random: print a warning for the first ten uninitialized random users
authorTheodore Ts'o <tytso@mit.edu>
Mon, 13 Jun 2016 14:10:51 +0000 (10:10 -0400)
committerTheodore Ts'o <tytso@mit.edu>
Mon, 13 Jun 2016 15:54:26 +0000 (11:54 -0400)
Since systemd is consistently using /dev/urandom before it is
initialized, we can't see the other potentially dangerous users of
/dev/urandom immediately after boot.  So print the first ten such
complaints instead.

Cc: stable@kernel.org
Signed-off-by: Theodore Ts'o <tytso@mit.edu>
drivers/char/random.c

index 4e2627a8d22671bed9459245a356592a6ffdac4c..d057438266bb45efd21ce9d6ccee39b3da23067f 100644 (file)
@@ -1458,12 +1458,16 @@ random_read(struct file *file, char __user *buf, size_t nbytes, loff_t *ppos)
 static ssize_t
 urandom_read(struct file *file, char __user *buf, size_t nbytes, loff_t *ppos)
 {
+       static int maxwarn = 10;
        int ret;
 
-       if (unlikely(nonblocking_pool.initialized == 0))
-               printk_once(KERN_NOTICE "random: %s urandom read "
-                           "with %d bits of entropy available\n",
-                           current->comm, nonblocking_pool.entropy_total);
+       if (unlikely(nonblocking_pool.initialized == 0) &&
+           maxwarn > 0) {
+               maxwarn--;
+               printk(KERN_NOTICE "random: %s: uninitialized urandom read "
+                      "(%zd bytes read, %d bits of entropy available)\n",
+                      current->comm, nbytes, nonblocking_pool.entropy_total);
+       }
 
        nbytes = min_t(size_t, nbytes, INT_MAX >> (ENTROPY_SHIFT + 3));
        ret = extract_entropy_user(&nonblocking_pool, buf, nbytes);