aboutsummaryrefslogtreecommitdiff
path: root/sys/netinet6/ip6_id.c
diff options
context:
space:
mode:
authorConrad Meyer <cem@FreeBSD.org>2019-04-23 17:18:20 +0000
committerConrad Meyer <cem@FreeBSD.org>2019-04-23 17:18:20 +0000
commit5947c057681960f95f56ef1c9cbc5be9c82ff96e (patch)
treed66ca9e7c884280e2255ecc03b504e665126d1ec /sys/netinet6/ip6_id.c
parent892004367486a6cc0753481a2551b5a518894e53 (diff)
downloadsrc-5947c057681960f95f56ef1c9cbc5be9c82ff96e.tar.gz
src-5947c057681960f95f56ef1c9cbc5be9c82ff96e.zip
ip6_randomflowlabel: Avoid blocking if random(4) is not available
If kern.random.initial_seeding.bypass_before_seeding is disabled, random(4) and arc4random(9) will block indefinitely until enough entropy is available to initially seed Fortuna. It seems that zero flowids are perfectly valid, so avoid blocking on random until initial seeding takes place. Discussed with: bz (earlier revision) Reviewed by: thj Sponsored by: Dell EMC Isilon Differential Revision: https://reviews.freebsd.org/D20011
Notes
Notes: svn path=/head/; revision=346601
Diffstat (limited to 'sys/netinet6/ip6_id.c')
-rw-r--r--sys/netinet6/ip6_id.c11
1 files changed, 11 insertions, 0 deletions
diff --git a/sys/netinet6/ip6_id.c b/sys/netinet6/ip6_id.c
index f41df2a2e5a9..1d6c2c7d9668 100644
--- a/sys/netinet6/ip6_id.c
+++ b/sys/netinet6/ip6_id.c
@@ -89,6 +89,7 @@ __FBSDID("$FreeBSD$");
#include <sys/types.h>
#include <sys/param.h>
#include <sys/kernel.h>
+#include <sys/random.h>
#include <sys/socket.h>
#include <sys/libkern.h>
@@ -258,5 +259,15 @@ u_int32_t
ip6_randomflowlabel(void)
{
+ /*
+ * It's ok to emit zero flow labels early, before random is available
+ * (seeded). RFC 6437:
+ *
+ * "A Flow Label of zero is used to indicate packets that have not been
+ * labeled."
+ */
+ if (__predict_false(!is_random_seeded()))
+ return (0);
+
return randomid(&randomtab_20) & 0xfffff;
}