Am Donnerstag, 17. August 2017, 20:25:17 CEST schrieb PrasannaKumar
Muralidharan:
Hi PrasannaKumar,
> +
> +static int jz4780_rng_generate(struct crypto_rng *tfm,
> + const u8 *src, unsigned int slen,
> + u8 *dst, unsigned int dlen)
> +{
> + struct jz4780_rng_ctx *ctx = crypto_rng_ctx(tfm);
> + struct jz4780_rng *rng = ctx->rng;
> + u32 data;
> +
> + /*
> + * JZ4780 Programmers manual says the RNG should not run continuously
> + * for more than 1s. So enable RNG, read data and disable it.
> + * NOTE: No issue was observed with MIPS creator CI20 board even when
> + * RNG ran continuously for longer periods. This is just a precaution.
> + *
> + * A delay is required so that the current RNG data is not bit shifted
> + * version of previous RNG data which could happen if random data is
> + * read continuously from this device.
> + */
> + jz4780_rng_writel(rng, 1, REG_RNG_CTRL);
> + do {
> + data = jz4780_rng_readl(rng, REG_RNG_DATA);
> + memcpy((void *)dst, (void *)&data, 4);
How do you know that dst is a multiple of 4 bytes? When dlen is only 3, you
overflow the buffer.
> + dlen -= 4;
> + dst += 4;
> + udelay(20);
> + } while (dlen >= 4);
> +
> + if (dlen > 0) {
> + data = jz4780_rng_readl(rng, REG_RNG_DATA);
> + memcpy((void *)dst, (void *)&data, dlen);
> + }
> + jz4780_rng_writel(rng, 0, REG_RNG_CTRL);
> +
> + return 0;
> +}
Ciao
Stephan
