random: fix locking in crng_fast_load()

crng_init is protected by primary_crng->lock, so keep holding that lock
when incrementing crng_init from 0 to 1 in crng_fast_load(). The call to
pr_notice() can wait until the lock is released; this code path cannot
be reached twice, as crng_fast_load() aborts early if crng_init > 0.

Signed-off-by: Dominik Brodowski <linux@dominikbrodowski.net>
Reviewed-by: Eric Biggers <ebiggers@google.com>
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>

diff --git a/drivers/char/random.c b/drivers/char/random.c
index ceded1c..79cf577 100644 (file)
--- a/drivers/char/random.c
+++ b/drivers/char/random.c
@@ -647,12 +647,13 @@ static size_t crng_fast_load(const u8 *cp, size_t len)
                p[crng_init_cnt % CHACHA_KEY_SIZE] ^= *cp;
                cp++; crng_init_cnt++; len--; ret++;
        }
-       spin_unlock_irqrestore(&primary_crng.lock, flags);
        if (crng_init_cnt >= CRNG_INIT_CNT_THRESH) {
                invalidate_batched_entropy();
                crng_init = 1;
-               pr_notice("fast init done\n");
        }
+       spin_unlock_irqrestore(&primary_crng.lock, flags);
+       if (crng_init == 1)
+               pr_notice("fast init done\n");
        return ret;
 }