From: "Jason A. Donenfeld" Jason@zx2c4.com
commit 25e3fca492035a2e1d4ac6e3b1edd9c1acd48897 upstream.
In the unfortunate event that a developer fails to check the return value of get_random_bytes_wait, or simply wants to make a "best effort" attempt, for whatever that's worth, it's much better to still fill the buffer with _something_ rather than catastrophically failing in the case of an interruption. This is both a defense in depth measure against inevitable programming bugs, as well as a means of making the API a bit more useful.
Signed-off-by: Jason A. Donenfeld Jason@zx2c4.com Signed-off-by: Theodore Ts'o tytso@mit.edu Signed-off-by: Jason A. Donenfeld Jason@zx2c4.com Signed-off-by: Greg Kroah-Hartman gregkh@linuxfoundation.org --- include/linux/random.h | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-)
--- a/include/linux/random.h +++ b/include/linux/random.h @@ -63,10 +63,8 @@ static inline unsigned long get_random_l static inline int get_random_bytes_wait(void *buf, int nbytes) { int ret = wait_for_random_bytes(); - if (unlikely(ret)) - return ret; get_random_bytes(buf, nbytes); - return 0; + return ret; }
#define declare_get_random_var_wait(var) \