Skip site navigation (1)Skip section navigation (2)
Date:      Mon, 5 Oct 2015 07:41:13 +0000 (UTC)
From:      Mark Murray <markm@FreeBSD.org>
To:        src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-head@freebsd.org
Subject:   svn commit: r288703 - head/sys/dev/random
Message-ID:  <201510050741.t957fDXG084032@repo.freebsd.org>

next in thread | raw e-mail | index | archive | help
Author: markm
Date: Mon Oct  5 07:41:12 2015
New Revision: 288703
URL: https://svnweb.freebsd.org/changeset/base/288703

Log:
  It appears that under some circumstances, like virtualisiation, the
  'rdrand' instruction may occasionally not return random numbers, in
  spite of looping attempts to do so. The reusult is a KASSERT/panic.
  
  Reluctantly accept this state-of-affairs, but make a noise about it.
  if this 'noise' spams the console, it may be time to discontinue
  using that source.
  
  This is written in a general way to account for /any/ source that
  might not supply random numbers when required.
  
  Submitted by:	jkh (report and slightly different fix)
  Approved by:	so (/dev/random blanket)

Modified:
  head/sys/dev/random/random_harvestq.c

Modified: head/sys/dev/random/random_harvestq.c
==============================================================================
--- head/sys/dev/random/random_harvestq.c	Mon Oct  5 07:40:18 2015	(r288702)
+++ head/sys/dev/random/random_harvestq.c	Mon Oct  5 07:41:12 2015	(r288703)
@@ -211,7 +211,16 @@ random_sources_feed(void)
 	LIST_FOREACH(rrs, &source_list, rrs_entries) {
 		for (i = 0; i < p_random_alg_context->ra_poolcount*(local_read_rate + 1); i++) {
 			n = rrs->rrs_source->rs_read(entropy, sizeof(entropy));
-			KASSERT((n > 0 && n <= sizeof(entropy)), ("very bad return from rs_read (= %d) in %s", n, __func__));
+			KASSERT((n <= sizeof(entropy)), ("%s: rs_read returned too much data (%d > %d) in %s", __func__, n, sizeof(entropy)));
+			/* It would appear that in some circumstances (e.g. virtualisation),
+			 * the underlying hardware entropy source might not always return
+			 * random numbers. Accept this but make a noise. If too much happens,
+			 * can that source be trusted?
+			 */
+			if (n == 0) {
+				printf("%s: rs_read for hardware device '%s' returned no entropy.\n", __func__, rrs->rrs_source->rs_ident);
+				continue;
+			}
 			random_harvest_direct(entropy, n, (n*8)/2, rrs->rrs_source->rs_source);
 		}
 	}



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201510050741.t957fDXG084032>