diff options
| -rw-r--r-- | sys/alpha/conf/GENERIC | 1 | ||||
| -rw-r--r-- | sys/alpha/conf/NOTES | 1 | ||||
| -rw-r--r-- | sys/amd64/conf/GENERIC | 1 | ||||
| -rw-r--r-- | sys/conf/NOTES | 3 | ||||
| -rw-r--r-- | sys/conf/options | 3 | ||||
| -rw-r--r-- | sys/dev/random/randomdev.c | 71 | ||||
| -rw-r--r-- | sys/dev/random/yarrow.c | 5 | ||||
| -rw-r--r-- | sys/dev/random/yarrow.h | 2 | ||||
| -rw-r--r-- | sys/i386/conf/GENERIC | 1 | ||||
| -rw-r--r-- | sys/i386/conf/NEWCARD | 1 | ||||
| -rw-r--r-- | sys/i386/conf/NOTES | 3 | ||||
| -rw-r--r-- | sys/ia64/conf/GENERIC | 1 | ||||
| -rw-r--r-- | sys/pc98/conf/GENERIC | 1 |
13 files changed, 58 insertions, 36 deletions
diff --git a/sys/alpha/conf/GENERIC b/sys/alpha/conf/GENERIC index d5cbe3a..6ffae61 100644 --- a/sys/alpha/conf/GENERIC +++ b/sys/alpha/conf/GENERIC @@ -153,7 +153,6 @@ device xl # 3Com 3c90x (``Boomerang'', ``Cyclone'') # Pseudo devices - the number indicates how many units to allocated. device random # Entropy device -options NOBLOCKRANDOM # avoid any blocking on device random device loop # Network loopback device ether # Ethernet support device sl # Kernel SLIP diff --git a/sys/alpha/conf/NOTES b/sys/alpha/conf/NOTES index d5cbe3a..6ffae61 100644 --- a/sys/alpha/conf/NOTES +++ b/sys/alpha/conf/NOTES @@ -153,7 +153,6 @@ device xl # 3Com 3c90x (``Boomerang'', ``Cyclone'') # Pseudo devices - the number indicates how many units to allocated. device random # Entropy device -options NOBLOCKRANDOM # avoid any blocking on device random device loop # Network loopback device ether # Ethernet support device sl # Kernel SLIP diff --git a/sys/amd64/conf/GENERIC b/sys/amd64/conf/GENERIC index f3aff62..e26923b 100644 --- a/sys/amd64/conf/GENERIC +++ b/sys/amd64/conf/GENERIC @@ -205,7 +205,6 @@ device wi # WaveLAN/IEEE 802.11 wireless NICs. # Pseudo devices - the number indicates how many units to allocated. device random # Entropy device -options NOBLOCKRANDOM # avoid any blocking on device random device loop # Network loopback device ether # Ethernet support device sl # Kernel SLIP diff --git a/sys/conf/NOTES b/sys/conf/NOTES index 936e11d..364543f 100644 --- a/sys/conf/NOTES +++ b/sys/conf/NOTES @@ -773,9 +773,6 @@ options ENABLE_VFS_IOOPT # Cryptographically secure random number generator; /dev/[u]random device random -# Avoid blocking the random device -options NOBLOCKRANDOM - ##################################################################### # POSIX P1003.1B diff --git a/sys/conf/options b/sys/conf/options index 5db79d1..b5b3466 100644 --- a/sys/conf/options +++ b/sys/conf/options @@ -479,6 +479,3 @@ ACPI_NO_ENABLE_ON_BOOT opt_acpi.h # options for DEVFS, see sys/fs/devfs/devfs.h NDEVFSINO opt_devfs.h NDEVFSOVERFLOW opt_devfs.h - -# options for device random -NOBLOCKRANDOM diff --git a/sys/dev/random/randomdev.c b/sys/dev/random/randomdev.c index 5a39b86..bb602b1 100644 --- a/sys/dev/random/randomdev.c +++ b/sys/dev/random/randomdev.c @@ -39,17 +39,15 @@ #include <sys/poll.h> #include <sys/selinfo.h> #include <sys/random.h> +#include <sys/sysctl.h> #include <sys/vnode.h> #include <machine/bus.h> #include <machine/resource.h> -#include <sys/sysctl.h> #include <crypto/blowfish/blowfish.h> #include <dev/random/hash.h> #include <dev/random/yarrow.h> -#include "opt_noblockrandom.h" - static d_open_t random_open; static d_close_t random_close; static d_read_t random_read; @@ -82,18 +80,9 @@ static struct cdevsw random_cdevsw = { static dev_t random_dev; static dev_t urandom_dev; /* XXX Temporary */ -SYSCTL_NODE(_kern, OID_AUTO, random, CTLFLAG_RW, 0, "Random Number Generator"); -SYSCTL_NODE(_kern_random, OID_AUTO, yarrow, CTLFLAG_RW, 