git: 93811883500b - main - armv8rng: Fix an inverted test in random_rndr_read_one()
- Go to: [ bottom of page ] [ top of archives ] [ this month ]
Date: Thu, 18 Dec 2025 19:47:19 UTC
The branch main has been updated by markj:
URL: https://cgit.FreeBSD.org/src/commit/?id=93811883500b99f9f1fb4ffd6e764226d37dcfd0
commit 93811883500b99f9f1fb4ffd6e764226d37dcfd0
Author: Mark Johnston <markj@FreeBSD.org>
AuthorDate: 2025-12-18 14:17:20 +0000
Commit: Mark Johnston <markj@FreeBSD.org>
CommitDate: 2025-12-18 19:46:42 +0000
armv8rng: Fix an inverted test in random_rndr_read_one()
If we get a random number, the NZCV is set to 0b0000. Then
"cset %w1, ne" will test whether Z == 0 and set %w1 to 1 if so.
More specifically, "cset %w1, ne" maps to "csinc %w1, wzr, wzr, eq",
which stores 0 in %w1 when NZCV == 0b0100 and 1 otherwise.
Thus, on a successful read we expect ret != 0, so the loop condition
needs to be fixed. In practice this means that we would end up trying
to fetch entropy up to ten times in a row. If all attempts are
successful, the last will be returned, otherwise no entropy will be
returned.
Reported by: Kevin Day <kevin@your.org>
Reviewed by: andrew
Fixes: 9eecef052155 ("Add an Armv8 rndr random number provider")
MFC after: 1 week
Differential Revision: https://reviews.freebsd.org/D54259
---
sys/dev/random/armv8rng.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/sys/dev/random/armv8rng.c b/sys/dev/random/armv8rng.c
index 524d80317681..9573c09aa77a 100644
--- a/sys/dev/random/armv8rng.c
+++ b/sys/dev/random/armv8rng.c
@@ -64,7 +64,7 @@ random_rndr_read_one(u_long *buf)
/* 1 on success, 0 on failure */
"cset %w1, ne\n"
: "=&r" (val), "=&r"(ret) :: "cc");
- } while (ret != 0 && --loop > 0);
+ } while (ret == 0 && --loop > 0);
if (ret != 0)
*buf = val;