package/hostapd/patches/700-random_pool_add_kernel.patch

   1 --- a/src/crypto/random.c
   2 +++ b/src/crypto/random.c
   3 @@ -38,6 +38,8 @@
   4  #include "sha1.h"
   5  #include "random.h"
   6
   7 +#define RANDOM_STAMPFILE "/var/run/.random_available"
   8 +
   9  #define POOL_WORDS 32
  10  #define POOL_WORDS_MASK (POOL_WORDS - 1)
  11  #define POOL_TAP1 26
  12 @@ -48,6 +50,8 @@
  13  #define EXTRACT_LEN 16
  14  #define MIN_READY_MARK 2
  15
  16 +#ifndef CONFIG_NO_RANDOM_POOL
  17 +
  18  static u32 pool[POOL_WORDS];
  19  static unsigned int input_rotate = 0;
  20  static unsigned int pool_pos = 0;
  21 @@ -128,7 +132,7 @@ static void random_extract(u8 *out)
  22  }
  23
  24
  25 -void random_add_randomness(const void *buf, size_t len)
  26 +static void random_pool_add_randomness(const void *buf, size_t len)
  27  {
  28         struct os_time t;
  29         static unsigned int count = 0;
  30 @@ -197,16 +201,22 @@ int random_get_bytes(void *buf, size_t l
  31  int random_pool_ready(void)
  32  {
  33  #ifdef __linux__
  34 +       struct stat st;
  35         int fd;
  36         ssize_t res;
  37
  38 +       if (stat(RANDOM_STAMPFILE, &st) == 0)
  39 +               return 1;
  40 +
  41         /*
  42          * Make sure that there is reasonable entropy available before allowing
  43          * some key derivation operations to proceed.
  44          */
  45
  46 -       if (dummy_key_avail == sizeof(dummy_key))
  47 +       if (dummy_key_avail == sizeof(dummy_key)) {
  48 +               random_mark_pool_ready();
  49                 return 1; /* Already initialized - good to continue */
  50 +       }
  51
  52         /*
  53          * Try to fetch some more data from the kernel high quality
  54 @@ -241,6 +251,7 @@ int random_pool_ready(void)
  55         if (dummy_key_avail == sizeof(dummy_key)) {
  56                 if (own_pool_ready < MIN_READY_MARK)
  57                         own_pool_ready = MIN_READY_MARK;
  58 +               random_mark_pool_ready();
  59                 random_write_entropy();
  60                 return 1;
  61         }
  62 @@ -253,6 +264,7 @@ int random_pool_ready(void)
  63             total_collected + 10 * own_pool_ready > MIN_COLLECT_ENTROPY) {
  64                 wpa_printf(MSG_INFO, "random: Allow operation to proceed "
  65                            "based on internal entropy");
  66 +               random_mark_pool_ready();
  67                 return 1;
  68         }
  69
  70 @@ -268,10 +280,16 @@ int random_pool_ready(void)
  71
  72  void random_mark_pool_ready(void)
  73  {
  74 +       int fd;
  75 +
  76         own_pool_ready++;
  77         wpa_printf(MSG_DEBUG, "random: Mark internal entropy pool to be "
  78                    "ready (count=%u/%u)", own_pool_ready, MIN_READY_MARK);
  79         random_write_entropy();
  80 +
  81 +       fd = open(RANDOM_STAMPFILE, O_CREAT | O_WRONLY | O_EXCL | O_NOFOLLOW, 0600);
  82 +       if (fd >= 0)
  83 +               close(fd);
  84  }
  85
  86
  87 @@ -428,3 +446,22 @@ void random_deinit(void)
  88         os_free(random_entropy_file);
  89         random_entropy_file = NULL;
  90  }
  91 +
  92 +#endif /* CONFIG_NO_RANDOM_POOL */
  93 +
  94 +
  95 +void random_add_randomness(const void *buf, size_t len)
  96 +{
  97 +#ifdef __linux__
  98 +       int fd;
  99 +
 100 +       fd = open("/dev/random", O_RDWR);
 101 +       if (fd >= 0) {
 102 +               write(fd, buf, len);
 103 +               close(fd);
 104 +       }
 105 +#endif
 106 +#ifndef CONFIG_NO_RANDOM_POOL
 107 +       random_pool_add_randomness(buf, len);
 108 +#endif
 109 +}
 110 --- a/wpa_supplicant/Makefile
 111 +++ b/wpa_supplicant/Makefile
 112 @@ -1137,9 +1137,8 @@ endif
 113
 114  ifdef CONFIG_NO_RANDOM_POOL
 115  CFLAGS += -DCONFIG_NO_RANDOM_POOL
 116 -else
 117 -OBJS += ../src/crypto/random.o
 118  endif
 119 +OBJS += ../src/crypto/random.o
 120
 121  ifdef CONFIG_CTRL_IFACE
 122  ifeq ($(CONFIG_CTRL_IFACE), y)
 123 --- a/wpa_supplicant/Android.mk
 124 +++ b/wpa_supplicant/Android.mk
 125 @@ -1132,9 +1132,8 @@ endif
 126
 127  ifdef CONFIG_NO_RANDOM_POOL
 128  L_CFLAGS += -DCONFIG_NO_RANDOM_POOL
 129 -else
 130 -OBJS += src/crypto/random.c
 131  endif
 132 +OBJS += src/crypto/random.c
 133
 134  ifdef CONFIG_CTRL_IFACE
 135  ifeq ($(CONFIG_CTRL_IFACE), y)
 136 --- a/hostapd/Android.mk
 137 +++ b/hostapd/Android.mk
 138 @@ -720,11 +720,11 @@ endif
 139  ifdef CONFIG_NO_RANDOM_POOL
 140  L_CFLAGS += -DCONFIG_NO_RANDOM_POOL
 141  else
 142 -OBJS += src/crypto/random.c
 143 -HOBJS += src/crypto/random.c
 144  HOBJS += $(SHA1OBJS)
 145  HOBJS += src/crypto/md5.c
 146  endif
 147 +OBJS += src/crypto/random.c
 148 +HOBJS += src/crypto/random.c
 149
 150  ifdef CONFIG_RADIUS_SERVER
 151  L_CFLAGS += -DRADIUS_SERVER
 152 --- a/hostapd/Makefile
 153 +++ b/hostapd/Makefile
 154 @@ -707,12 +707,12 @@ endif
 155  ifdef CONFIG_NO_RANDOM_POOL
 156  CFLAGS += -DCONFIG_NO_RANDOM_POOL
 157  else
 158 -OBJS += ../src/crypto/random.o
 159 -HOBJS += ../src/crypto/random.o
 160  HOBJS += ../src/utils/eloop.o
 161  HOBJS += $(SHA1OBJS)
 162  HOBJS += ../src/crypto/md5.o
 163  endif
 164 +OBJS += ../src/crypto/random.o
 165 +HOBJS += ../src/crypto/random.o
 166
 167  ifdef CONFIG_RADIUS_SERVER
 168  CFLAGS += -DRADIUS_SERVER