diff options
author | H. Peter Anvin <hpa@linux.intel.com> | 2014-03-17 16:36:29 -0700 |
---|---|---|
committer | Theodore Ts'o <tytso@mit.edu> | 2014-03-19 22:22:06 -0400 |
commit | 331c6490c7f10dcf263712e313b7c0bc7fb6d77a (patch) | |
tree | 30249a0a1a7dc7ea7538fe622a4303bb26853f32 | |
parent | 83664a6928a420b5ccfc0cf23ddbfe3634fea271 (diff) |
random: If we have arch_get_random_seed*(), try it before blocking
If we have arch_get_random_seed*(), try to use it for emergency refill
of the entropy pool before giving up and blocking on /dev/random. It
may or may not work in the moment, but if it does work, it will give
the user better service than blocking will.
Reviewed-by: Ingo Molnar <mingo@kernel.org>
Signed-off-by: H. Peter Anvin <hpa@linux.intel.com>
Signed-off-by: Theodore Ts'o <tytso@mit.edu>
-rw-r--r-- | drivers/char/random.c | 33 |
1 files changed, 33 insertions, 0 deletions
diff --git a/drivers/char/random.c b/drivers/char/random.c index a4bea7775e0..c35cee268e1 100644 --- a/drivers/char/random.c +++ b/drivers/char/random.c @@ -1294,6 +1294,34 @@ void rand_initialize_disk(struct gendisk *disk) } #endif +/* + * Attempt an emergency refill using arch_get_random_seed_long(). + * + * As with add_interrupt_randomness() be paranoid and only + * credit the output as 50% entropic. + */ +static int arch_random_refill(void) +{ + const unsigned int nlongs = 64; /* Arbitrary number */ + unsigned int n = 0; + unsigned int i; + unsigned long buf[nlongs]; + + for (i = 0; i < nlongs; i++) { + if (arch_get_random_seed_long(&buf[n])) + n++; + } + + if (n) { + unsigned int rand_bytes = n * sizeof(unsigned long); + + mix_pool_bytes(&input_pool, buf, rand_bytes, NULL); + credit_entropy_bits(&input_pool, rand_bytes*4); + } + + return n; +} + static ssize_t random_read(struct file *file, char __user *buf, size_t nbytes, loff_t *ppos) { @@ -1312,8 +1340,13 @@ random_read(struct file *file, char __user *buf, size_t nbytes, loff_t *ppos) ENTROPY_BITS(&input_pool)); if (n > 0) return n; + /* Pool is (near) empty. Maybe wait and retry. */ + /* First try an emergency refill */ + if (arch_random_refill()) + continue; + if (file->f_flags & O_NONBLOCK) return -EAGAIN; |