fixes from peer review: added comments for clarity, and remove errant condition added in _InitRng().

2026-01-26 19:22:20 +01:00 · 2025-12-30 12:13:15 -06:00
parent d504baaf3a
commit 299ca1cfef
2 changed files with 23 additions and 5 deletions
--- a/linuxkm/lkcapi_sha_glue.c
+++ b/linuxkm/lkcapi_sha_glue.c
@@ -1020,11 +1020,20 @@ static int wc_linuxkm_drbg_init_tfm(struct crypto_tfm *tfm)
            ret = wc_InitRng(&ctx->rngs[i].rng);
            if (need_reenable_vec)
                REENABLE_VECTOR_REGISTERS();
-            if (can_sleep)
+            if (can_sleep) {
+                /* if we're allowed to sleep, relax the loop between each inner
+                 * iteration even on success, assuring relaxation of the outer
+                 * iterations.
+                 */
                cond_resched();
+            }
            if (ret == 0)
                break;
            if (can_sleep) {
+                /* Allow interrupt only if we're stuck spinning retries -- i.e.,
+                 * don't allow an untimely user signal to derail an
+                 * initialization that is proceeding expeditiously.
+                 */
                if (WC_CHECK_FOR_INTR_SIGNALS() == WC_NO_ERR_TRACE(INTERRUPTED_E)) {
                    ret = -EINTR;
                    break;
@@ -1036,7 +1045,7 @@ static int wc_linuxkm_drbg_init_tfm(struct crypto_tfm *tfm)
            ++nretries;
        }
        if (ret != 0) {
-            pr_warn("WARNING: wc_InitRng returned %d after %d retries.\n",ret,nretries);
+            pr_warn("WARNING: wc_InitRng returned %d after %d retries.\n", ret, nretries);
            ret = -EINVAL;
            break;
        }
--- a/wolfcrypt/src/random.c
+++ b/wolfcrypt/src/random.c
@@ -537,8 +537,16 @@ static int Hash_gen(DRBG_internal* drbg, byte* out, word32 outSz, const byte* V)
 #endif

    #ifdef WC_VERBOSE_RNG
-    if ((ret != DRBG_SUCCESS) && (ret != DRBG_FAILURE))
+    if ((ret != DRBG_SUCCESS) && (ret != DRBG_FAILURE)) {
+        /* Note, if we're just going to return DRBG_FAILURE to the caller, then
+         * there's no point printing it out here because (1) the lower-level
+         * code that was remapped to DRBG_FAILURE already got printed before the
+         * remapping, so a DRBG_FAILURE message would just be spamming the log,
+         * and (2) the caller will actually see the DRBG_FAILURE code, and is
+         * free to (and probably will) log it itself.
+         */
        WOLFSSL_DEBUG_PRINTF("Hash_gen failed with err %d.", ret);
+    }
    #endif

    return (ret == 0) ? DRBG_SUCCESS : DRBG_FAILURE;
@@ -652,8 +660,10 @@ static int Hash_DRBG_Generate(DRBG_internal* drbg, byte* out, word32 outSz)
    }

    #ifdef WC_VERBOSE_RNG
-    if ((ret != DRBG_SUCCESS) && (ret != DRBG_FAILURE))
+    if ((ret != DRBG_SUCCESS) && (ret != DRBG_FAILURE)) {
+        /* see note above regarding log spam reduction */
        WOLFSSL_DEBUG_PRINTF("Hash_DRBG_Generate failed with err %d.", ret);
+    }
    #endif

    return (ret == 0) ? DRBG_SUCCESS : DRBG_FAILURE;
@@ -1033,7 +1043,6 @@ static int _InitRng(WC_RNG* rng, byte* nonce, word32 nonceSz,
        ret = RNG_FAILURE_E;
    }
    else {
-    if ((ret != DRBG_SUCCESS) && (ret != DRBG_FAILURE))
        rng->status = DRBG_FAILED;
    }
 #endif /* HAVE_HASHDRBG */