--- a/src/crypto/random.c +++ b/src/crypto/random.c @@ -38,6 +38,8 @@ #include "sha1.h" #include "random.h" +#define RANDOM_STAMPFILE "/var/run/.random_available" + #define POOL_WORDS 32 #define POOL_WORDS_MASK (POOL_WORDS - 1) #define POOL_TAP1 26 @@ -48,6 +50,8 @@ #define EXTRACT_LEN 16 #define MIN_READY_MARK 2 +#ifndef CONFIG_NO_RANDOM_POOL + static u32 pool[POOL_WORDS]; static unsigned int input_rotate = 0; static unsigned int pool_pos = 0; @@ -122,7 +126,7 @@ static void random_extract(u8 *out) } -void random_add_randomness(const void *buf, size_t len) +static void random_pool_add_randomness(const void *buf, size_t len) { struct os_time t; static unsigned int count = 0; @@ -191,16 +195,22 @@ int random_get_bytes(void *buf, size_t l int random_pool_ready(void) { #ifdef __linux__ + struct stat st; int fd; ssize_t res; + if (stat(RANDOM_STAMPFILE, &st) == 0) + return 1; + /* * Make sure that there is reasonable entropy available before allowing * some key derivation operations to proceed. */ - if (dummy_key_avail == sizeof(dummy_key)) + if (dummy_key_avail == sizeof(dummy_key)) { + random_mark_pool_ready(); return 1; /* Already initialized - good to continue */ + } /* * Try to fetch some more data from the kernel high quality @@ -232,8 +242,10 @@ int random_pool_ready(void) dummy_key_avail += res; close(fd); - if (dummy_key_avail == sizeof(dummy_key)) + if (dummy_key_avail == sizeof(dummy_key)) { + random_mark_pool_ready(); return 1; + } wpa_printf(MSG_INFO, "random: Only %u/%u bytes of strong " "random data available from /dev/random", @@ -243,6 +255,7 @@ int random_pool_ready(void) total_collected + 10 * own_pool_ready > MIN_COLLECT_ENTROPY) { wpa_printf(MSG_INFO, "random: Allow operation to proceed " "based on internal entropy"); + random_mark_pool_ready(); return 1; } @@ -258,9 +271,15 @@ int random_pool_ready(void) void random_mark_pool_ready(void) { + int fd; + own_pool_ready++; wpa_printf(MSG_DEBUG, "random: Mark internal entropy pool to be " "ready (count=%u/%u)", own_pool_ready, MIN_READY_MARK); + + fd = open(RANDOM_STAMPFILE, O_CREAT | O_WRONLY | O_EXCL | O_NOFOLLOW, 0600); + if (fd >= 0) + close(fd); } @@ -335,3 +354,22 @@ void random_deinit(void) random_close_fd(); #endif /* __linux__ */ } + +#endif /* CONFIG_NO_RANDOM_POOL */ + + +void random_add_randomness(const void *buf, size_t len) +{ +#ifdef __linux__ + int fd; + + fd = open("/dev/random", O_RDWR); + if (fd >= 0) { + write(fd, buf, len); + close(fd); + } +#endif +#ifndef CONFIG_NO_RANDOM_POOL + random_pool_add_randomness(buf, len); +#endif +} --- a/hostapd/Makefile +++ b/hostapd/Makefile @@ -698,11 +698,11 @@ endif ifdef CONFIG_NO_RANDOM_POOL CFLAGS += -DCONFIG_NO_RANDOM_POOL else -OBJS += ../src/crypto/random.o -HOBJS += ../src/crypto/random.o HOBJS += $(SHA1OBJS) HOBJS += ../src/crypto/md5.o endif +OBJS += ../src/crypto/random.o +HOBJS += ../src/crypto/random.o ifdef CONFIG_RADIUS_SERVER CFLAGS += -DRADIUS_SERVER --- a/wpa_supplicant/Makefile +++ b/wpa_supplicant/Makefile @@ -1101,9 +1101,8 @@ endif ifdef CONFIG_NO_RANDOM_POOL CFLAGS += -DCONFIG_NO_RANDOM_POOL -else -OBJS += ../src/crypto/random.o endif +OBJS += ../src/crypto/random.o ifdef CONFIG_CTRL_IFACE ifeq ($(CONFIG_CTRL_IFACE), y) --- a/wpa_supplicant/Android.mk +++ b/wpa_supplicant/Android.mk @@ -1109,9 +1109,8 @@ endif ifdef CONFIG_NO_RANDOM_POOL L_CFLAGS += -DCONFIG_NO_RANDOM_POOL -else -OBJS += src/crypto/random.c endif +OBJS += src/crypto/random.c ifdef CONFIG_CTRL_IFACE ifeq ($(CONFIG_CTRL_IFACE), y) --- a/hostapd/Android.mk +++ b/hostapd/Android.mk @@ -717,11 +717,11 @@ endif ifdef CONFIG_NO_RANDOM_POOL L_CFLAGS += -DCONFIG_NO_RANDOM_POOL else -OBJS += src/crypto/random.c -HOBJS += src/crypto/random.c HOBJS += $(SHA1OBJS) HOBJS += src/crypto/md5.c endif +OBJS += src/crypto/random.c +HOBJS += src/crypto/random.c ifdef CONFIG_RADIUS_SERVER L_CFLAGS += -DRADIUS_SERVER --- a/src/crypto/random.h +++ b/src/crypto/random.h @@ -18,17 +18,16 @@ #ifdef CONFIG_NO_RANDOM_POOL #define random_init() do { } while (0) #define random_deinit() do { } while (0) -#define random_add_randomness(b, l) do { } while (0) #define random_get_bytes(b, l) os_get_random((b), (l)) #define random_pool_ready() 1 #define random_mark_pool_ready() do { } while (0) #else /* CONFIG_NO_RANDOM_POOL */ void random_init(void); void random_deinit(void); -void random_add_randomness(const void *buf, size_t len); int random_get_bytes(void *buf, size_t len); int random_pool_ready(void); void random_mark_pool_ready(void); #endif /* CONFIG_NO_RANDOM_POOL */ +void random_add_randomness(const void *buf, size_t len); #endif /* RANDOM_H */