[PATCH urngd] Fix busy loop in case of ioctl(RNDADDENTROPY) failure

Petr Štetiar ynezz at true.cz
Sat Jan 30 09:46:03 EST 2021


Giovanni Giacobbi <giovanni at giacobbi.net> [2021-01-30 13:45:21]:

Hi,

> On systems where adding entropy to /dev/random using ioctl(RNDADDENTROPY) is
> not allowed (notably: docker containers), avoid entering a busy loop that
> consumes high cpu, as the poll loop will keep firing.
> 
> Cc: Petr Štetiar <ynezz at true.cz>
> ---
>  urngd.c | 7 ++++++-
>  1 file changed, 6 insertions(+), 1 deletion(-)
> 
> diff --git a/urngd.c b/urngd.c
> index 35ccdec..410d300 100644
> --- a/urngd.c
> +++ b/urngd.c
> @@ -129,9 +129,14 @@ static size_t gather_entropy(struct urngd *u)
>  static void low_entropy_cb(struct uloop_fd *ufd, unsigned int events)
>  {
>  	struct urngd *u = container_of(ufd, struct urngd, rnd_fd);
> +	size_t res;
>  
>  	DEBUG(2, DEV_RANDOM " signals low entropy\n");
> -	gather_entropy(u);
> +	res = gather_entropy(u);
> +	if (!res) {
> +		DEBUG(2, "gather_entropy failed, delaying further attempts\n");
> +		sleep(60);
> +	}

this looks like a workaround. That ioctl() call likely returns EPERM error
which should be handled properly, probably by error message "CAP_SYS_ADMIN (or
whatever else) is mandatory for proper operation" followed by a termination of
daemon.  I think, that it makes no sense to keep running in such cases.

Cheers,

Petr



More information about the openwrt-devel mailing list