From d88232114ccf1b0c22f0ddf3fc983ffa0550615c Mon Sep 17 00:00:00 2001
From: Neil Horman <nhorman@redhat.com>
Date: Wed, 28 Jan 2009 15:20:51 +1100
Subject: [PATCH] --- yaml --- r: 132687 b: refs/heads/master c:
 d7992f42c61d5dc6d164f7dddd05284485204ada h: refs/heads/master i:   132685:
 5f815c8df327374ea13a5e2eca4d9f5ce894590e   132683:
 ab2680f091c80aec2951d53b8fb874c104d10718   132679:
 b1ac0ee26e1baa442eb2ee71002d9a19d3e68be2   132671:
 f1f51d201da105d6ef799eafe1616b31abe4ae38 v: v3

---
 [refs]                    |  2 +-
 trunk/crypto/ansi_cprng.c | 11 ++++++++++-
 2 files changed, 11 insertions(+), 2 deletions(-)

diff --git a/[refs] b/[refs]
index 7f58ec1a5d1a..56a34c782f19 100644
--- a/[refs]
+++ b/[refs]
@@ -1,2 +1,2 @@
 ---
-refs/heads/master: 54b6a1bd5364aca95cd6ffae00f2b64c6511122c
+refs/heads/master: d7992f42c61d5dc6d164f7dddd05284485204ada
diff --git a/trunk/crypto/ansi_cprng.c b/trunk/crypto/ansi_cprng.c
index 0fac8ffc2fb7..74478061ac0c 100644
--- a/trunk/crypto/ansi_cprng.c
+++ b/trunk/crypto/ansi_cprng.c
@@ -338,7 +338,16 @@ static int cprng_init(struct crypto_tfm *tfm)
 
 	spin_lock_init(&ctx->prng_lock);
 
-	return reset_prng_context(ctx, NULL, DEFAULT_PRNG_KSZ, NULL, NULL);
+	if (reset_prng_context(ctx, NULL, DEFAULT_PRNG_KSZ, NULL, NULL) < 0)
+		return -EINVAL;
+
+	/*
+	 * after allocation, we should always force the user to reset
+	 * so they don't inadvertently use the insecure default values
+	 * without specifying them intentially
+	 */
+	ctx->flags |= PRNG_NEED_RESET;
+	return 0;
 }
 
 static void cprng_exit(struct crypto_tfm *tfm)