Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit d8a66849 authored by Dominik Brodowski's avatar Dominik Brodowski Committed by Greg Kroah-Hartman
Browse files

random: fix locking for crng_init in crng_reseed() 



commit 7191c628fe07b70d3f37de736d173d1b115396ed upstream.

crng_init is protected by primary_crng->lock. Therefore, we need
to hold this lock when increasing crng_init to 2. As we shouldn't
hold this lock for too long, only hold it for those parts which
require protection.

Signed-off-by: default avatarDominik Brodowski <linux@dominikbrodowski.net>
Reviewed-by: default avatarEric Biggers <ebiggers@google.com>
Signed-off-by: default avatarJason A. Donenfeld <Jason@zx2c4.com>
Signed-off-by: default avatarGreg Kroah-Hartman <gregkh@linuxfoundation.org>
parent b1d56113

drivers/char/random.c

+6 −3
Original line number Diff line number Diff line
@@ -500,6 +500,7 @@ static void crng_reseed(void) 
	int entropy_count;

	unsigned long next_gen;

	u8 key[CHACHA_KEY_SIZE];

	bool finalize_init = false;



	/*

	 * First we make sure we have POOL_MIN_BITS of entropy in the pool,
@@ -527,12 +528,14 @@ static void crng_reseed(void) 
		++next_gen;

	WRITE_ONCE(base_crng.generation, next_gen);

	WRITE_ONCE(base_crng.birth, jiffies);

	spin_unlock_irqrestore(&base_crng.lock, flags);

	memzero_explicit(key, sizeof(key));



	if (crng_init < 2) {

		invalidate_batched_entropy();

		crng_init = 2;

		finalize_init = true;

	}

	spin_unlock_irqrestore(&base_crng.lock, flags);

	memzero_explicit(key, sizeof(key));

	if (finalize_init) {

		process_random_ready_list();

		wake_up_interruptible(&crng_init_wait);

		kill_fasync(&fasync, SIGIO, POLL_IN);