random: crng_reseed() should lock the crng instance that it is modifying

commit 0bb29a84 upstream. Reported-by: Jann Horn <jannh@google.com> Fixes: 1e7f583a ("random: make /dev/urandom scalable for silly...") Cc: stable@kernel.org # 4.8+ Signed-off-by: Theodore Ts'o <tytso@mit.edu> Reviewed-by: Jann Horn <jannh@google.com> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>

random: crng_reseed() should lock the crng instance that it is modifying
commit 0bb29a84 upstream. Reported-by: Jann Horn <jannh@google.com> Fixes: 1e7f583a ("random: make /dev/urandom scalable for silly...") Cc: stable@kernel.org # 4.8+ Signed-off-by: Theodore Ts'o <tytso@mit.edu> Reviewed-by: Jann Horn <jannh@google.com> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
d152fcc1 · Theodore Ts'o · Greg Kroah-Hartman · 7b6b1f3a · d152fcc1
Commit d152fcc1 authored Apr 12, 2018 by Theodore Ts'o Committed by Greg Kroah-Hartman Apr 24, 2018
Hide whitespace changes
Inline Side-by-side

Showing with 2 additions and 2 deletions

drivers/char/random.c drivers/char/random.c +2 -2

No files found.
--- a/drivers/char/random.c
+++ b/drivers/char/random.c
@@ -879,7 +879,7 @@ static void crng_reseed(struct crng_state *crng, struct entropy_store *r)
 		_crng_backtrack_protect(&primary_crng, buf.block,
 					CHACHA20_KEY_SIZE);
 	}
-	spin_lock_irqsave(&primary_crng.lock, flags);
+	spin_lock_irqsave(&crng->lock, flags);
 	for (i = 0; i < 8; i++) {
 		unsigned long	rv;
 		if (!arch_get_random_seed_long(&rv) &&
@@ -889,7 +889,7 @@ static void crng_reseed(struct crng_state *crng, struct entropy_store *r)
 	}
 	memzero_explicit(&buf, sizeof(buf));
 	crng->init_time = jiffies;
-	spin_unlock_irqrestore(&primary_crng.lock, flags);
+	spin_unlock_irqrestore(&crng->lock, flags);
 	if (crng == &primary_crng && crng_init < 2) {
 		invalidate_batched_entropy();
 		crng_init = 2;