CVS commit: src/sys/kern

To: source-changes%NetBSD.org@localhost
Subject: CVS commit: src/sys/kern
From: "Taylor R Campbell" <riastradh%netbsd.org@localhost>
Date: Thu, 7 May 2020 00:55:13 +0000

Module Name:    src
Committed By:   riastradh
Date:           Thu May  7 00:55:13 UTC 2020

Modified Files:
        src/sys/kern: kern_entropy.c

Log Message:
Fix two mistakes in entropy accounting.

1. When consolidating entropy from per-CPU pools, drop the amount
   pending to zero; otherwise the entropy consolidation thread might
   keep consolidating every second.

This uncovered a feedback loop with kern.entropy.depletion=1 and
on-demand entropy sources, which is that depleting the pool and then
requesting more from it causes the on-demand entropy sources to
trigger reseed, which causes cprng_fast/strong to request more which
depletes the pool again which causes on-demand entropy sources to
trigger reseed, and so on.

To work around this:

2. Set a rate limit on reseeding (advancing the entropy epoch) when
   kern.entropy.depletion=1; otherwise reseeding gets into a feedback
   loop when there are on-demand entropy sources like RDRAND/RDSEED.

(By default, kern.entropy.depletion=0, so this mainly only affects
systems where you're simulating what happens when /dev/random blocks
for testing.)


To generate a diff of this commit:
cvs rdiff -u -r1.11 -r1.12 src/sys/kern/kern_entropy.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Prev by Date: CVS commit: src/sys/arch/xen/xen
Next by Date: CVS commit: src/external/cddl/osnet/dist/uts/common/fs/zfs
Previous by Thread: CVS commit: src/sys/arch/xen/xen
Next by Thread: CVS commit: src/external/cddl/osnet/dist/uts/common/fs/zfs
Indexes:

Home | Main Index | Thread Index | Old Index