entropy.h File Reference

Entropy source. More...

#include <stdint.h>
#include <string.h>
#include <assert.h>
#include <ipxe/hash_df.h>
#include <ipxe/sha256.h>
#include <ipxe/tables.h>
#include <config/entropy.h>

Go to the source code of this file.

Data Structures
struct	entropy_repetition_count_test
	Repetition count test state. More...
struct	entropy_adaptive_proportion_test
	Adaptive proportion test state. More...
struct	entropy_startup_test
	Startup test state. More...
struct	entropy_source
	An entropy source. More...

Macros
#define	MIN_ENTROPY_SCALE   ( 1 << 16 )
	Fixed-point scale for min-entropy amounts.
#define	MIN_ENTROPY(bits)
	Construct a min-entropy fixed-point value.
#define	ENTROPY_SOURCES   __table ( struct entropy_source, "entropy_sources" )
	Entropy source table.
#define	__entropy_source(order)
	Declare an entropy source.
#define	ENTROPY_PREFERRED   01
	Preferred entropy source.
#define	ENTROPY_NORMAL   02
	Normal entropy source.
#define	ENTROPY_FALLBACK   03
	Fallback entropy source.
#define	entropy_hash_df_algorithm   sha256_algorithm
	Use SHA-256 as the underlying hash algorithm for Hash_df.
#define	ENTROPY_HASH_DF_OUTLEN_BYTES   SHA256_DIGEST_SIZE
	Underlying hash algorithm output length (in bytes)
#define	ADAPTIVE_PROPORTION_WINDOW_SIZE   64
	Window size for the adaptive proportion test.
#define	APC_N_H(n, h)
	Combine adaptive proportion test window size and min-entropy.
#define	APC_TABLE_ROW(h, c16, c64, c256, c4096, c65536)
	Define a row of the adaptive proportion cutoff table.
#define	APC_NA   0
	Value used to represent "N/A" in adaptive proportion cutoff table.

Typedefs
typedef uint8_t	noise_sample_t
	A noise sample.
typedef uint8_t	entropy_sample_t
	An entropy sample.
typedef unsigned int	min_entropy_t
	An amount of min-entropy.

Functions
	FILE_LICENCE (GPL2_OR_LATER_OR_UBDL)
	FILE_SECBOOT (PERMITTED)
int	get_entropy_input_tmp (min_entropy_t min_entropy, uint8_t *tmp, size_t tmp_len)
	Obtain entropy input temporary buffer.
static int	get_noise (struct entropy_source *source, noise_sample_t *noise)
	Get noise sample.
static int	get_entropy_input (unsigned int min_entropy_bits, void *data, size_t min_len, size_t max_len)
	Obtain entropy input.
static unsigned int	entropy_repetition_count_cutoff (min_entropy_t min_entropy_per_sample)
	Calculate cutoff value for the repetition count test.
static unsigned int	entropy_adaptive_proportion_cutoff_lookup (unsigned int n, unsigned int h)
	Look up value in adaptive proportion test cutoff table.
static unsigned int	entropy_adaptive_proportion_cutoff (min_entropy_t min_entropy_per_sample)
	Calculate cutoff value for the adaptive proportion test.
static unsigned int	entropy_startup_test_count (unsigned int repetition_count_cutoff, unsigned int adaptive_proportion_cutoff)
	Calculate number of samples required for startup tests.
static void	entropy_init (struct entropy_source *source, min_entropy_t min_entropy_per_sample)
	Initialise entropy source.
int	entropy_enable (struct entropy_source *source)
	Enable entropy gathering.
void	entropy_disable (struct entropy_source *source)
	Disable entropy gathering.

Detailed Description

Entropy source.

Definition in file entropy.h.

Macro Definition Documentation

MIN_ENTROPY_SCALE

#define MIN_ENTROPY_SCALE   ( 1 << 16 )

Fixed-point scale for min-entropy amounts.

Definition at line 35 of file entropy.h.

Referenced by entropy_adaptive_proportion_cutoff(), and get_entropy_input_tmp().

