diff options
| author | obrien <obrien@FreeBSD.org> | 2013-07-29 20:26:27 +0000 |
|---|---|---|
| committer | obrien <obrien@FreeBSD.org> | 2013-07-29 20:26:27 +0000 |
| commit | 721ce839c7c49ecca90b66a4523be0e6e29c057e (patch) | |
| tree | 7321ee5c53e41f64a4e3a37d1e501321672bb5af /sys/conf | |
| parent | f6b004c36a12554e599bc79d3f4efc2047574d1b (diff) | |
| download | FreeBSD-src-721ce839c7c49ecca90b66a4523be0e6e29c057e.zip FreeBSD-src-721ce839c7c49ecca90b66a4523be0e6e29c057e.tar.gz | |
Decouple yarrow from random(4) device.
* Make Yarrow an optional kernel component -- enabled by "YARROW_RNG" option.
The files sha2.c, hash.c, randomdev_soft.c and yarrow.c comprise yarrow.
* random(4) device doesn't really depend on rijndael-*. Yarrow, however, does.
* Add random_adaptors.[ch] which is basically a store of random_adaptor's.
random_adaptor is basically an adapter that plugs in to random(4).
random_adaptor can only be plugged in to random(4) very early in bootup.
Unplugging random_adaptor from random(4) is not supported, and is probably a
bad idea anyway, due to potential loss of entropy pools.
We currently have 3 random_adaptors:
+ yarrow
+ rdrand (ivy.c)
+ nehemeiah
* Remove platform dependent logic from probe.c, and move it into
corresponding registration routines of each random_adaptor provider.
probe.c doesn't do anything other than picking a specific random_adaptor
from a list of registered ones.
* If the kernel doesn't have any random_adaptor adapters present then the
creation of /dev/random is postponed until next random_adaptor is kldload'ed.
* Fix randomdev_soft.c to refer to its own random_adaptor, instead of a
system wide one.
Submitted by: arthurmesh@gmail.com, obrien
Obtained from: Juniper Networks
Reviewed by: obrien
Diffstat (limited to 'sys/conf')
| -rw-r--r-- | sys/conf/NOTES | 3 | ||||
| -rw-r--r-- | sys/conf/files | 11 | ||||
| -rw-r--r-- | sys/conf/options | 3 |
3 files changed, 12 insertions, 5 deletions
diff --git a/sys/conf/NOTES b/sys/conf/NOTES index dce2168..dfde8df 100644 --- a/sys/conf/NOTES +++ b/sys/conf/NOTES @@ -1132,6 +1132,9 @@ options VFS_AIO # Cryptographically secure random number generator; /dev/random device random +# Yarrow software RNG adapter for random +options YARROW_RNG + # The system memory devices; /dev/mem, /dev/kmem device mem diff --git a/sys/conf/files b/sys/conf/files index 4a1a432..3e23454 100644 --- a/sys/conf/files +++ b/sys/conf/files @@ -540,8 +540,8 @@ crypto/des/des_ecb.c optional crypto | ipsec | netsmb crypto/des/des_setkey.c optional crypto | ipsec | netsmb crypto/rc4/rc4.c optional netgraph_mppc_encryption | kgssapi crypto/rijndael/rijndael-alg-fst.c optional crypto | geom_bde | \ - ipsec | random | wlan_ccmp -crypto/rijndael/rijndael-api-fst.c optional geom_bde | random + ipsec | yarrow_rng | wlan_ccmp +crypto/rijndael/rijndael-api-fst.c optional geom_bde | yarrow_rng crypto/rijndael/rijndael-api.c optional crypto | ipsec | wlan_ccmp crypto/sha1.c optional carp | crypto | ipsec | \ netgraph_mppc_encryption | sctp @@ -2030,11 +2030,12 @@ rt2860.fw optional rt2860fw | ralfw \ no-obj no-implicit-rule \ clean "rt2860.fw" dev/random/harvest.c standard -dev/random/hash.c optional random +dev/random/hash.c optional yarrow_rng dev/random/probe.c optional random +dev/random/random_adaptors.c standard dev/random/randomdev.c optional random -dev/random/randomdev_soft.c optional random -dev/random/yarrow.c optional random +dev/random/randomdev_soft.c optional yarrow_rng +dev/random/yarrow.c optional yarrow_rng dev/rc/rc.c optional rc dev/re/if_re.c optional re dev/rndtest/rndtest.c optional rndtest diff --git a/sys/conf/options b/sys/conf/options index d9057cc..de695cb 100644 --- a/sys/conf/options +++ b/sys/conf/options @@ -905,3 +905,6 @@ RACCT opt_global.h # Resource Limits RCTL opt_global.h + +# Software random number generators for random(4) +YARROW_RNG opt_dontuse.h |
