ANDROID: Fix race in crng_reseed()
The crng_init triggers process_crng_rdy_callbacks() and those callbacks
can call into the crng again. So, leave the spinlock before processing
the callbacks.
This is a version of upstream commit '4a072c71f49b'
Bug: 124090075
Test: Build and boot cuttlefish with hwrng enabled
Change-Id: Ie5b7a60cd17eae80ca26b518c60110fd18efd548
Signed-off-by: Sandeep Patil <sspatil@android.com>
diff --git a/drivers/char/random.c b/drivers/char/random.c
index 075306f..5697480 100644
--- a/drivers/char/random.c
+++ b/drivers/char/random.c
@@ -893,6 +893,7 @@
if (crng == &primary_crng && crng_init < 2) {
numa_crng_init();
crng_init = 2;
+ spin_unlock_irqrestore(&crng->lock, flags);
process_random_ready_list();
wake_up_interruptible(&crng_init_wait);
pr_notice("random: crng init done\n");
@@ -908,8 +909,9 @@
urandom_warning.missed);
urandom_warning.missed = 0;
}
+ } else {
+ spin_unlock_irqrestore(&crng->lock, flags);
}
- spin_unlock_irqrestore(&crng->lock, flags);
}
static inline void maybe_reseed_primary_crng(void)