hwrng: core - Fix page fault dead lock on mmap-ed hwrng

stable inclusion
from stable-v4.19.307
commit eafd83b92f6c044007a3591cbd476bcf90455990
category: bugfix
bugzilla: https://gitee.com/src-openeuler/kernel/issues/I99JR3
CVE: CVE-2023-52615

Reference: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id=eafd83b92f6c044007a3591cbd476bcf90455990



--------------------------------

commit 78aafb3884f6bc6636efcc1760c891c8500b9922 upstream.

There is a dead-lock in the hwrng device read path.  This triggers
when the user reads from /dev/hwrng into memory also mmap-ed from
/dev/hwrng.  The resulting page fault triggers a recursive read
which then dead-locks.

Fix this by using a stack buffer when calling copy_to_user.

Reported-by: Edward Adam Davis <eadavis@qq.com>
Reported-by:  <syzbot+c52ab18308964d248092@syzkaller.appspotmail.com>
Fixes: 9996508b ("hwrng: core - Replace u32 in driver API with byte array")
Cc: <stable@vger.kernel.org>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Signed-off-by: Yi Yang <yiyang13@huawei.com>