random: always fill buffer in get_random_bytes_wait
In the unfortunate event that a developer fails to check the return value of get_random_bytes_wait, or simply wants to make a "best effort" attempt, for whatever that's worth, it's much better to still fill the buffer with _something_ rather than catastrophically failing in the case of an interruption. This is both a defense in depth measure against inevitable programming bugs, as well as a means of making the API a bit more useful. Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com> Signed-off-by: Theodore Ts'o <tytso@mit.edu>
This commit is contained in:
Jason A. Donenfeld
committed by
Theodore Ts'o
Theodore Ts'o
parent
9f886f4d1d
commit
25e3fca492
@@ -85,10 +85,8 @@ static inline unsigned long get_random_canary(void)
|
||||
static inline int get_random_bytes_wait(void *buf, int nbytes)
|
||||
{
|
||||
int ret = wait_for_random_bytes();
|
||||
if (unlikely(ret))
|
||||
return ret;
|
||||
get_random_bytes(buf, nbytes);
|
||||
return 0;
|
||||
return ret;
|
||||
}
|
||||
|
||||
#define declare_get_random_var_wait(var) \
|
||||
|
||||
Reference in New Issue
Block a user