armv8rng: Fix an inverted test in random_rndr_read_one()
If we get a random number, the NZCV is set to 0b0000. Then
"cset %w1, ne" will test whether Z == 0 and set %w1 to 1 if so.
More specifically, "cset %w1, ne" maps to "csinc %w1, wzr, wzr, eq",
which stores 0 in %w1 when NZCV == 0b0100 and 1 otherwise.
Thus, on a successful read we expect ret != 0, so the loop condition
needs to be fixed. In practice this means that we would end up trying
to fetch entropy up to ten times in a row. If all attempts are
successful, the last will be returned, otherwise no entropy will be
returned.
Reported by: Kevin Day <kevin@your.org>
Reviewed by: andrew
Fixes: 9eecef0521 ("Add an Armv8 rndr random number provider")
MFC after: 1 week
Differential Revision: https://reviews.freebsd.org/D54259
This commit is contained in:
@@ -64,7 +64,7 @@ random_rndr_read_one(u_long *buf)
|
||||
/* 1 on success, 0 on failure */
|
||||
"cset %w1, ne\n"
|
||||
: "=&r" (val), "=&r"(ret) :: "cc");
|
||||
} while (ret != 0 && --loop > 0);
|
||||
} while (ret == 0 && --loop > 0);
|
||||
|
||||
if (ret != 0)
|
||||
*buf = val;
|
||||
|
||||
Reference in New Issue
Block a user