MIN_ENTROPY

#define MIN_ENTROPY

(

bits

)

Value:

        ( ( min_entropy_t ) ( (bits) * MIN_ENTROPY_SCALE ) )

Construct a min-entropy fixed-point value.

Parameters

bits	min-entropy in bits

Return values

min_entropy

min-entropy as a fixed-point value

Definition at line 43 of file entropy.h.

#define MIN_ENTROPY( bits ) \
        ( ( min_entropy_t ) ( (bits) * MIN_ENTROPY_SCALE ) )

Referenced by efi_entropy_enable(), efirng_enable(), entropy_init(), entropy_repetition_count_cutoff(), get_entropy_input(), get_entropy_input_tmp(), rdrand_entropy_enable(), and rtc_entropy_enable().

ENTROPY_SOURCES

#define ENTROPY_SOURCES   __table ( struct entropy_source, "entropy_sources" )

Entropy source table.

Definition at line 170 of file entropy.h.

Referenced by entropy_enable_working(), and entropy_sample_test_exec().

__entropy_source

#define __entropy_source

(

order

)

Value:

__table_entry ( ENTROPY_SOURCES, order )

Declare an entropy source.

Definition at line 173 of file entropy.h.

Referenced by __entropy_source(), __entropy_source(), and __entropy_source().

entropy_hash_df_algorithm

#define entropy_hash_df_algorithm   sha256_algorithm

Use SHA-256 as the underlying hash algorithm for Hash_df.

Hash_df using SHA-256 is an Approved algorithm in ANS X9.82.

Definition at line 193 of file entropy.h.

Referenced by get_entropy_input(), and get_entropy_input_tmp().

ENTROPY_HASH_DF_OUTLEN_BYTES

#define ENTROPY_HASH_DF_OUTLEN_BYTES   SHA256_DIGEST_SIZE

Underlying hash algorithm output length (in bytes)

Definition at line 196 of file entropy.h.

Referenced by get_entropy_input().

ADAPTIVE_PROPORTION_WINDOW_SIZE

#define ADAPTIVE_PROPORTION_WINDOW_SIZE   64

Window size for the adaptive proportion test.

ANS X9.82 Part 2 (October 2011 Draft) Section 8.5.2.1.3.1.1 allows five possible window sizes: 16, 64, 256, 4096 and 65536.

We expect to generate relatively few (<256) entropy samples during a typical iPXE run; the use of a large window size would mean that the test would never complete a single cycle. We use a window size of 64, which is the smallest window size that permits values of H_min down to one bit per sample.

Definition at line 354 of file entropy.h.

Referenced by adaptive_proportion_test(), adaptive_proportion_test_init(), and entropy_adaptive_proportion_cutoff().

APC_N_H

#define APC_N_H	(		n,
			h )

Value:

( ( (n) << 8 ) | (h) )

Combine adaptive proportion test window size and min-entropy.

Parameters

n	N (window size)
h	H (min-entropy)

Return values

n_h	(N,H) combined value

Definition at line 363 of file entropy.h.

Referenced by entropy_adaptive_proportion_cutoff_lookup().

APC_TABLE_ROW

#define APC_TABLE_ROW	(		h,
			c16,
			c64,
			c256,
			c4096,
			c65536 )

Value:

        case APC_N_H ( 16, h ) :        return c16;                  \
        case APC_N_H ( 64, h ) :        return c64;                  \
        case APC_N_H ( 256, h ) :       return c256;                 \
        case APC_N_H ( 4096, h ) :      return c4096;                \
        case APC_N_H ( 65536, h ) :     return c65536;

Define a row of the adaptive proportion cutoff table.

Parameters

h	H (min-entropy)
c16	Cutoff for N=16
c64	Cutoff for N=64
c256	Cutoff for N=256
c4096	Cutoff for N=4096
c65536	Cutoff for N=65536

Definition at line 375 of file entropy.h.

