Attempt to mitigate poor initialization of arc4 by one-shot

reinitialization from yarrow right after good entropy is harvested. Approved by: secteam (delphij) MFC after: 1 week
author: ache <ache@FreeBSD.org> 2013-04-19 00:30:52 +0000
committer: ache <ache@FreeBSD.org> 2013-04-19 00:30:52 +0000
commit: 60f7807df19873ac8b9fce428ca4198735d92067 (patch)
tree: fa25310a8dd89ca7a6e6ae0ff9bec9876bb60c74 /sys/libkern
parent: 1110825468efffa72f05077e3a42f5e5fa6963ec (diff)
download: FreeBSD-src-60f7807df19873ac8b9fce428ca4198735d92067.zip
FreeBSD-src-60f7807df19873ac8b9fce428ca4198735d92067.tar.gz
1 files changed, 4 insertions, 1 deletions
diff --git a/sys/libkern/arc4random.c b/sys/libkern/arc4random.c
index 4fcd74d..62ace2c 100644
--- a/sys/libkern/arc4random.c
+++ b/sys/libkern/arc4random.c
@@ -24,6 +24,8 @@ __FBSDID("$FreeBSD$");
 #define	ARC4_RESEED_SECONDS 300
 #define	ARC4_KEYBYTES (256 / 8)
 
+int arc4rand_iniseed_state = ARC4_ENTR_NONE;
+
 static u_int8_t arc4_i, arc4_j;
 static int arc4_numruns = 0;
 static u_int8_t arc4_sbox[256];
@@ -130,7 +132,8 @@ arc4rand(void *ptr, u_int len, int reseed)
 	struct timeval tv;
 
 	getmicrouptime(&tv);
-	if (reseed || 
+	if (atomic_cmpset_int(&arc4rand_iniseed_state, ARC4_ENTR_HAVE,
+	    ARC4_ENTR_SEED) || reseed ||
 	   (arc4_numruns > ARC4_RESEED_BYTES) ||
 	   (tv.tv_sec > arc4_t_reseed))
 		arc4_randomstir();
author	ache <ache@FreeBSD.org>	2013-04-19 00:30:52 +0000
committer	ache <ache@FreeBSD.org>	2013-04-19 00:30:52 +0000
commit	60f7807df19873ac8b9fce428ca4198735d92067 (patch)
tree	fa25310a8dd89ca7a6e6ae0ff9bec9876bb60c74 /sys/libkern
parent	1110825468efffa72f05077e3a42f5e5fa6963ec (diff)
download	FreeBSD-src-60f7807df19873ac8b9fce428ca4198735d92067.zip FreeBSD-src-60f7807df19873ac8b9fce428ca4198735d92067.tar.gz