Port-xen archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

regarding the changes to kernel entropy gathering



So, I'm not sure what to say here.

I'm very surprised, quite confused, more than a little perturbed, and
even somewhat angry.  It's taken me quite some time to write this.

Now temper this with knowing that I do know I'm running -current, not a
release, and that I accept the challenges this might cause (thus see the
patch below).

Updating a system, even on -current, shouldn't cause what I can only
describe as _intentional_ breakage, even for matters so important as
system security and integrity, and especially not without clear mention
UPDATING, and perhaps also with documented and referenced tools to
assist in undoing said breakage.

Updating a system, even on -current, shouldn't create a long-lived
situation where the system documentation and the behaviour and actions
of system commands is completely out of sync with the behaviour of the
kernel, and in fact lies to the administrator about the abilities of the
system.

In any case, the following patch (and in particular the last hunk) fixes
all my problems and complaints in this domain.  It is fully tested, and
it works A-OK with Xen in both domU and dom0 kernels.  My systems once
again have consistent documentation, and tools that don't lie, and are
able to function as before w.r.t. matters related to /dev/random and
getrandom(2).

Now I'm not proposing this as the final solution -- I think there's some
middle ground to be found, but at least this gets things back to working.


--- sys/kern/kern_entropy.c.~1.30.~	2021-03-07 17:23:05.000000000 -0800
+++ sys/kern/kern_entropy.c	2021-04-03 11:25:31.667067667 -0700
@@ -1306,7 +1306,7 @@

 		/* Wait for some entropy to come in and try again.  */
 		KASSERT(E->stage >= ENTROPY_WARM);
-		printf("entropy: pid %d (%s) blocking due to lack of entropy\n",
+		printf("entropy: pid %d (%s) blocking due to lack of entropy\n", /* xxx uprintf() instead/also? */
 		       curproc->p_pid, curproc->p_comm);

 		if (ISSET(flags, ENTROPY_SIG)) {
@@ -1577,6 +1577,16 @@
 	KASSERT(i == __arraycount(extra));
 	entropy_enter(extra, sizeof extra, 0);
 	explicit_memset(extra, 0, sizeof extra);
+
+	aprint_verbose("entropy: %s attached as an entropy source (", rs->name);
+	if (!(flags & RND_FLAG_NO_COLLECT)) {
+		printf("collecting");
+		if (flags & RND_FLAG_NO_ESTIMATE)
+			printf(" without estimation");
+	}
+	else
+		printf("off");
+	printf(")\n");
 }

 /*
@@ -1610,6 +1620,8 @@

 	/* Free the per-CPU data.  */
 	percpu_free(rs->state, sizeof(struct rndsource_cpu));
+
+	aprint_verbose("entropy: %s detached as an entropy source\n", rs->name);
 }

 /*
@@ -1754,21 +1766,21 @@
 rnd_add_uint32(struct krndsource *rs, uint32_t value)
 {

-	rnd_add_data(rs, &value, sizeof value, 0);
+	rnd_add_data(rs, &value, sizeof value, sizeof value * NBBY);
 }

 void
 _rnd_add_uint32(struct krndsource *rs, uint32_t value)
 {

-	rnd_add_data(rs, &value, sizeof value, 0);
+	rnd_add_data(rs, &value, sizeof value, sizeof value * NBBY);
 }

 void
 _rnd_add_uint64(struct krndsource *rs, uint64_t value)
 {

-	rnd_add_data(rs, &value, sizeof value, 0);
+	rnd_add_data(rs, &value, sizeof value, sizeof value * NBBY);
 }

 /*

--
					Greg A. Woods <gwoods%acm.org@localhost>

Kelowna, BC     +1 250 762-7675           RoboHack <woods%robohack.ca@localhost>
Planix, Inc. <woods%planix.com@localhost>     Avoncote Farms <woods%avoncote.ca@localhost>

Attachment: pgpc6MT2vSKNs.pgp
Description: OpenPGP Digital Signature



Home | Main Index | Thread Index | Old Index