NetBSD Problem Report #55783
From martin@aprisoft.de Wed Nov 4 10:42:04 2020
Return-Path: <martin@aprisoft.de>
Received: from mail.netbsd.org (mail.netbsd.org [199.233.217.200])
(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
(Client CN "mail.NetBSD.org", Issuer "mail.NetBSD.org CA" (not verified))
by mollari.NetBSD.org (Postfix) with ESMTPS id 58A551A9246
for <gnats-bugs@gnats.NetBSD.org>; Wed, 4 Nov 2020 10:42:04 +0000 (UTC)
Message-Id: <20201104092454.6DE605CC7A1@emmas.aprisoft.de>
Date: Wed, 4 Nov 2020 10:24:54 +0100 (CET)
From: martin@NetBSD.org
Reply-To: martin@NetBSD.org
To: gnats-bugs@NetBSD.org
Subject: rndctl -L broken
X-Send-Pr-Version: 3.95
>Number: 55783
>Category: bin
>Synopsis: rndctl -L broken
>Confidential: no
>Severity: critical
>Priority: high
>Responsible: bin-bug-people
>State: open
>Class: sw-bug
>Submitter-Id: net
>Arrival-Date: Wed Nov 04 10:45:00 +0000 2020
>Last-Modified: Tue Jan 12 07:00:01 +0000 2021
>Originator: Martin Husemann
>Release: NetBSD 9.99.74
>Organization:
The NetBSD Foundation, Inc.
>Environment:
System: NetBSD h-pulse.aprisoft.de 9.99.74 NetBSD 9.99.74 (GENERIC64) #160: Tue Oct 20 20:56:57 CEST 2020 martin@seven-days-to-the-wolves.aprisoft.de:/work/src/sys/arch/evbarm/compile/GENERIC64 evbarm
Architecture: aarch64
Machine: evbarm
>Description:
On a machine with no entropy:
# sysctl kern.entropy
kern.entropy.collection = 1
kern.entropy.depletion = 0
kern.entropy.consolidate = -16384
kern.entropy.gather = -16384
kern.entropy.needed = 256
kern.entropy.pending = 0
kern.entropy.epoch = 20
I can not add entropy via rndctl -L:
# rndctl -L /tmp/entropy
# sysctl kern.entropy
kern.entropy.collection = 1
kern.entropy.depletion = 0
kern.entropy.consolidate = -16384
kern.entropy.gather = -16384
kern.entropy.needed = 256
kern.entropy.pending = 0
kern.entropy.epoch = 21
and there is no diagnostic message telling me what is wrong (epoch > 0 is
a hint, this machine used to have entropy and I manually depleted it for
testing).
>How-To-Repeat:
s/a
>Fix:
n/a
>Audit-Trail:
From: Taylor R Campbell <riastradh@NetBSD.org>
To: gnats-bugs@NetBSD.org
Cc:
Subject: Re: bin/55783: rndctl -L broken
Date: Tue, 12 Jan 2021 06:58:38 +0000
The patch below might improve it. Need to make sure it doesn't cause
overlapping output like <https://gnats.netbsd.org/55458>, though.
diff -r 039916e1f0c6 share/man/man4/rnd.4
--- a/share/man/man4/rnd.4 Sun Jan 10 18:19:10 2021 +0000
+++ b/share/man/man4/rnd.4 Tue Jan 12 06:56:24 2021 +0000
@@ -628,6 +628,13 @@ A buggy bootloader tried to provide an e
the kernel.
Subsequent seeds will be entered into the entropy pool, but they will
be considered to contribute no entropy.
+.It entropy: already seeded
+A seed was loaded with
+.Dv RNDADDDATA
+.Pq e.g., via Ic rndctl -L
+a second time, or after the bootloader already provided a seed.
+The seed will be entered into the pool, but it will be considered to
+contribute no entropy, in case it was actually using the same file.
.It entropy: ready
The system has full entropy for the first time.
.El
diff -r 039916e1f0c6 sys/kern/kern_entropy.c
--- a/sys/kern/kern_entropy.c Sun Jan 10 18:19:10 2021 +0000
+++ b/sys/kern/kern_entropy.c Tue Jan 12 06:56:24 2021 +0000
@@ -2313,7 +2313,9 @@ entropy_ioctl(unsigned long cmd, void *d
*/
if (privileged && rdata->entropy && rdata->len) {
mutex_enter(&E->lock);
- if (!E->seeded) {
+ if (E->seeded) {
+ printf("entropy: already seeded\n");
+ } else {
entropybits = MIN(rdata->entropy,
MIN(rdata->len, ENTROPY_CAPACITY)*NBBY);
E->seeded = true;
(Contact us)
$NetBSD: query-full-pr,v 1.46 2020/01/03 16:35:01 leot Exp $
$NetBSD: gnats_config.sh,v 1.9 2014/08/02 14:16:04 spz Exp $
Copyright © 1994-2020
The NetBSD Foundation, Inc. ALL RIGHTS RESERVED.