CVS commit: src/sys/dev/acpi

Mon, 26 Aug 2024 06:53:28 -0700 

Module Name:    src
Committed By:   riastradh
Date:           Mon Aug 26 13:53:22 UTC 2024

Modified Files:
        src/sys/dev/acpi: acpi_vmgenid.c

Log Message:
acpivmgenid(4): Reset and gather entropy on VM clone notification.

PR kern/58632: getentropy(2) and arc4random(3) do not reseed on VM
fork


To generate a diff of this commit:
cvs rdiff -u -r1.1 -r1.2 src/sys/dev/acpi/acpi_vmgenid.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.


Modified files:

Index: src/sys/dev/acpi/acpi_vmgenid.c
diff -u src/sys/dev/acpi/acpi_vmgenid.c:1.1 src/sys/dev/acpi/acpi_vmgenid.c:1.2
--- src/sys/dev/acpi/acpi_vmgenid.c:1.1	Mon Aug 26 13:38:28 2024
+++ src/sys/dev/acpi/acpi_vmgenid.c	Mon Aug 26 13:53:22 2024
@@ -1,4 +1,4 @@
-/*	$NetBSD: acpi_vmgenid.c,v 1.1 2024/08/26 13:38:28 riastradh Exp $	*/
+/*	$NetBSD: acpi_vmgenid.c,v 1.2 2024/08/26 13:53:22 riastradh Exp $	*/
 
 /*-
  * Copyright (c) 2024 The NetBSD Foundation, Inc.
@@ -44,7 +44,7 @@
  */
 
 #include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: acpi_vmgenid.c,v 1.1 2024/08/26 13:38:28 riastradh Exp $");
+__KERNEL_RCSID(0, "$NetBSD: acpi_vmgenid.c,v 1.2 2024/08/26 13:53:22 riastradh Exp $");
 
 #include <sys/device.h>
 #include <sys/entropy.h>
@@ -293,13 +293,19 @@ acpivmgenid_reset(void *cookie)
 	struct acpivmgenid_softc *const sc = cookie;
 
 	/*
+	 * Reset the system entropy pool's measure of entropy (not the
+	 * data, just the system's assessment of whether it has
+	 * entropy), and gather more entropy from any synchronous
+	 * sources we have available like CPU RNG instructions.  We
+	 * can't be interrupted by a signal so ignore return value.
+	 */
+	entropy_reset();
+	(void)entropy_gather();
+
+	/*
 	 * Grab the current VM generation ID to put it into the entropy
 	 * pool; then force consolidation so it affects all subsequent
 	 * draws from the entropy pool and the entropy epoch advances.
-	 *
-	 * XXX This should also reset the entropy count and request new
-	 * samples from all sources, but there currently isn't a good
-	 * way to do that after boot.
 	 */
 	acpivmgenid_set(sc, "cloned");
 	entropy_consolidate();

Reply via email to