From bc5b290d465a0de709d688df6ade2896ba17bd8c Mon Sep 17 00:00:00 2001
From: deraadt <>
Date: Tue, 8 Jul 2014 08:33:43 +0000
Subject: [PATCH] repeat calls to getentrypy() with the same pid likely
 indicate reseeds. Since we assume the PRNG above is doing "something old,
 something new" folding, shortcut and do fewer repeats through the timing
 loop. ok beck

---
 src/lib/libcrypto/arc4random/getentropy_linux.c | 13 ++++++++++---
 src/lib/libcrypto/crypto/getentropy_linux.c     | 13 ++++++++++---
 2 files changed, 20 insertions(+), 6 deletions(-)

diff --git a/src/lib/libcrypto/arc4random/getentropy_linux.c b/src/lib/libcrypto/arc4random/getentropy_linux.c
index 78d0d786..a7f59912 100644
--- a/src/lib/libcrypto/arc4random/getentropy_linux.c
+++ b/src/lib/libcrypto/arc4random/getentropy_linux.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: getentropy_linux.c,v 1.14 2014/06/26 13:48:11 deraadt Exp $	*/
+/*	$OpenBSD: getentropy_linux.c,v 1.15 2014/07/08 08:33:43 deraadt Exp $	*/
 
 /*
  * Copyright (c) 2014 Theo de Raadt <deraadt@openbsd.org>
@@ -288,7 +288,7 @@ static int
 getentropy_fallback(void *buf, size_t len)
 {
 	uint8_t results[SHA512_DIGEST_LENGTH];
-	int save_errno = errno, e, m, pgs = getpagesize(), repeat;
+	int save_errno = errno, e, m, pgs = getpagesize(), repeat = 0;
 	static int cnt;
 	struct timespec ts;
 	struct timeval tv;
@@ -296,13 +296,20 @@ getentropy_fallback(void *buf, size_t len)
 	sigset_t sigset;
 	struct stat st;
 	SHA512_CTX ctx;
+	static pid_t lastpid;
 	pid_t pid;
 	size_t i, ii;
 	char *p;
 
+	pid = getpid();
+	if (lastpid == getpid())
+		repeat = REPEAT - 1;
+	else
+		lastpid = pid;
+
 	for (i = 0; i < len; ) {
 		SHA512_Init(&ctx);
-		for (repeat = 0; repeat < REPEAT; repeat++) {
+		for (; repeat < REPEAT; repeat++) {
 
 			HX((e = gettimeofday(&tv, NULL)) == -1, tv);
 			if (e != -1) {
diff --git a/src/lib/libcrypto/crypto/getentropy_linux.c b/src/lib/libcrypto/crypto/getentropy_linux.c
index 78d0d786..a7f59912 100644
--- a/src/lib/libcrypto/crypto/getentropy_linux.c
+++ b/src/lib/libcrypto/crypto/getentropy_linux.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: getentropy_linux.c,v 1.14 2014/06/26 13:48:11 deraadt Exp $	*/
+/*	$OpenBSD: getentropy_linux.c,v 1.15 2014/07/08 08:33:43 deraadt Exp $	*/
 
 /*
  * Copyright (c) 2014 Theo de Raadt <deraadt@openbsd.org>
@@ -288,7 +288,7 @@ static int
 getentropy_fallback(void *buf, size_t len)
 {
 	uint8_t results[SHA512_DIGEST_LENGTH];
-	int save_errno = errno, e, m, pgs = getpagesize(), repeat;
+	int save_errno = errno, e, m, pgs = getpagesize(), repeat = 0;
 	static int cnt;
 	struct timespec ts;
 	struct timeval tv;
@@ -296,13 +296,20 @@ getentropy_fallback(void *buf, size_t len)
 	sigset_t sigset;
 	struct stat st;
 	SHA512_CTX ctx;
+	static pid_t lastpid;
 	pid_t pid;
 	size_t i, ii;
 	char *p;
 
+	pid = getpid();
+	if (lastpid == getpid())
+		repeat = REPEAT - 1;
+	else
+		lastpid = pid;
+
 	for (i = 0; i < len; ) {
 		SHA512_Init(&ctx);
-		for (repeat = 0; repeat < REPEAT; repeat++) {
+		for (; repeat < REPEAT; repeat++) {
 
 			HX((e = gettimeofday(&tv, NULL)) == -1, tv);
 			if (e != -1) {