NetBSD Problem Report #58646
From www@netbsd.org Mon Aug 26 10:08:24 2024
Return-Path: <www@netbsd.org>
Received: from mail.netbsd.org (mail.netbsd.org [199.233.217.200])
(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256
client-signature RSA-PSS (2048 bits) client-digest SHA256)
(Client CN "mail.NetBSD.org", Issuer "mail.NetBSD.org CA" (not verified))
by mollari.NetBSD.org (Postfix) with ESMTPS id 5E7C11A923F
for <gnats-bugs@gnats.NetBSD.org>; Mon, 26 Aug 2024 10:08:24 +0000 (UTC)
Message-Id: <20240826100823.0EB001A9241@mollari.NetBSD.org>
Date: Mon, 26 Aug 2024 10:08:23 +0000 (UTC)
From: campbell+netbsd@mumble.net
Reply-To: campbell+netbsd@mumble.net
To: gnats-bugs@NetBSD.org
Subject: /dev/random, kern.entropy.*: signal bugs
X-Send-Pr-Version: www-1.0
>Number: 58646
>Category: kern
>Synopsis: /dev/random, kern.entropy.*: signal bugs
>Confidential: no
>Severity: serious
>Priority: medium
>Responsible: riastradh
>State: needs-pullups
>Class: sw-bug
>Submitter-Id: net
>Arrival-Date: Mon Aug 26 10:10:00 +0000 2024
>Closed-Date:
>Last-Modified: Tue Aug 27 01:00:04 +0000 2024
>Originator: Taylor R Campbell
>Release: current, 10
>Organization:
The NentropyBSigD Foundation
>Environment:
>Description:
1. If a long write to /dev/random is interrupted by a signal, it may proceed to sleep on the entropy source lock instead of returning promptly.
2. If a write to /dev/random is interrupted by a signal while sleeping on the entropy source lock, it may fail to report EINTR.
3. If `sysctl -w kern.entropy.consolidate=1' is interrupted by a signal, it may fail to report EINTR.
4. If `sysctl -w kern.entropy.gather=1' is interrupted by a signal, it may fail to report EINTR.
5. If ioctl(RNDCTL) is interrupted by a signal, it may fail to report EINTR.
>How-To-Repeat:
randomly randomize randomness and signals
>Fix:
Yes, please!
>Release-Note:
>Audit-Trail:
Responsible-Changed-From-To: kern-bug-people->riastradh
Responsible-Changed-By: riastradh@NetBSD.org
Responsible-Changed-When: Mon, 26 Aug 2024 10:39:26 +0000
Responsible-Changed-Why:
mine
From: "Taylor R Campbell" <riastradh@netbsd.org>
To: gnats-bugs@gnats.NetBSD.org
Cc:
Subject: PR/58646 CVS commit: src/sys
Date: Mon, 26 Aug 2024 13:46:04 +0000
Module Name: src
Committed By: riastradh
Date: Mon Aug 26 13:46:03 UTC 2024
Modified Files:
src/sys/kern: kern_entropy.c
src/sys/sys: entropy.h
Log Message:
entropy(9): New function entropy_consolidate_sig.
This is the same as entropy_consolidate, but it returns EINTR if
interrupted by a signal and 0 otherwise. (entropy_consolidate can
already be interrupted by a signal -- it just doesn't tell you if it
was.)
Eventually these will be merged into a single entropy_consolidate
that returns the error code, but adding a new symbol first makes it
safe for pullup-10.
PR kern/58646: /dev/random, kern.entropy.*: signal bugs
To generate a diff of this commit:
cvs rdiff -u -r1.66 -r1.67 src/sys/kern/kern_entropy.c
cvs rdiff -u -r1.4 -r1.5 src/sys/sys/entropy.h
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
From: "Taylor R Campbell" <riastradh@netbsd.org>
To: gnats-bugs@gnats.NetBSD.org
Cc:
Subject: PR/58646 CVS commit: src/sys/dev
Date: Mon, 26 Aug 2024 13:46:51 +0000
Module Name: src
Committed By: riastradh
Date: Mon Aug 26 13:46:51 UTC 2024
Modified Files:
src/sys/dev: random.c
Log Message:
/dev/random: Fix two signal bugs.
1. If a long write to /dev/random is interrupted by a signal, it may
proceed to sleep on the entropy source lock instead of returning
promptly.
