diff options
| author | Ingo Molnar <mingo@elte.hu> | 2009-03-31 01:53:32 +0400 |
|---|---|---|
| committer | Ingo Molnar <mingo@elte.hu> | 2009-03-31 01:53:32 +0400 |
| commit | 65fb0d23fcddd8697c871047b700c78817bdaa43 (patch) | |
| tree | 119e6e5f276622c4c862f6c9b6d795264ba1603a /crypto/ansi_cprng.c | |
| parent | 8c083f081d0014057901c68a0a3e0f8ca7ac8d23 (diff) | |
| parent | dfbbe89e197a77f2c8046a51c74e33e35f878080 (diff) | |
| download | linux-65fb0d23fcddd8697c871047b700c78817bdaa43.tar.xz | |
Merge branch 'linus' into cpumask-for-linus
Conflicts:
arch/x86/kernel/cpu/common.c
Diffstat (limited to 'crypto/ansi_cprng.c')
| -rw-r--r-- | crypto/ansi_cprng.c | 17 |
1 files changed, 16 insertions, 1 deletions
diff --git a/crypto/ansi_cprng.c b/crypto/ansi_cprng.c index 0fac8ffc2fb7..d80ed4c1e009 100644 --- a/crypto/ansi_cprng.c +++ b/crypto/ansi_cprng.c @@ -132,9 +132,15 @@ static int _get_more_prng_bytes(struct prng_context *ctx) */ if (!memcmp(ctx->rand_data, ctx->last_rand_data, DEFAULT_BLK_SZ)) { + if (fips_enabled) { + panic("cprng %p Failed repetition check!\n", + ctx); + } + printk(KERN_ERR "ctx %p Failed repetition check!\n", ctx); + ctx->flags |= PRNG_NEED_RESET; return -EINVAL; } @@ -338,7 +344,16 @@ static int cprng_init(struct crypto_tfm *tfm) spin_lock_init(&ctx->prng_lock); - return reset_prng_context(ctx, NULL, DEFAULT_PRNG_KSZ, NULL, NULL); + if (reset_prng_context(ctx, NULL, DEFAULT_PRNG_KSZ, NULL, NULL) < 0) + return -EINVAL; + + /* + * after allocation, we should always force the user to reset + * so they don't inadvertently use the insecure default values + * without specifying them intentially + */ + ctx->flags |= PRNG_NEED_RESET; + return 0; } static void cprng_exit(struct crypto_tfm *tfm) |