rngd: As long as FIPS error rates are low, re-try the same source

Allow for a small number of FIPS errors before advancing to the next source. This prevents a high bandwidth source from stalling out by shifting to a low bandwidth source (e.g. DRNG->TPM) just because of a single FIPS failure. FIPS failures are frequent enough (1:1250) that this happens on a regular basis. Signed-off-by: H. Peter Anvin <hpa@linux.intel.com> Signed-off-by: Jeff Garzik <jgarzik@redhat.com>
author: H. Peter Anvin <hpa@linux.intel.com> 2012-08-01 14:31:41 -0700
committer: Jeff Garzik <jgarzik@redhat.com> 2012-08-02 00:19:09 -0400
commit: 3b4a281bd20d3e88efae159fd722dd4292380c02 (patch)
tree: e90ff980559a40bb80fd6849be3eb4afd048953d
parent: 0044517d087c442225891dd9a26ff52a602a295b (diff)
download: rng-tools-3b4a281bd20d3e88efae159fd722dd4292380c02.tar.gz
1 files changed, 5 insertions, 1 deletions
diff --git a/rngd.c b/rngd.c
index 7fe3398..a9dbcb8 100644
--- a/rngd.c
+++ b/rngd.c
@@ -242,6 +242,7 @@ static void do_loop(int random_step)
 			if (!server_running)
 				return;
 
+		retry_same:
 			if (iter->disabled)
 				continue;	/* failed, no work */
 
@@ -264,7 +265,10 @@ static void do_loop(int random_step)
 			}
 
 			iter->failures++;
-			if (iter->failures == MAX_RNG_FAILURES) {
+			if (iter->failures <= MAX_RNG_FAILURES/4) {
+				/* FIPS tests have false positives */
+				goto retry_same;
+			} else if (iter->failures >= MAX_RNG_FAILURES) {
 				if (!arguments->quiet)
 					message(LOG_DAEMON|LOG_ERR,
 					"too many FIPS failures, disabling entropy source\n");
author	H. Peter Anvin <hpa@linux.intel.com>	2012-08-01 14:31:41 -0700
committer	Jeff Garzik <jgarzik@redhat.com>	2012-08-02 00:19:09 -0400
commit	3b4a281bd20d3e88efae159fd722dd4292380c02 (patch)
tree	e90ff980559a40bb80fd6849be3eb4afd048953d
parent	0044517d087c442225891dd9a26ff52a602a295b (diff)
download	rng-tools-3b4a281bd20d3e88efae159fd722dd4292380c02.tar.gz