=> Don't try to consolidate entropy if we've already been
interrupted by a signal.
2. If a write to /dev/random is interrupted by a signal while
sleeping on the entropy source lock, it may fail to report EINTR.
=> Pass through EINTR from entropy consolidation via new
entropy_consolidate_sig function.
PR kern/58646: /dev/random, kern.entropy.*: signal bugs
To generate a diff of this commit:
cvs rdiff -u -r1.10 -r1.11 src/sys/dev/random.c
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
From: "Taylor R Campbell" <riastradh@netbsd.org>
To: gnats-bugs@gnats.NetBSD.org
Cc:
Subject: PR/58646 CVS commit: src/sys/kern
Date: Mon, 26 Aug 2024 13:47:52 +0000
Module Name: src
Committed By: riastradh
Date: Mon Aug 26 13:47:52 UTC 2024
Modified Files:
src/sys/kern: kern_entropy.c
Log Message:
kern.entropy.consolidate, ioctl(RNDCTL): Fail with EINTR on signal.
This can happen if another thread is currently running consolidation
and has the entropy source lock held. Use the new function
entropy_consolidate_sig to get at EINTR.
PR kern/58646: /dev/random, kern.entropy.*: signal bugs
To generate a diff of this commit:
cvs rdiff -u -r1.67 -r1.68 src/sys/kern/kern_entropy.c
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
From: "Taylor R Campbell" <riastradh@netbsd.org>
To: gnats-bugs@gnats.NetBSD.org
Cc:
Subject: PR/58646 CVS commit: src/sys/kern
Date: Mon, 26 Aug 2024 13:48:04 +0000
Module Name: src
Committed By: riastradh
Date: Mon Aug 26 13:48:04 UTC 2024
Modified Files:
src/sys/kern: kern_entropy.c
Log Message:
kern.entropy.gather: Fail with EINTR on signal.
Just don't throw away the error code we already have!
PR kern/58646: /dev/random, kern.entropy.*: signal bugs
To generate a diff of this commit:
cvs rdiff -u -r1.68 -r1.69 src/sys/kern/kern_entropy.c
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
State-Changed-From-To: open->needs-pullups
State-Changed-By: riastradh@NetBSD.org
State-Changed-When: Mon, 26 Aug 2024 14:03:36 +0000
State-Changed-Why:
fixed in HEAD, needs pullup-10, inapplicable <10
From: "Taylor R Campbell" <riastradh@netbsd.org>
To: gnats-bugs@gnats.NetBSD.org
Cc:
Subject: PR/58646 CVS commit: src/sys
Date: Tue, 27 Aug 2024 00:56:47 +0000
Module Name: src
Committed By: riastradh
Date: Tue Aug 27 00:56:47 UTC 2024
Modified Files:
src/sys/dev: random.c
src/sys/dev/acpi: acpi_vmgenid.c
src/sys/kern: kern_entropy.c
src/sys/sys: entropy.h
Log Message:
entropy(9): Merge entropy_consolidate, entropy_consolidate_sig.
entropy_consolidate can already be interrupted by a signal -- it just
doesn't tell the caller this happened. So make it return the error
code, and delete entropy_consolidate_sig.
NOTE: This changes the semantics of an existing symbol, so it can't
be pulled up. (It might in principle be ABI-compatible because the
old symbol returned void and the new one returns int, so the caller
can just ignore the return value register in most if not all ABIs,
but I organized the relevant changes so we can pull up bug fixes
without thinking about this.) This is just tidying the kernel API
after all the previous fixes which can be pulled up.
PR kern/58646: /dev/random, kern.entropy.*: signal bugs
To generate a diff of this commit:
cvs rdiff -u -r1.11 -r1.12 src/sys/dev/random.c
cvs rdiff -u -r1.2 -r1.3 src/sys/dev/acpi/acpi_vmgenid.c
cvs rdiff -u -r1.71 -r1.72 src/sys/kern/kern_entropy.c
cvs rdiff -u -r1.6 -r1.7 src/sys/sys/entropy.h
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
>Unformatted:
(Contact us)
$NetBSD: query-full-pr,v 1.47 2022/09/11 19:34:41 kim Exp $
$NetBSD: gnats_config.sh,v 1.9 2014/08/02 14:16:04 spz Exp $
Copyright © 1994-2024
The NetBSD Foundation, Inc. ALL RIGHTS RESERVED.