armv8rng: Fix an inverted test in random_rndr_read_one()

If we get a random number, the NZCV is set to 0b0000.  Then
"cset %w1, ne" will test whether Z == 0 and set %w1 to 1 if so.
More specifically, "cset %w1, ne" maps to "csinc %w1, wzr, wzr, eq",
which stores 0 in %w1 when NZCV == 0b0100 and 1 otherwise.

Thus, on a successful read we expect ret != 0, so the loop condition
needs to be fixed.  In practice this means that we would end up trying
to fetch entropy up to ten times in a row.  If all attempts are
successful, the last will be returned, otherwise no entropy will be
returned.

Reported by:	Kevin Day <kevin@your.org>
Reviewed by:	andrew
Fixes:		9eecef0521 ("Add an Armv8 rndr random number provider")
MFC after:	1 week
Differential Revision:	https://reviews.freebsd.org/D54259
This commit is contained in:
Mark Johnston
2025-12-18 14:17:20 +00:00
parent 0d469d2371
commit 9381188350
+1 -1
View File
@@ -64,7 +64,7 @@ random_rndr_read_one(u_long *buf)
/* 1 on success, 0 on failure */
"cset %w1, ne\n"
: "=&r" (val), "=&r"(ret) :: "cc");
} while (ret != 0 && --loop > 0);
} while (ret == 0 && --loop > 0);
if (ret != 0)
*buf = val;