO_FIPS)) { drbg->prev = kzalloc(drbg_sec_strength(drbg->core->flags), GFP_KERNEL); - if (!drbg->prev) + if (!drbg->prev) { + ret = -ENOMEM; goto fini; + } drbg->fips_primed = false; } @@ -1492,6 +1506,8 @@ static int drbg_prepare_hrng(struct drbg_state *drbg) if (list_empty(&drbg->test_data.list)) return 0; + drbg->jent = crypto_alloc_rng("jitterentropy_rng", 0, 0); + INIT_WORK(&drbg->seed_work, drbg_async_seed); drbg->random_ready.owner = THIS_MODULE; @@ -1512,8 +1528,6 @@ static int drbg_prepare_hrng(struct drbg_state *drbg) return err; } - drbg->jent = crypto_alloc_rng("jitterentropy_rng", 0, 0); - /* * Require frequent reseeds until the seed source is fully * initialized. |