diff options
author | markm <markm@FreeBSD.org> | 2015-10-05 07:41:12 +0000 |
---|---|---|
committer | markm <markm@FreeBSD.org> | 2015-10-05 07:41:12 +0000 |
commit | 1342814ae817bf3c736797c4a4576759ef7c2dff (patch) | |
tree | 3429626dd1bfd3ea4227b44766f4f82269e52618 /sys/dev/random | |
parent | 6281bc02a42de874ac2319dd5c0a9ee0d276c49e (diff) | |
download | FreeBSD-src-1342814ae817bf3c736797c4a4576759ef7c2dff.zip FreeBSD-src-1342814ae817bf3c736797c4a4576759ef7c2dff.tar.gz |
It appears that under some circumstances, like virtualisiation, the
'rdrand' instruction may occasionally not return random numbers, in
spite of looping attempts to do so. The reusult is a KASSERT/panic.
Reluctantly accept this state-of-affairs, but make a noise about it.
if this 'noise' spams the console, it may be time to discontinue
using that source.
This is written in a general way to account for /any/ source that
might not supply random numbers when required.
Submitted by: jkh (report and slightly different fix)
Approved by: so (/dev/random blanket)
Diffstat (limited to 'sys/dev/random')
-rw-r--r-- | sys/dev/random/random_harvestq.c | 11 |
1 files changed, 10 insertions, 1 deletions
diff --git a/sys/dev/random/random_harvestq.c b/sys/dev/random/random_harvestq.c index aad6763..9993bbe 100644 --- a/sys/dev/random/random_harvestq.c +++ b/sys/dev/random/random_harvestq.c @@ -211,7 +211,16 @@ random_sources_feed(void) LIST_FOREACH(rrs, &source_list, rrs_entries) { for (i = 0; i < p_random_alg_context->ra_poolcount*(local_read_rate + 1); i++) { n = rrs->rrs_source->rs_read(entropy, sizeof(entropy)); - KASSERT((n > 0 && n <= sizeof(entropy)), ("very bad return from rs_read (= %d) in %s", n, __func__)); + KASSERT((n <= sizeof(entropy)), ("%s: rs_read returned too much data (%d > %d) in %s", __func__, n, sizeof(entropy))); + /* It would appear that in some circumstances (e.g. virtualisation), + * the underlying hardware entropy source might not always return + * random numbers. Accept this but make a noise. If too much happens, + * can that source be trusted? + */ + if (n == 0) { + printf("%s: rs_read for hardware device '%s' returned no entropy.\n", __func__, rrs->rrs_source->rs_ident); + continue; + } random_harvest_direct(entropy, n, (n*8)/2, rrs->rrs_source->rs_source); } } |