#define APC_TABLE_ROW( h, c16, c64, c256, c4096, c65536)           \
        case APC_N_H ( 16, h ) :        return c16;                \
        case APC_N_H ( 64, h ) :        return c64;                \
        case APC_N_H ( 256, h ) :       return c256;               \
        case APC_N_H ( 4096, h ) :      return c4096;              \
        case APC_N_H ( 65536, h ) :     return c65536;

Referenced by entropy_adaptive_proportion_cutoff_lookup().

APC_NA

#define APC_NA   0

Value used to represent "N/A" in adaptive proportion cutoff table.

Definition at line 383 of file entropy.h.

Referenced by entropy_adaptive_proportion_cutoff(), and entropy_adaptive_proportion_cutoff_lookup().

Typedef Documentation

noise_sample_t

typedef uint8_t noise_sample_t

A noise sample.

Definition at line 22 of file entropy.h.

entropy_sample_t

typedef uint8_t entropy_sample_t

An entropy sample.

Definition at line 25 of file entropy.h.

min_entropy_t

typedef unsigned int min_entropy_t

An amount of min-entropy.

Expressed as a fixed-point quantity in order to avoid floating point calculations.

Definition at line 32 of file entropy.h.

Function Documentation

FILE_LICENCE()

FILE_LICENCE

(

GPL2_OR_LATER_OR_UBDL

)

FILE_SECBOOT()

FILE_SECBOOT

(

PERMITTED

)

get_entropy_input_tmp()

int get_entropy_input_tmp ( min_entropy_t min_entropy, uint8_t * tmp, size_t tmp_len )

extern

Obtain entropy input temporary buffer.

Parameters

min_entropy	Min-entropy required
tmp	Temporary buffer
tmp_len	Length of temporary buffer

Return values

rc	Return status code

This is (part of) the implementation of the Get_entropy_input function (using an entropy source as the source of entropy input and condensing each entropy source output after each GetEntropy call) as defined in ANS X9.82 Part 4 (April 2011 Draft) Section 13.3.4.2.

Definition at line 426 of file entropy.c.

                                             {
        struct entropy_source *source;
        struct {
                uint32_t nonce;
                entropy_sample_t sample;
        } __attribute__ (( packed )) data;;
        uint8_t df_buf[tmp_len];
        min_entropy_t entropy_total;
        unsigned int num_samples;
        unsigned int i;
        int rc;
 
        /* Enable entropy gathering */
        if ( ( rc = entropy_enable_working ( &source ) ) != 0 )
                goto err_enable_working;
 
        /* Sanity checks */
        assert ( source->startup_test.count > 0 );
        assert ( source->startup_test.tested >= source->startup_test.count );
 
        /* 3.  entropy_total = 0 */
        entropy_total = MIN_ENTROPY ( 0 );
 
        /* 4.  tmp = a fixed n-bit value, such as 0^n */
        memset ( tmp, 0, tmp_len );
 
        /* 5.  While ( entropy_total < min_entropy ) */
        for ( num_samples = 0 ; entropy_total < min_entropy ; num_samples++ ) {
                /* 5.1.  ( status, entropy_bitstring, assessed_entropy )
                 *       = GetEntropy()
                 * 5.2.  If status indicates an error, return ( status, Null )
                 */
                if ( ( rc = get_entropy ( source, &data.sample ) ) != 0 )
                        goto err_get_entropy;
 
                /* 5.3.  nonce = MakeNextNonce() */
                data.nonce = make_next_nonce();
 
                /* 5.4.  tmp = tmp XOR
                 *             df ( ( nonce || entropy_bitstring ), n )
                 */
                hash_df ( &entropy_hash_df_algorithm, &data, sizeof ( data ),
                          df_buf, sizeof ( df_buf ) );
                for ( i = 0 ; i < tmp_len ; i++ )
                        tmp[i] ^= df_buf[i];
 
                /* 5.5.  entropy_total = entropy_total + assessed_entropy */
                entropy_total += source->min_entropy_per_sample;
        }
 
        /* Disable entropy gathering */
        entropy_disable ( source );
 
