The drbg_healthcheck() contains a test to call the DRBG with an uninitialized DRBG cipher handle. As this is an inappropriate use of the kernel crypto API to try to generate random numbers before initialization, checks verifying for an initialized DRBG during the generate function have been removed in previous patches. Now, the drbg_healthcheck test trying to generate random numbers with an uninstantiated DRBG must also be removed. Signed-off-by: Stephan Mueller <smueller@xxxxxxxxxx> --- crypto/drbg.c | 3 --- 1 file changed, 3 deletions(-) diff --git a/crypto/drbg.c b/crypto/drbg.c index 39ed918..54cfd48 100644 --- a/crypto/drbg.c +++ b/crypto/drbg.c @@ -1872,9 +1872,6 @@ static inline int __init drbg_healthcheck_sanity(void) /* overflow max addtllen with personalization string */ ret = drbg_instantiate(drbg, &addtl, coreref, pr); BUG_ON(0 == ret); - /* test uninstantated DRBG */ - len = drbg_generate(drbg, buf, (max_request_bytes + 1), NULL); - BUG_ON(0 < len); /* all tests passed */ rc = 0; -- 1.9.3 -- To unsubscribe from this list: send the line "unsubscribe linux-next" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
