5 files changed, 131 insertions, 1 deletions

diff --git a/src/config/defaults/linux.h b/src/config/defaults/linux.h
index 6b24da480..fcdf90400 100644
--- a/src/config/defaults/linux.h
+++ b/src/config/defaults/linux.h
@@ -14,7 +14,7 @@
 #define NAP_LINUX
 #define SMBIOS_LINUX
 #define SANBOOT_NULL
-#define ENTROPY_NULL
+#define ENTROPY_LINUX
 
 #define DRIVERS_LINUX
 
diff --git a/src/include/ipxe/entropy.h b/src/include/ipxe/entropy.h
index 50ba4fc63..adf325e79 100644
--- a/src/include/ipxe/entropy.h
+++ b/src/include/ipxe/entropy.h
@@ -54,6 +54,7 @@ typedef uint8_t entropy_sample_t;
 
 /* Include all architecture-independent entropy API headers */
 #include <ipxe/null_entropy.h>
+#include <ipxe/linux/linux_entropy.h>
 
 /* Include all architecture-dependent entropy API headers */
 #include <bits/entropy.h>
diff --git a/src/include/ipxe/errfile.h b/src/include/ipxe/errfile.h
index 050bf3fec..bfb738a4a 100644
--- a/src/include/ipxe/errfile.h
+++ b/src/include/ipxe/errfile.h
@@ -247,6 +247,7 @@ FILE_LICENCE ( GPL2_OR_LATER );
 #define ERRFILE_drbg		      ( ERRFILE_OTHER | 0x00250000 )
 #define ERRFILE_entropy		      ( ERRFILE_OTHER | 0x00260000 )
 #define ERRFILE_rsa		      ( ERRFILE_OTHER | 0x00270000 )
+#define ERRFILE_linux_entropy	      ( ERRFILE_OTHER | 0x00280000 )
 
 /** @} */
 
diff --git a/src/include/ipxe/linux/linux_entropy.h b/src/include/ipxe/linux/linux_entropy.h
new file mode 100644
index 000000000..bd89bd52f
--- /dev/null
+++ b/src/include/ipxe/linux/linux_entropy.h
@@ -0,0 +1,32 @@
+#ifndef _IPXE_LINUX_ENTROPY_H
+#define _IPXE_LINUX_ENTROPY_H
+
+/** @file
+ *
+ * iPXE entropy API for linux
+ *
+ */
+
+FILE_LICENCE(GPL2_OR_LATER);
+
+#ifdef ENTROPY_LINUX
+#define ENTROPY_PREFIX_linux
+#else
+#define ENTROPY_PREFIX_linux __linux_
+#endif
+
+/**
+ * min-entropy per sample
+ *
+ * @ret min_entropy	min-entropy of each sample
+ */
+static inline __always_inline double
+ENTROPY_INLINE ( linux, min_entropy_per_sample ) ( void ) {
+
+	/* We read single bytes from /dev/random and assume that each
+	 * contains full entropy.
+	 */
+	return 8;
+}
+
+#endif /* _IPXE_LINUX_ENTROPY_H */
diff --git a/src/interface/linux/linux_entropy.c b/src/interface/linux/linux_entropy.c
new file mode 100644
index 000000000..d82aabaad
--- /dev/null
+++ b/src/interface/linux/linux_entropy.c
@@ -0,0 +1,96 @@
+/*
+ * Copyright (C) 2012 Michael Brown <mbrown@fensystems.co.uk>.
+ *
+ * This program is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU General Public License as
+ * published by the Free Software Foundation; either version 2 of the
+ * License, or any later version.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
+ */
+
+FILE_LICENCE ( GPL2_OR_LATER );
+
+/** @file
+ *
+ * Linux entropy source
+ *
+ */
+
+#include <stdint.h>
+#include <errno.h>
+#include <linux_api.h>
+#include <ipxe/entropy.h>
+
+/** Entropy source filename */
+static const char entropy_filename[] = "/dev/random";
+
+/** Entropy source file handle */
+static int entropy_fd;
+
+/**
+ * Enable entropy gathering
+ *
+ * @ret rc		Return status code
+ */
+static int linux_entropy_enable ( void ) {
+
+	/* Open entropy source */
+	entropy_fd = linux_open ( entropy_filename, O_RDONLY );
+	if ( entropy_fd < 0 ) {
+		DBGC ( &entropy_fd, "ENTROPY could not open %s: %s\n",
+		       entropy_filename, linux_strerror ( linux_errno ) );
+		return entropy_fd;
+	}
+
+	return 0;
+}
+
+/**
+ * Disable entropy gathering
+ *
+ */
+static void linux_entropy_disable ( void ) {
+
+	/* Close entropy source */
+	linux_close ( entropy_fd );
+}
+
+/**
+ * Get noise sample
+ *
+ * @ret noise		Noise sample
+ * @ret rc		Return status code
+ */
+static int linux_get_noise ( noise_sample_t *noise ) {
+	uint8_t byte;
+	ssize_t len;
+
+	/* Read a single byte from entropy source */
+	len = linux_read ( entropy_fd, &byte, sizeof ( byte ) );
+	if ( len < 0 ) {
+		DBGC ( &entropy_fd, "ENTROPY could not read from %s: %s\n",
+		       entropy_filename, linux_strerror ( linux_errno ) );
+		return len;
+	}
+	if ( len == 0 ) {
+		DBGC ( &entropy_fd, "ENTROPY EOF on reading from %s: %s\n",
+		       entropy_filename, linux_strerror ( linux_errno ) );
+		return -EPIPE;
+	}
+	*noise = byte;
+
+	return 0;
+}
+
+PROVIDE_ENTROPY_INLINE ( linux, min_entropy_per_sample );
+PROVIDE_ENTROPY ( linux, entropy_enable, linux_entropy_enable );
+PROVIDE_ENTROPY ( linux, entropy_disable, linux_entropy_disable );
+PROVIDE_ENTROPY ( linux, get_noise, linux_get_noise );