        DBGC ( source, "ENTROPY %s gathered %d bits in %d samples\n",
               source->name, ( min_entropy / MIN_ENTROPY_SCALE ), num_samples );
        return 0;
 
 err_get_entropy:
        entropy_disable ( source );
        assert ( source->rc == rc );
 err_enable_working:
        return rc;
}

References __attribute__, assert, entropy_startup_test::count, data, DBGC, entropy_disable(), entropy_enable_working(), entropy_hash_df_algorithm, get_entropy(), hash_df(), make_next_nonce(), memset(), MIN_ENTROPY, entropy_source::min_entropy_per_sample, MIN_ENTROPY_SCALE, entropy_source::name, nonce, entropy_source::rc, rc, entropy_source::startup_test, entropy_startup_test::tested, and tmp.

Referenced by get_entropy_input().

get_noise()

int get_noise ( struct entropy_source * source, noise_sample_t * noise )

inlinestatic

Get noise sample.

Parameters

source

Entropy source

Return values

noise	Noise sample
rc	Return status code

This is the GetNoise function defined in ANS X9.82 Part 2 (October 2011 Draft) Section 6.5.2.

Definition at line 209 of file entropy.h.

                                                                   {
 
        return source->get_noise ( noise );
}

References entropy_source::get_noise.

Referenced by entropy_sample(), and get_entropy().

get_entropy_input()

int get_entropy_input ( unsigned int min_entropy_bits, void * data, size_t min_len, size_t max_len )

inlinestatic

Obtain entropy input.

Parameters

min_entropy_bits	Minimum amount of entropy, in bits
data	Data buffer
min_len	Minimum length of entropy input, in bytes
max_len	Maximum length of entropy input, in bytes

Return values

len	Length of entropy input, in bytes, or negative error

This is the implementation of the Get_entropy_input function (using an entropy source as the source of entropy input and condensing each entropy source output after each GetEntropy call) as defined in ANS X9.82 Part 4 (April 2011 Draft) Section 13.3.4.2.

This function is inlined since the entropy amount and length inputs are always compile-time constants.

Definition at line 232 of file entropy.h.

                                     {
        size_t tmp_len = ( ( ( min_entropy_bits * 2 ) + 7 ) / 8 );
        uint8_t tmp_buf[ tmp_len ];
        uint8_t *tmp = ( ( tmp_len > max_len ) ? tmp_buf : data );
        unsigned int n;
        int rc;
 
        /* Sanity check */
        build_assert ( min_entropy_bits <= ( 8 * max_len ) );
 
        /* Round up minimum entropy to an integral number of bytes */
        min_entropy_bits = ( ( min_entropy_bits + 7 ) & ~7 );
 
        /* (Unnumbered).  The output length of the hash function shall
         * meet or exceed the security strength indicated by the
         * min_entropy parameter.
         */
        build_assert ( ( 8 * ENTROPY_HASH_DF_OUTLEN_BYTES ) >=
                       min_entropy_bits );
 
        /* 1.  If ( min_length > max_length ), then return ( FAILURE, Null ) */
        build_assert ( min_len <= max_len );
 
        /* 2.  n = 2 * min_entropy */
        n = ( 2 * min_entropy_bits );
 
        /* 3.  entropy_total = 0
         * 4.  tmp = a fixed n-bit value, such as 0^n
         * 5.  While ( entropy_total < min_entropy )
         *     5.1.  ( status, entropy_bitstring, assessed_entropy )
         *           = GetEntropy()
         *     5.2.  If status indicates an error, return ( status, Null )
         *     5.3.  nonce = MakeNextNonce()
         *     5.4.  tmp = tmp XOR df ( ( nonce || entropy_bitstring ), n )
         *     5.5.  entropy_total = entropy_total + assessed_entropy
         *
         * (The implementation of these steps is inside the function
         * get_entropy_input_tmp().)
         */
        build_assert ( __builtin_constant_p ( tmp_len ) );
        build_assert ( n == ( 8 * tmp_len ) );
        if ( ( rc = get_entropy_input_tmp ( MIN_ENTROPY ( min_entropy_bits ),
                                            tmp, tmp_len ) ) != 0 ) {
                return rc;
        }
 
