Am Dienstag, 30. November 2021, 03:55:12 CET schrieb Sandy Harris:
Hi Sandy,
> Chen, Rong A <rong.a.chen@xxxxxxxxx> wrote:
> > On 11/22/2021 7:47 PM, Stephan Mueller wrote:
> > > Thanks for the notification.
> > >
> > > I think this is a false-positive discussed before. __latent_entropy is
> > > seemingly allowed for an entire linear buffer as seen in the declaration
> > > of
> > > the variable input_pool_data in driver/char/random.c which is an array
> > > of u32.
> > >
> > > The struct chacha20_state is a linear buffer of u32 words.
> > >
> > > struct chacha20_block {
> > >
> > > u32 constants[4];
> > > union {
> > >
> > > u32 u[CHACHA_KEY_SIZE_WORDS];
> > > u8 b[CHACHA_KEY_SIZE];
> > >
> > > } key;
> > > u32 counter;
> > > u32 nonce[3];
> > >
> > > };
> > >
> > > Therefore it should be identical to the aforementioned example.
>
> No. It is a struct & there's no guarantee all compilers will lay
> it out as you expect. There might even be a gap in the layout
> since nonce[] has an odd number of elements.
>
> >> The __latent_entropy marker therefore seems to be appropriate for this
> >> structure.
> First, this is completely unnecessary since the input pool is marked for
> latent entropy & changes there will affect the chacha context.
>
> Also, if I'm reading the docs right, the __latent_entropy attribute
> on a data structure only gets it initialised somewhat randomly.
> If you want a continuous effect at runtime, then you need to
> make the code mix the latent_entropy global variable into the
> data structure.
Thank you very much for your explanation. I will change my code accordingly.
Note, the LRNG does not have an input_pool.
Ciao
Stephan
