* [PATCH] lib: random: add CONFIG_INSECURE logging of seeds
@ 2025-05-28 15:37 Ahmad Fatoum
0 siblings, 0 replies; only message in thread
From: Ahmad Fatoum @ 2025-05-28 15:37 UTC (permalink / raw)
To: barebox; +Cc: Ahmad Fatoum
clocksource_srand() can be called after events that take a varying
amount of time to extract some entropy. To get an idea about how much
entropy we are getting out, add a CONFIG_INSECURE-guarded debug print
that prints the seeds out as-is.
Signed-off-by: Ahmad Fatoum <a.fatoum@pengutronix.de>
---
lib/random.c | 8 ++++++++
1 file changed, 8 insertions(+)
diff --git a/lib/random.c b/lib/random.c
index 889d314e0fad..632f361c4627 100644
--- a/lib/random.c
+++ b/lib/random.c
@@ -11,6 +11,8 @@
* CONFIG_ALLOW_PRNG_FALLBACK set, which will emit a warning at runtime.
*/
+#define pr_fmt(fmt) "random: " fmt
+
#include <common.h>
#include <stdlib.h>
#include <linux/hw_random.h>
@@ -75,6 +77,12 @@ void randbuf_r(u64 *x, void *buf, size_t len)
*/
void srand_xor(u64 entropy)
{
+ /* The PRNG shouldn't be used for crypto anyway, but still let's not
+ * divulge the whole state in secure configurations.
+ */
+ if (IS_ENABLED(CONFIG_INSECURE))
+ pr_debug("PRNG seeded with %llu\n", entropy);
+
prng_state ^= entropy;
/* Ensure prng_state is never zero */
prng_state += !prng_state;
--
2.39.5
^ permalink raw reply [flat|nested] only message in thread
only message in thread, other threads:[~2025-05-28 16:28 UTC | newest]
Thread overview: (only message) (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2025-05-28 15:37 [PATCH] lib: random: add CONFIG_INSECURE logging of seeds Ahmad Fatoum
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox