git: 108e4f31420d - stable/15 - armv8rng: Fix an inverted test in random_rndr_read_one()
- Go to: [ bottom of page ] [ top of archives ] [ this month ]
Date: Mon, 29 Dec 2025 17:07:17 UTC
The branch stable/15 has been updated by markj:
URL: https://cgit.FreeBSD.org/src/commit/?id=108e4f31420d8c765d883afaece49a782d35943d
commit 108e4f31420d8c765d883afaece49a782d35943d
Author: Mark Johnston <markj@FreeBSD.org>
AuthorDate: 2025-12-18 14:17:20 +0000
Commit: Mark Johnston <markj@FreeBSD.org>
CommitDate: 2025-12-29 14:50:34 +0000
armv8rng: Fix an inverted test in random_rndr_read_one()
If we get a random number, the NZCV is set to 0b0000. Then
"cset %w1, ne" will test whether Z == 0 and set %w1 to 1 if so.
More specifically, "cset %w1, ne" maps to "csinc %w1, wzr, wzr, eq",
which stores 0 in %w1 when NZCV == 0b0100 and 1 otherwise.
Thus, on a successful read we expect ret != 0, so the loop condition
needs to be fixed. In practice this means that we would end up trying
to fetch entropy up to ten times in a row. If all attempts are
successful, the last will be returned, otherwise no entropy will be
returned.
Reported by: Kevin Day <kevin@your.org>
Reviewed by: andrew
Fixes: 9eecef052155 ("Add an Armv8 rndr random number provider")
MFC after: 1 week
Differential Revision: https://reviews.freebsd.org/D54259
(cherry picked from commit 93811883500b99f9f1fb4ffd6e764226d37dcfd0)
---
sys/dev/random/armv8rng.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/sys/dev/random/armv8rng.c b/sys/dev/random/armv8rng.c
index 524d80317681..9573c09aa77a 100644
--- a/sys/dev/random/armv8rng.c
+++ b/sys/dev/random/armv8rng.c
@@ -64,7 +64,7 @@ random_rndr_read_one(u_long *buf)
/* 1 on success, 0 on failure */
"cset %w1, ne\n"
: "=&r" (val), "=&r"(ret) :: "cc");
- } while (ret != 0 && --loop > 0);
+ } while (ret == 0 && --loop > 0);
if (ret != 0)
*buf = val;