        /* 6.  If ( n < min_length ), then tmp = tmp || 0^(min_length-n)
         * 7.  If ( n > max_length ), then tmp = df ( tmp, max_length )
         * 8.  Return ( SUCCESS, tmp )
         */
        if ( tmp_len < min_len ) {
                /* (Data is already in-place.) */
                build_assert ( data == tmp );
                memset ( ( data + tmp_len ), 0, ( min_len - tmp_len ) );
                return min_len;
        } else if ( tmp_len > max_len ) {
                build_assert ( tmp == tmp_buf );
                hash_df ( &entropy_hash_df_algorithm, tmp, tmp_len,
                          data, max_len );
                return max_len;
        } else {
                /* (Data is already in-place.) */
                build_assert ( data == tmp );
                return tmp_len;
        }
}

References build_assert, data, entropy_hash_df_algorithm, ENTROPY_HASH_DF_OUTLEN_BYTES, get_entropy_input_tmp(), hash_df(), memset(), MIN_ENTROPY, rc, and tmp.

Referenced by drbg_instantiate(), and drbg_reseed().

entropy_repetition_count_cutoff()

unsigned int entropy_repetition_count_cutoff ( min_entropy_t min_entropy_per_sample )

inlinestatic

Calculate cutoff value for the repetition count test.

Parameters

min_entropy_per_sample

Min-entropy per sample

Return values

cutoff

Cutoff value

This is the cutoff value for the Repetition Count Test defined in ANS X9.82 Part 2 (October 2011 Draft) Section 8.5.2.1.2.

Definition at line 310 of file entropy.h.

                                                                         {
        double max_repetitions;
        unsigned int cutoff;
 
        /* The cutoff formula for the repetition test is:
         *
         *   C = ( 1 + ( -log2(W) / H_min ) )
         *
         * where W is set at 2^(-30) (in ANS X9.82 Part 2 (October
         * 2011 Draft) Section 8.5.2.1.3.1).
         */
        max_repetitions = ( 1 + ( MIN_ENTROPY ( 30 ) /
                                  min_entropy_per_sample ) );
 
        /* Round up to a whole number of repetitions.  We don't have
         * the ceil() function available, so do the rounding by hand.
         */
        cutoff = max_repetitions;
        if ( cutoff < max_repetitions )
                cutoff++;
        build_assert ( cutoff >= max_repetitions );
 
        /* Floating-point operations are not allowed in iPXE since we
         * never set up a suitable environment.  Abort the build
         * unless the calculated number of repetitions is a
         * compile-time constant.
         */
        build_assert ( __builtin_constant_p ( cutoff ) );
 
        return cutoff;
}

References build_assert, and MIN_ENTROPY.

Referenced by entropy_init().

entropy_adaptive_proportion_cutoff_lookup()

unsigned int entropy_adaptive_proportion_cutoff_lookup ( unsigned int n, unsigned int h )

inlinestatic

Look up value in adaptive proportion test cutoff table.

Parameters

n	N (window size)
h	H (min-entropy)

Return values

cutoff

Cutoff

This is the table of cutoff values defined in ANS X9.82 Part 2 (October 2011 Draft) Section 8.5.2.1.3.1.2.

Definition at line 396 of file entropy.h.

