| Stephan Mueller reported to me recently a error in random number generation in |
| the ansi cprng. If several small requests are made that are less than the |
| instances block size, the remainder for loop code doesn't increment |
| rand_data_valid in the last iteration, meaning that the last bytes in the |
| rand_data buffer gets reused on the subsequent smaller-than-a-block request for |
| random data. |
| |
| The fix is pretty easy, just re-code the for loop to make sure that |
| rand_data_valid gets incremented appropriately |
| |
| Signed-off-by: Neil Horman <nhorman@tuxdriver.com> |
| Reported-by: Stephan Mueller <stephan.mueller@atsec.com> |
| CC: Stephan Mueller <stephan.mueller@atsec.com> |
| CC: Petr Matousek <pmatouse@redhat.com> |
| CC: Herbert Xu <herbert@gondor.apana.org.au> |
| CC: "David S. Miller" <davem@davemloft.net> |
| |
| crypto/ansi_cprng.c | 4 ++-- |
| 1 file changed, 2 insertions(+), 2 deletions(-) |
| |
| diff --git a/crypto/ansi_cprng.c b/crypto/ansi_cprng.c |
| index c0bb377..666f196 100644 |
| |
| |
| @@ -230,11 +230,11 @@ remainder: |
| */ |
| if (byte_count < DEFAULT_BLK_SZ) { |
| empty_rbuf: |
| - for (; ctx->rand_data_valid < DEFAULT_BLK_SZ; |
| - ctx->rand_data_valid++) { |
| + while (ctx->rand_data_valid < DEFAULT_BLK_SZ) { |
| *ptr = ctx->rand_data[ctx->rand_data_valid]; |
| ptr++; |
| byte_count--; |
| + ctx->rand_data_valid++; |
| if (byte_count == 0) |
| goto done; |
| } |
| -- |
| 1.8.3.1 |