On Tue, Sep 30, 2025 at 11:28:24AM +0800, Dave Sun wrote:
> When CONFIG_CRYPTO_USER_API_RNG_CAVP is enable,
> algif_type_rng->setentropy = rng_setentropy.
> If we setsockopt on a af_alg socket binding a rng
> algorithm with ALG_SET_DRBG_ENTROPY opt, kernel will
> run to ->set_ent in rng_setentropy.
> 
> Since struct rng_alg like jent_alg dose not set set_ent
> which default value is 0, null-ptr-dereference will happen.
> 
> Check ->set_ent before call it.
> 
> Signed-off-by: Yiqi Sun <sunyiqixm@gmail.com>
> ---
>  crypto/algif_rng.c | 3 +++
>  1 file changed, 3 insertions(+)

Thanks for the report.  I'd prefer to make set_ent always present:

---8<---
Ensure that set_ent is always set since only drbg provides it.

Fixes: 77ebdabe8de7 ("crypto: af_alg - add extra parameters for DRBG interface")
Reported-by: Yiqi Sun <sunyiqixm@gmail.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>

diff --git a/crypto/rng.c b/crypto/rng.c
index b8ae6ebc091d..ee1768c5a400 100644
--- a/crypto/rng.c
+++ b/crypto/rng.c
@@ -168,6 +168,11 @@ int crypto_del_default_rng(void)
 EXPORT_SYMBOL_GPL(crypto_del_default_rng);
 #endif
 
+static void rng_default_set_ent(struct crypto_rng *tfm, const u8 *data,
+				unsigned int len)
+{
+}
+
 int crypto_register_rng(struct rng_alg *alg)
 {
 	struct crypto_alg *base = &alg->base;
@@ -179,6 +184,9 @@ int crypto_register_rng(struct rng_alg *alg)
 	base->cra_flags &= ~CRYPTO_ALG_TYPE_MASK;
 	base->cra_flags |= CRYPTO_ALG_TYPE_RNG;
 
+	if (!alg->set_ent)
+		alg->set_ent = rng_default_set_ent;
+
 	return crypto_register_alg(base);
 }
 EXPORT_SYMBOL_GPL(crypto_register_rng);
-- 
Email: Herbert Xu <herbert@gondor.apana.org.au>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt