Patch "crypto: drbg - make drbg_prepare_hrng() handle jent instantiation errors" has been added to the 4.19-stable tree

Sasha Levin <sashal@xxxxxxxxxx> · Sat, 6 May 2023 16:37:05 -0400

This is a note to let you know that I've just added the patch titled

    crypto: drbg - make drbg_prepare_hrng() handle jent instantiation errors

to the 4.19-stable tree which can be found at:
    http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=summary

The filename of the patch is:
     crypto-drbg-make-drbg_prepare_hrng-handle-jent-insta.patch
and it can be found in the queue-4.19 subdirectory.

If you, or anyone else, feels it should not be added to the stable tree,
please let <stable@xxxxxxxxxxxxxxx> know about it.



commit a36e55872d449f1c0fe502630c33bcfa8ece7236
Author: Nicolai Stange <nstange@xxxxxxx>
Date:   Mon Nov 15 15:18:08 2021 +0100

    crypto: drbg - make drbg_prepare_hrng() handle jent instantiation errors
    
    [ Upstream commit 559edd47cce4cc407d606b4d7f376822816fd4b8 ]
    
    Now that drbg_prepare_hrng() doesn't do anything but to instantiate a
    jitterentropy crypto_rng instance, it looks a little odd to have the
    related error handling at its only caller, drbg_instantiate().
    
    Move the handling of jitterentropy allocation failures from
    drbg_instantiate() close to the allocation itself in drbg_prepare_hrng().
    
    There is no change in behaviour.
    
    Signed-off-by: Nicolai Stange <nstange@xxxxxxx>
    Reviewed-by: Stephan Müller <smueller@xxxxxxxxxx>
    Signed-off-by: Herbert Xu <herbert@xxxxxxxxxxxxxxxxxxx>
    Stable-dep-of: 686cd976b6dd ("crypto: drbg - Only fail when jent is unavailable in FIPS mode")
    Signed-off-by: Sasha Levin <sashal@xxxxxxxxxx>

diff --git a/crypto/drbg.c b/crypto/drbg.c
index c8c56763dfded..8b80fd3690ff4 100644
--- a/crypto/drbg.c
+++ b/crypto/drbg.c
@@ -1512,6 +1512,14 @@ static int drbg_prepare_hrng(struct drbg_state *drbg)
 		return 0;
 
 	drbg->jent = crypto_alloc_rng("jitterentropy_rng", 0, 0);
+	if (IS_ERR(drbg->jent)) {
+		const int err = PTR_ERR(drbg->jent);
+
+		drbg->jent = NULL;
+		if (fips_enabled || err != -ENOENT)
+			return err;
+		pr_info("DRBG: Continuing without Jitter RNG\n");
+	}
 
 	return 0;
 }
@@ -1567,14 +1575,6 @@ static int drbg_instantiate(struct drbg_state *drbg, struct drbg_string *pers,
 		if (ret)
 			goto free_everything;
 
-		if (IS_ERR(drbg->jent)) {
-			ret = PTR_ERR(drbg->jent);
-			drbg->jent = NULL;
-			if (fips_enabled || ret != -ENOENT)
-				goto free_everything;
-			pr_info("DRBG: Continuing without Jitter RNG\n");
-		}
-
 		reseed = false;
 	}
 






