Date: Mon, 13 May 2019 07:55:01 +0000 From: bugzilla-noreply@freebsd.org To: bugs@FreeBSD.org Subject: [Bug 237869] is_random_seeded should perform pre_read for unseeded case Message-ID: <bug-237869-227@https.bugs.freebsd.org/bugzilla/>
index | next in thread | raw e-mail
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=237869 Bug ID: 237869 Summary: is_random_seeded should perform pre_read for unseeded case Product: Base System Version: CURRENT Hardware: Any OS: Any Status: New Severity: Affects Many People Priority: --- Component: kern Assignee: bugs@FreeBSD.org Reporter: delphij@FreeBSD.org I noticed the following on a recent -CURRENT amd64 system, this message on boot: arc4random: WARNING: initial seeding bypassed the cryptographic random device because it was not yet seeded and the knob 'bypass_before_seeding' was enabled. Despite /boot/entropy is preloaded. It looks like it was related to r346358. On my system, the call path is roughly: vnet_domain_init_inet_vnet_init -> arc4random() At the time, the entropy device have already seen /boot/entropy through random_harvestq_prime(), however, because nobody have read from entropy device, the pre_read method was never called, therefore the device would report itself as unseeded, even though it already have enough entropy to proceed. (By the way, r346292 should be reverted now that r346358 is landed). It looks like is_random_seeded should do something like: if (__predict_false(!p_random_alg_context->ra_seeded())) { p_random_alg_context->ra_pre_read(); return (p_random_alg_context->ra_seeded()); } return (true); Instead of its current form. Note that random_infra.c needs similar treatment as well; the current form is broken by the way. -- You are receiving this mail because: You are the assignee for the bug.help
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?bug-237869-227>