Thanks, looks good. I tried briefly to break it with the following assertion thing, but didn't come up with any hits, so it looks like we're all set. Prior to applying this patch, I found the easiest way of triggering the below crash was by enabling CONFIG_SLAB_FREELIST_RANDOM. diff --git a/drivers/char/random.c b/drivers/char/random.c index 4de0feb69781..0d9ac045943f 100644 --- a/drivers/char/random.c +++ b/drivers/char/random.c @@ -1035,6 +1035,10 @@ static void _extract_crng(struct crng_state *crng, spin_lock_irqsave(&crng->lock, flags); if (arch_get_random_long(&v)) crng->state[14] ^= v; + BUG_ON(crng->state[0] != CHACHA_CONSTANT_EXPA); + BUG_ON(crng->state[1] != CHACHA_CONSTANT_ND_3); + BUG_ON(crng->state[2] != CHACHA_CONSTANT_2_BY); + BUG_ON(crng->state[3] != CHACHA_CONSTANT_TE_K); chacha20_block(&crng->state[0], out); if (crng->state[12] == 0) crng->state[13]++;
