mirror of
https://github.com/freebsd/freebsd-src
synced 2024-09-20 16:54:02 +00:00
Generate a warning if the kernel's arc4random() is seeded with bogus entropy.
This commit is contained in:
parent
cb659153f9
commit
a7eaecefba
Notes:
svn2git
2020-12-20 02:59:44 +00:00
svn path=/head/; revision=230230
|
@ -37,6 +37,7 @@ __FBSDID("$FreeBSD$");
|
|||
#include <sys/queue.h>
|
||||
#include <sys/random.h>
|
||||
#include <sys/selinfo.h>
|
||||
#include <sys/syslog.h>
|
||||
#include <sys/systm.h>
|
||||
#include <sys/sysctl.h>
|
||||
|
||||
|
@ -48,6 +49,7 @@ static int read_random_phony(void *, int);
|
|||
|
||||
/* Structure holding the desired entropy sources */
|
||||
struct harvest_select harvest = { 1, 1, 1, 0 };
|
||||
static int warned = 0;
|
||||
|
||||
/* hold the address of the routine which is actually called if
|
||||
* the randomdev is loaded
|
||||
|
@ -71,6 +73,7 @@ random_yarrow_deinit_harvester(void)
|
|||
{
|
||||
reap_func = NULL;
|
||||
read_func = read_random_phony;
|
||||
warned = 0;
|
||||
}
|
||||
|
||||
/* Entropy harvesting routine. This is supposed to be fast; do
|
||||
|
@ -108,6 +111,11 @@ read_random_phony(void *buf, int count)
|
|||
u_long randval;
|
||||
int size, i;
|
||||
|
||||
if (!warned) {
|
||||
log(LOG_WARNING, "random device not loaded; using insecure entropy\n");
|
||||
warned = 1;
|
||||
}
|
||||
|
||||
/* srandom() is called in kern/init_main.c:proc0_post() */
|
||||
|
||||
/* Fill buf[] with random(9) output */
|
||||
|
|
Loading…
Reference in a new issue