                                                                             {
        switch ( APC_N_H ( n, h ) ) {
                APC_TABLE_ROW (  1, APC_NA,     51,    168,   2240,  33537 );
                APC_TABLE_ROW (  2, APC_NA,     35,    100,   1193,  17053 );
                APC_TABLE_ROW (  3,     10,     24,     61,    643,   8705 );
                APC_TABLE_ROW (  4,      8,     16,     38,    354,   4473 );
                APC_TABLE_ROW (  5,      6,     12,     25,    200,   2321 );
                APC_TABLE_ROW (  6,      5,      9,     17,    117,   1220 );
                APC_TABLE_ROW (  7,      4,      7,     15,     71,    653 );
                APC_TABLE_ROW (  8,      4,      5,      9,     45,    358 );
                APC_TABLE_ROW (  9,      3,      4,      7,     30,    202 );
                APC_TABLE_ROW ( 10,      3,      4,      5,     21,    118 );
                APC_TABLE_ROW ( 11,      2,      3,      4,     15,     71 );
                APC_TABLE_ROW ( 12,      2,      3,      4,     11,     45 );
                APC_TABLE_ROW ( 13,      2,      2,      3,      9,     30 );
                APC_TABLE_ROW ( 14,      2,      2,      3,      7,     21 );
                APC_TABLE_ROW ( 15,      1,      2,      2,      6,     15 );
                APC_TABLE_ROW ( 16,      1,      2,      2,      5,     11 );
                APC_TABLE_ROW ( 17,      1,      1,      2,      4,      9 );
                APC_TABLE_ROW ( 18,      1,      1,      2,      4,      7 );
                APC_TABLE_ROW ( 19,      1,      1,      1,      3,      6 );
                APC_TABLE_ROW ( 20,      1,      1,      1,      3,      5 );
        default:
                return APC_NA;
        }
}

References APC_N_H, APC_NA, APC_TABLE_ROW, and h.

Referenced by entropy_adaptive_proportion_cutoff().

entropy_adaptive_proportion_cutoff()

unsigned int entropy_adaptive_proportion_cutoff ( min_entropy_t min_entropy_per_sample )

inlinestatic

Calculate cutoff value for the adaptive proportion test.

Parameters

min_entropy_per_sample

Min-entropy per sample

Return values

cutoff

Cutoff value

This is the cutoff value for the Adaptive Proportion Test defined in ANS X9.82 Part 2 (October 2011 Draft) Section 8.5.2.1.3.1.2.

Definition at line 433 of file entropy.h.

                                                                            {
        unsigned int h;
        unsigned int n;
        unsigned int cutoff;
 
        /* Look up cutoff value in cutoff table */
        n = ADAPTIVE_PROPORTION_WINDOW_SIZE;
        h = ( min_entropy_per_sample / MIN_ENTROPY_SCALE );
        cutoff = entropy_adaptive_proportion_cutoff_lookup ( n, h );
 
        /* Fail unless cutoff value is a compile-time constant */
        build_assert ( __builtin_constant_p ( cutoff ) );
 
        /* Fail if cutoff value is N/A */
        build_assert ( cutoff != APC_NA );
 
        return cutoff;
}

References ADAPTIVE_PROPORTION_WINDOW_SIZE, APC_NA, build_assert, entropy_adaptive_proportion_cutoff_lookup(), h, and MIN_ENTROPY_SCALE.

Referenced by entropy_init().

entropy_startup_test_count()

unsigned int entropy_startup_test_count ( unsigned int repetition_count_cutoff, unsigned int adaptive_proportion_cutoff )

inlinestatic

Calculate number of samples required for startup tests.

Parameters

repetition_count_cutoff	Repetition count test cutoff value
adaptive_proportion_cutoff	Adaptive proportion test cutoff value

Return values

num_samples

Number of samples required

ANS X9.82 Part 2 (October 2011 Draft) Section 8.5.2.1.5 requires that at least one full cycle of the continuous tests must be performed at start-up.

Definition at line 464 of file entropy.h.

                                                                       {
        unsigned int num_samples;
 
        /* At least max(N,C) samples shall be generated by the noise
         * source for start-up testing.
         */
        num_samples = repetition_count_cutoff;
        if ( num_samples < adaptive_proportion_cutoff )
                num_samples = adaptive_proportion_cutoff;
        build_assert ( __builtin_constant_p ( num_samples ) );
 
        return num_samples;
}

References build_assert.

Referenced by entropy_init().

entropy_init()

void entropy_init ( struct entropy_source * source, min_entropy_t min_entropy_per_sample )

inlinestatic

Initialise entropy source.

