aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorJason A. Donenfeld <Jason@zx2c4.com>2017-06-03 15:37:08 +0200
committerJason A. Donenfeld <Jason@zx2c4.com>2017-07-16 19:18:30 +0200
commit201f263d41a7997f476ce31651f5718ce1167693 (patch)
tree8a28bd3db986680dd7b72e1a9446606715ef6a41
parentsecurity/keys: ensure RNG is seeded before use (diff)
downloadlinux-dev-201f263d41a7997f476ce31651f5718ce1167693.tar.xz
linux-dev-201f263d41a7997f476ce31651f5718ce1167693.zip
crypto/rng: ensure that the RNG is ready before using
Otherwise, we might be seeding the RNG using bad randomness, which is dangerous. The one use of this function from within the kernel -- not from userspace -- is being removed (keys/big_key), so that call site isn't relevant in assessing this. Cc: Herbert Xu <herbert@gondor.apana.org.au> Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
-rw-r--r--crypto/rng.c6
1 files changed, 4 insertions, 2 deletions
diff --git a/crypto/rng.c b/crypto/rng.c
index 5e8469244960..b4a618668161 100644
--- a/crypto/rng.c
+++ b/crypto/rng.c
@@ -43,12 +43,14 @@ int crypto_rng_reset(struct crypto_rng *tfm, const u8 *seed, unsigned int slen)
if (!buf)
return -ENOMEM;
- get_random_bytes(buf, slen);
+ err = get_random_bytes_wait(buf, slen);
+ if (err)
+ goto out;
seed = buf;
}
err = crypto_rng_alg(tfm)->seed(tfm, seed, slen);
-
+out:
kzfree(buf);
return err;
}