From d05da1fa45f9b40cc5a56f7d9ff1c55992590168 Mon Sep 17 00:00:00 2001
From: Jarno Lamsa <jarno.lamsa@arm.com>
Date: Thu, 14 Nov 2019 10:12:36 +0200
Subject: [PATCH] Add double check for checking if source is strong

To prevent glitching past a strong source.
---
 library/entropy.c | 8 +++++++-
 1 file changed, 7 insertions(+), 1 deletion(-)

diff --git a/library/entropy.c b/library/entropy.c
index fdb2e152f..6b0b47b3e 100644
--- a/library/entropy.c
+++ b/library/entropy.c
@@ -271,7 +271,13 @@ static int entropy_gather_internal( mbedtls_entropy_context *ctx )
      */
     for( i = 0; i < ctx->source_count; i++ )
     {
-        if( ctx->source[i].strong == MBEDTLS_ENTROPY_SOURCE_STRONG )
+        volatile int strong_fi = ctx->source[i].strong;
+        if( strong_fi == MBEDTLS_ENTROPY_SOURCE_STRONG )
+            have_one_strong_fi = 1;
+
+        mbedtls_platform_enforce_volatile_reads();
+
+        if( strong_fi == MBEDTLS_ENTROPY_SOURCE_STRONG )
             have_one_strong_fi = 1;
 
         olen = 0;