From 30e2b629cc9df4c76f63b56afb35ec9f7cc3f1ce Mon Sep 17 00:00:00 2001 From: John Denker Date: Wed, 16 Oct 2013 16:52:59 -0700 Subject: smarter about calculating /total/ entropy --- drivers/char/random.c | 15 +++++++++++++-- 1 file changed, 13 insertions(+), 2 deletions(-) diff --git a/drivers/char/random.c b/drivers/char/random.c index 4a2487c..b423214 100644 --- a/drivers/char/random.c +++ b/drivers/char/random.c @@ -201,6 +201,15 @@ * amount of stored entropy, measured in bits. This includes entropy * stored in both the input pool and the blocking pool. + * Exported interfaces ---- ioctl + * =============================== + *** FIXME + + **?? There may be older programs out there that write to + /dev/random and then do ioctl(RNDADDTOENTCNT...); this + is guaranteed to fail insidiously, since writing + to /dev/random does nothing to the input pool. + * Ensuring unpredictability at system startup * ============================================ * @@ -1497,8 +1506,10 @@ static long random_ioctl(struct file *f, unsigned int cmd, unsigned long arg) case RNDGETENTCNT: /* inherently racy, no point locking */ if (put_user(input_pool.entropy_count +#ifdef OVERCOMPLICATED + devrand_pool.entropy_count - + prng_pool.entropy_count, p)) +#endif + , p)) return -EFAULT; return 0; case RNDADDTOENTCNT: @@ -1636,7 +1647,7 @@ static int sum_entropy_count(struct ctl_table *table, int write, #ifdef OVERCOMPLICATED + devrand_pool.entropy_count #endif - + prng_pool.entropy_count; + ; return proc_dointvec(table, write, buffer, lenp, ppos); } -- cgit v1.2.3