On Thu, Aug 18, 2016 at 10:44:18AM +0530, PrasannaKumar Muralidharan wrote: > >> +static int jz4780_rng_read(struct hwrng *rng, void *buf, size_t max, bool wait) > >> +{ > >> + struct jz4780_rng *jz4780_rng = container_of(rng, struct jz4780_rng, > >> + rng); > >> + u32 *data = buf; > >> + *data = jz4780_rng_readl(jz4780_rng, REG_RNG_DATA); > >> + return 4; > >> +} > > > > If max is less than 4, its bad > > Data will be 4 bytes. > No, according to comment in include/linux/hw_random.h "drivers can fill up to max bytes of data" So you cannot write more than max bytes without risking buffer overflow. And if max > 4, hwrng client need to recall your read function. The better example I found is tpm_get_random() in drivers/char/tpm/tpm-interface.c for handling both problem. Regards -- To unsubscribe from this list: send the line "unsubscribe linux-crypto" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html