crypto: rng - ensure that the RNG is ready before using

Otherwise, we might be seeding the RNG using bad randomness, which is dangerous. The one use of this function from within the kernel -- not from userspace -- is being removed (keys/big_key), so that call site isn't relevant in assessing this. Cc: Herbert Xu <herbert@gondor.apana.org.au> Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
author: Jason A. Donenfeld <Jason@zx2c4.com> 2017-07-16 19:22:06 +0200
committer: Herbert Xu <herbert@gondor.apana.org.au> 2017-07-28 17:56:00 +0800
commit: 218f1f10b8682a183083d49e0f5bfd26af609138 (patch)
tree: 165aeebb77434673ed9355b765ecaf223e1ef0a4 /crypto/rng.c
parent: 0c2a2d0aa6e4c7dcc72800db02f2a7b87b783905 (diff)
download: linux-crypto-218f1f10b8682a183083d49e0f5bfd26af609138.tar.gz
linux-crypto-218f1f10b8682a183083d49e0f5bfd26af609138.zip
1 files changed, 4 insertions, 2 deletions
diff --git a/crypto/rng.c b/crypto/rng.c
index 5e846924..b4a61866 100644
--- a/crypto/rng.c
+++ b/crypto/rng.c
@@ -43,12 +43,14 @@ int crypto_rng_reset(struct crypto_rng *tfm, const u8 *seed, unsigned int slen)
 		if (!buf)
 			return -ENOMEM;
 
-		get_random_bytes(buf, slen);
+		err = get_random_bytes_wait(buf, slen);
+		if (err)
+			goto out;
 		seed = buf;
 	}
 
 	err = crypto_rng_alg(tfm)->seed(tfm, seed, slen);
-
+out:
 	kzfree(buf);
 	return err;
 }
author	Jason A. Donenfeld <Jason@zx2c4.com>	2017-07-16 19:22:06 +0200
committer	Herbert Xu <herbert@gondor.apana.org.au>	2017-07-28 17:56:00 +0800
commit	218f1f10b8682a183083d49e0f5bfd26af609138 (patch)
tree	165aeebb77434673ed9355b765ecaf223e1ef0a4 /crypto/rng.c
parent	0c2a2d0aa6e4c7dcc72800db02f2a7b87b783905 (diff)
download	linux-crypto-218f1f10b8682a183083d49e0f5bfd26af609138.tar.gz linux-crypto-218f1f10b8682a183083d49e0f5bfd26af609138.zip