svn commit: r347329 - head/sys/dev/random
Conrad Meyer
cem at FreeBSD.org
Wed May 8 14:54:34 UTC 2019
Author: cem
Date: Wed May 8 14:54:32 2019
New Revision: 347329
URL: https://svnweb.freebsd.org/changeset/base/347329
Log:
random(4): Don't complain noisily when an entropy source is slow
Mjg@ reports that RDSEED (r347239) causes a lot of logspam from this printf,
and I don't feel that it is especially useful (even ratelimited). There are
many other quality/quantity checks we're not performing on entropy sources;
lack of high frequency availability does not disqualify a good entropy
source.
There is some discussion in the linked Differential about what logging might
be appropriate and/or polling policy for slower TRNG sources. Please feel
free to chime in if you have opinions.
Reported by: mjg
Reviewed by: markm, delphij
Approved by: secteam(delphij)
X-MFC-With: r347239
Sponsored by: Dell EMC Isilon
Differential Revision: https://reviews.freebsd.org/D20195
Modified:
head/sys/dev/random/random_harvestq.c
Modified: head/sys/dev/random/random_harvestq.c
==============================================================================
--- head/sys/dev/random/random_harvestq.c Wed May 8 13:35:51 2019 (r347328)
+++ head/sys/dev/random/random_harvestq.c Wed May 8 14:54:32 2019 (r347329)
@@ -235,15 +235,19 @@ random_sources_feed(void)
for (i = 0; i < p_random_alg_context->ra_poolcount*local_read_rate; i++) {
n = rrs->rrs_source->rs_read(entropy, sizeof(entropy));
KASSERT((n <= sizeof(entropy)), ("%s: rs_read returned too much data (%u > %zu)", __func__, n, sizeof(entropy)));
- /* It would appear that in some circumstances (e.g. virtualisation),
- * the underlying hardware entropy source might not always return
- * random numbers. Accept this but make a noise. If too much happens,
- * can that source be trusted?
+ /*
+ * Sometimes the HW entropy source doesn't have anything
+ * ready for us. This isn't necessarily untrustworthy.
+ * We don't perform any other verification of an entropy
+ * source (i.e., length is allowed to be anywhere from 1
+ * to sizeof(entropy), quality is unchecked, etc), so
+ * don't balk verbosely at slow random sources either.
+ * There are reports that RDSEED on x86 metal falls
+ * behind the rate at which we query it, for example.
+ * But it's still a better entropy source than RDRAND.
*/
- if (n == 0) {
- printf("%s: rs_read for hardware device '%s' returned no entropy.\n", __func__, rrs->rrs_source->rs_ident);
+ if (n == 0)
continue;
- }
random_harvest_direct(entropy, n, rrs->rrs_source->rs_source);
}
}
More information about the svn-src-head
mailing list