Allow for a small number of FIPS errors before advancing to the
next source. This prevents a high bandwidth source from stalling
out by shifting to a low bandwidth source (e.g. DRNG->TPM) just
because of a single FIPS failure. FIPS failures are frequent
enough (1:1250) that this happens on a regular basis.
Signed-off-by: H. Peter Anvin <hpa@linux.intel.com>
Signed-off-by: Jeff Garzik <jgarzik@redhat.com>
if (!server_running)
return;
+ retry_same:
if (iter->disabled)
continue; /* failed, no work */
}
iter->failures++;
- if (iter->failures == MAX_RNG_FAILURES) {
+ if (iter->failures <= MAX_RNG_FAILURES/4) {
+ /* FIPS tests have false positives */
+ goto retry_same;
+ } else if (iter->failures >= MAX_RNG_FAILURES) {
if (!arguments->quiet)
message(LOG_DAEMON|LOG_ERR,
"too many FIPS failures, disabling entropy source\n");