Parameters

source	Entropy source
min_entropy_per_sample	Min-entropy per sample

The cutoff value calculations for the repetition count test and the adaptive proportion test are provided as static inline functions since the results will always be compile-time constants.

Definition at line 490 of file entropy.h.

                                                      {
        unsigned int repetition_count_cutoff;
        unsigned int adaptive_proportion_cutoff;
        unsigned int startup_test_count;
 
        /* Sanity check */
        build_assert ( min_entropy_per_sample > MIN_ENTROPY ( 0 ) );
        build_assert ( min_entropy_per_sample <=
                       MIN_ENTROPY ( 8 * sizeof ( noise_sample_t ) ) );
 
        /* Calculate test cutoff values */
        repetition_count_cutoff =
                entropy_repetition_count_cutoff ( min_entropy_per_sample );
        adaptive_proportion_cutoff =
                entropy_adaptive_proportion_cutoff ( min_entropy_per_sample );
        startup_test_count =
                entropy_startup_test_count ( repetition_count_cutoff,
                                             adaptive_proportion_cutoff );
 
        /* Record min-entropy per sample and test cutoff values */
        source->min_entropy_per_sample = min_entropy_per_sample;
        source->repetition_count_test.cutoff = repetition_count_cutoff;
        source->adaptive_proportion_test.cutoff = adaptive_proportion_cutoff;
        source->startup_test.count = startup_test_count;
}

References entropy_source::adaptive_proportion_test, build_assert, entropy_startup_test::count, entropy_adaptive_proportion_test::cutoff, entropy_repetition_count_test::cutoff, entropy_adaptive_proportion_cutoff(), entropy_repetition_count_cutoff(), entropy_startup_test_count(), MIN_ENTROPY, entropy_source::min_entropy_per_sample, entropy_source::repetition_count_test, and entropy_source::startup_test.

Referenced by efi_entropy_enable(), efirng_enable(), rdrand_entropy_enable(), and rtc_entropy_enable().

entropy_enable()

int entropy_enable ( struct entropy_source * source )

extern

Enable entropy gathering.

Parameters

source

Entropy source

Return values

rc	Return status code

Definition at line 303 of file entropy.c.

                                                     {
        int rc;
 
        /* Refuse to enable a previously failed source */
        if ( ( rc = source->rc ) != 0 )
                return rc;
 
        /* Enable entropy source */
        if ( ( rc = source->enable() ) != 0 ) {
                DBGC ( source, "ENTROPY %s could not enable: %s\n",
                       source->name, strerror ( rc ) );
                source->rc = rc;
                return rc;
        }
 
        /* Sanity check */
        assert ( source->min_entropy_per_sample > 0 );
 
        /* Initialise test state if this source has not previously been used */
        if ( source->startup_test.tested == 0 ) {
                repetition_count_test_init ( source );
                adaptive_proportion_test_init ( source );
                startup_test_init ( source );
        }
 
        DBGC ( source, "ENTROPY %s enabled\n", source->name );
        return 0;
}

References adaptive_proportion_test_init(), assert, DBGC, entropy_source::enable, entropy_source::min_entropy_per_sample, entropy_source::name, entropy_source::rc, rc, repetition_count_test_init(), entropy_source::startup_test, startup_test_init(), strerror(), and entropy_startup_test::tested.

Referenced by entropy_enable_and_test(), entropy_sample(), and REQUIRING_SYMBOL().

entropy_disable()

void entropy_disable ( struct entropy_source * source )

extern

Disable entropy gathering.

Parameters

source

Entropy source

Definition at line 386 of file entropy.c.

                                                       {
 
        /* Disable entropy gathering, if applicable */
        if ( source->disable )
                source->disable();
 
        DBGC ( source, "ENTROPY %s disabled\n", source->name );
}

References DBGC, entropy_source::disable, and entropy_source::name.

Referenced by entropy_enable_and_test(), entropy_sample(), and get_entropy_input_tmp().