From: H. Peter Anvin <hpa@linux.intel.com>
Date: Wed, 1 Aug 2012 21:31:41 +0000 (-0700)
Subject: rngd: As long as FIPS error rates are low, re-try the same source
X-Git-Tag: v4~2
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=3b4a281bd20d3e88efae159fd722dd4292380c02;p=thirdparty%2Frng-tools.git

rngd: As long as FIPS error rates are low, re-try the same source

Allow for a small number of FIPS errors before advancing to the
next source.  This prevents a high bandwidth source from stalling
out by shifting to a low bandwidth source (e.g. DRNG->TPM) just
because of a single FIPS failure.  FIPS failures are frequent
enough (1:1250) that this happens on a regular basis.

Signed-off-by: H. Peter Anvin <hpa@linux.intel.com>
Signed-off-by: Jeff Garzik <jgarzik@redhat.com>
---

diff --git a/rngd.c b/rngd.c
index 7fe3398..a9dbcb8 100644
--- a/rngd.c
+++ b/rngd.c
@@ -242,6 +242,7 @@ static void do_loop(int random_step)
 			if (!server_running)
 				return;
 
+		retry_same:
 			if (iter->disabled)
 				continue;	/* failed, no work */
 
@@ -264,7 +265,10 @@ static void do_loop(int random_step)
 			}
 
 			iter->failures++;
-			if (iter->failures == MAX_RNG_FAILURES) {
+			if (iter->failures <= MAX_RNG_FAILURES/4) {
+				/* FIPS tests have false positives */
+				goto retry_same;
+			} else if (iter->failures >= MAX_RNG_FAILURES) {
 				if (!arguments->quiet)
 					message(LOG_DAEMON|LOG_ERR,
 					"too many FIPS failures, disabling entropy source\n");