From: Theodore Ts'o Date: Thu, 22 Dec 2011 21:28:01 +0000 (-0500) Subject: random: Use arch-specific RNG to initialize the entropy store X-Git-Tag: v3.2.27~59 X-Git-Url: https://git.karo-electronics.de/?a=commitdiff_plain;h=1d1e71f1bd606f77b5e49d9077d6ce23d3f8fc06;p=karo-tx-linux.git random: Use arch-specific RNG to initialize the entropy store commit 3e88bdff1c65145f7ba297ccec69c774afe4c785 upstream. If there is an architecture-specific random number generator (such as RDRAND for Intel architectures), use it to initialize /dev/random's entropy stores. Even in the worst case, if RDRAND is something like AES(NSA_KEY, counter++), it won't hurt, and it will definitely help against any other adversaries. Signed-off-by: "Theodore Ts'o" Link: http://lkml.kernel.org/r/1324589281-31931-1-git-send-email-tytso@mit.edu Signed-off-by: H. Peter Anvin Signed-off-by: Ben Hutchings --- diff --git a/drivers/char/random.c b/drivers/char/random.c index 85da8740586b..30794779c523 100644 --- a/drivers/char/random.c +++ b/drivers/char/random.c @@ -965,6 +965,7 @@ EXPORT_SYMBOL(get_random_bytes); */ static void init_std_data(struct entropy_store *r) { + int i; ktime_t now; unsigned long flags; @@ -974,6 +975,11 @@ static void init_std_data(struct entropy_store *r) now = ktime_get_real(); mix_pool_bytes(r, &now, sizeof(now)); + for (i = r->poolinfo->poolwords; i; i--) { + if (!arch_get_random_long(&flags)) + break; + mix_pool_bytes(r, &flags, sizeof(flags)); + } mix_pool_bytes(r, utsname(), sizeof(*(utsname()))); }