random: crng_reseed() should lock the crng instance that it is modifying commit 0bb29a849a6433b72e249eea7695477b02056e94 upstream. Reported-by: Jann Horn <jannh@google.com> Fixes: 1e7f583af67b ("random: make /dev/urandom scalable for silly...") Cc: stable@kernel.org # 4.8+ Signed-off-by: Theodore Ts'o <tytso@mit.edu> Reviewed-by: Jann Horn <jannh@google.com> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>

commit: befd00cfc189672adfdf6850cf460a7f53c56cf0 [log] [tgz]
author: Theodore Ts'o <tytso@mit.edu> Thu Apr 12 00:50:45 2018 -0400
committer: Greg Kroah-Hartman <gregkh@linuxfoundation.org> Tue Apr 24 09:34:16 2018 +0200
tree: ab21a57fb1ba9115e7b4b723f59da59e5b75956c
parent: 4dfb3442bb7e1fb80515df4a199ca5a7a8edf900 [diff] [blame]
diff --git a/drivers/char/random.c b/drivers/char/random.c
index 4f82fe0..9d24f3c 100644
--- a/drivers/char/random.c
+++ b/drivers/char/random.c

@@ -836,7 +836,7 @@
 		_crng_backtrack_protect(&primary_crng, buf.block,
 					CHACHA20_KEY_SIZE);
 	}
-	spin_lock_irqsave(&primary_crng.lock, flags);
+	spin_lock_irqsave(&crng->lock, flags);
 	for (i = 0; i < 8; i++) {
 		unsigned long	rv;
 		if (!arch_get_random_seed_long(&rv) &&
@@ -852,7 +852,7 @@
 		wake_up_interruptible(&crng_init_wait);
 		pr_notice("random: crng init done\n");
 	}
-	spin_unlock_irqrestore(&primary_crng.lock, flags);
+	spin_unlock_irqrestore(&crng->lock, flags);
 }
 
 static inline void maybe_reseed_primary_crng(void)
commit	befd00cfc189672adfdf6850cf460a7f53c56cf0	[log] [tgz]
author	Theodore Ts'o <tytso@mit.edu>	Thu Apr 12 00:50:45 2018 -0400
committer	Greg Kroah-Hartman <gregkh@linuxfoundation.org>	Tue Apr 24 09:34:16 2018 +0200
tree	ab21a57fb1ba9115e7b4b723f59da59e5b75956c
parent	4dfb3442bb7e1fb80515df4a199ca5a7a8edf900 [diff] [blame]