svn commit: r230230 - head/sys/dev/random
David Schultz
das at freebsd.org
Wed Jan 18 17:54:41 UTC 2012
On Wed, Jan 18, 2012, Andrey Chernov wrote:
> On Mon, Jan 16, 2012 at 08:18:10PM +0000, David Schultz wrote:
> > Author: das
> > Date: Mon Jan 16 20:18:10 2012
> > New Revision: 230230
> > URL: http://svn.freebsd.org/changeset/base/230230
> >
> > Log:
> > Generate a warning if the kernel's arc4random() is seeded with bogus entropy.
>
> While you are here, could you review/commit my patch to fix bad 31bit
> arc4rand() seeding, please?
>
> --- yarrow.c.bak 2011-09-26 07:35:48.000000000 +0400
> +++ yarrow.c 2012-01-18 10:13:47.000000000 +0400
> @@ -59,6 +59,8 @@ static void reseed(u_int);
> /* The reseed thread mutex */
> struct mtx random_reseed_mtx;
>
> +static arc4rand_seeded = 0;
> +
> /* Process a single stochastic event off the harvest queue */
> void
> random_process_event(struct harvest *event)
> @@ -261,6 +263,11 @@ reseed(u_int fastslow)
>
> /* Release the reseed mutex */
> mtx_unlock(&random_reseed_mtx);
> +
> + if (!arc4rand_seeded) {
> + arc4rand_seeded = 1;
> + arc4rand(NULL, 0, 1);
> + }
> }
>
> /* Internal function to return processed entropy from the PRNG */
It appears to reseed arc4random's state exactly once, at whatever
unpredictable time devrandom decides to reseed itself. Are you
trying to fix the problems that arise if random.ko is loaded too
late in the boot process?
More information about the svn-src-all
mailing list