crypto: ansi_cprng - Force reset on allocation

[linux-2.6-block.git] / crypto / ansi_cprng.c

diff --git a/crypto/ansi_cprng.c b/crypto/ansi_cprng.c
index 0fac8ffc2fb7ef5dc6d39cca05d0292b584bb472..74478061ac0cb9a606b4c8823db63f563bf99263 100644 (file)
--- a/crypto/ansi_cprng.c
+++ b/crypto/ansi_cprng.c
@@ -338,7 +338,16 @@ static int cprng_init(struct crypto_tfm *tfm)
 
        spin_lock_init(&ctx->prng_lock);
 
-       return reset_prng_context(ctx, NULL, DEFAULT_PRNG_KSZ, NULL, NULL);
+       if (reset_prng_context(ctx, NULL, DEFAULT_PRNG_KSZ, NULL, NULL) < 0)
+               return -EINVAL;
+
+       /*
+        * after allocation, we should always force the user to reset
+        * so they don't inadvertently use the insecure default values
+        * without specifying them intentially
+        */
+       ctx->flags |= PRNG_NEED_RESET;
+       return 0;
 }
 
 static void cprng_exit(struct crypto_tfm *tfm)