Hi Herbert, > > +#ifdef CONFIG_CRYPTO_USER_API_CAVP_DRBG > > +static int rng_setentropy(void *private, const u8 *entropy, unsigned int len) > > Please use __maybe_unused instead of the ifdef. Ack On Fri, 31 Jul 2020 at 08:27, Herbert Xu <herbert@xxxxxxxxxxxxxxxxxxx> wrote: > > Eric Biggers <ebiggers@xxxxxxxxxx> wrote: > > > > lock_sock() would solve the former. I'm not sure what should be done about > > rng_recvmsg(). It apparently relies on the crypto_rng doing its own locking, > > but maybe it should just use lock_sock() too. > > The lock_sock is only needed if you're doing testing. What I'd > prefer is to have a completely different code-path for testing. sendmsg is used for "Additional Data" input, and unlike entropy, it could be useful outside of testing. But if you confirm it's not useful, then yes, I can decouple the testing parts. > How about you fork the code in rng_accept_parent so that you have > a separate proto_ops for the test path that is used only if > setentropy has been called? That way all of this code could > magically go away if the CONFIG option wasn't set. Depends on the comment above, but otherwise, my only concern is that the testing variant of rng_recvmsg would be largely copy-pasted from the normal rng_recvmsg, apart from a few lines of lock/release and crypto_rng_generate/crypto_rng_get_bytes. Thanks! Elena