0, "Yarrow Parameters"); -SYSCTL_INT(_kern_random_yarrow, OID_AUTO, gengateinterval, CTLFLAG_RW, - &random_state.gengateinterval, 10, "Generator Gate Interval"); -SYSCTL_INT(_kern_random_yarrow, OID_AUTO, bins, CTLFLAG_RW, - &random_state.bins, 10, "Execution time tuner"); -SYSCTL_INT(_kern_random_yarrow, OID_AUTO, fastthresh, CTLFLAG_RW, - &random_state.pool[0].thresh, 100, "Fast pool reseed threshhold"); -SYSCTL_INT(_kern_random_yarrow, OID_AUTO, slowthresh, CTLFLAG_RW, - &random_state.pool[1].thresh, 160, "Slow pool reseed threshhold"); -SYSCTL_INT(_kern_random_yarrow, OID_AUTO, slowoverthresh, CTLFLAG_RW, - &random_state.slowoverthresh, 2, "Slow pool over-threshhold reseed"); +/* To stash the sysctl's until they are removed */ +static struct sysctl_oid *random_sysctl[10]; /* magic # is sysctl count */ +static int sysctlcount = 0; static int random_open(dev_t dev, int flags, int fmt, struct proc *p) @@ -119,8 +108,6 @@ random_read(dev_t dev, struct uio *uio, int flag) int error = 0; void *random_buf; -/* XXX Temporary ifndef to allow users to have a nonblocking device */ -#ifndef NOBLOCKRANDOM while (!random_state.seeded) { if (flag & IO_NDELAY) error = EWOULDBLOCK; @@ -129,7 +116,6 @@ random_read(dev_t dev, struct uio *uio, int flag) if (error != 0) return error; } -#endif c = min(uio->uio_resid, PAGE_SIZE); random_buf = (void *)malloc(c, M_TEMP, M_WAITOK); while (uio->uio_resid > 0 && error == 0) { @@ -183,13 +169,57 @@ random_poll(dev_t dev, int events, struct proc *p) static int random_modevent(module_t mod, int type, void *data) { - int error; + struct sysctl_oid *node_base, *node1, *node2; + int error, i; switch(type) { case MOD_LOAD: error = random_init(); if (error != 0) return error; + + random_sysctl[sysctlcount++] = node_base = + SYSCTL_ADD_NODE(NULL, SYSCTL_STATIC_CHILDREN(_kern), + OID_AUTO, "random", CTLFLAG_RW, 0, + "Random Number Generator"); + random_sysctl[sysctlcount++] = node1 = + SYSCTL_ADD_NODE(NULL, SYSCTL_CHILDREN(node_base), + OID_AUTO, "sys", CTLFLAG_RW, 0, + "Entropy Device Parameters"); + random_sysctl[sysctlcount++] = + SYSCTL_ADD_INT(NULL, SYSCTL_CHILDREN(node1), + OID_AUTO, "seeded", CTLFLAG_RW, + &random_state.seeded, 0, "Seeded State"); + random_sysctl[sysctlcount++] = node2 = + SYSCTL_ADD_NODE(NULL, SYSCTL_CHILDREN(node_base), + OID_AUTO, "yarrow", CTLFLAG_RW, 0, + "Yarrow Parameters"); + random_sysctl[sysctlcount++] = + SYSCTL_ADD_INT(NULL, SYSCTL_CHILDREN(node2), + OID_AUTO, "gengateinterval", CTLFLAG_RW, + &random_state.gengateinterval, 0, + "Generator Gate Interval"); + random_sysctl[sysctlcount++] = + SYSCTL_ADD_INT(NULL, SYSCTL_CHILDREN(node2), + OID_AUTO, "bins", CTLFLAG_RW, + &random_state.bins, 0, + "Execution time tuner"); + random_sysctl[sysctlcount++] = + SYSCTL_ADD_INT(NULL, SYSCTL_CHILDREN(node2), + OID_AUTO, "fastthresh", CTLFLAG_RW, + &random_state.pool[0].thresh, 0, + "Fast pool reseed threshhold"); + random_sysctl[sysctlcount++] = + SYSCTL_ADD_INT(NULL, SYSCTL_CHILDREN(node2), + OID_AUTO, "slowthresh", CTLFLAG_RW, + &random_state.pool[1].thresh, 0, + "Slow pool reseed threshhold"); + random_sysctl[sysctlcount++] = + SYSCTL_ADD_INT(NULL, SYSCTL_CHILDREN(node2), + OID_AUTO, "slowoverthresh", CTLFLAG_RW, + &random_state.slowoverthresh, 0, + "Slow pool over-threshhold reseed"); + if (bootverbose) printf("random: <entropy source>\n"); random_dev = make_dev(&random_cdevsw, RANDOM_MINOR, UID_ROOT, @@ -202,6 +232,9 @@ random_modevent(module_t mod, int type, void *data) random_deinit(); destroy_dev(random_dev); destroy_dev(urandom_dev); /* XXX Temporary */ + for (i = sysctlcount - 1; i >= 0; i--) + if (sysctl_remove_oid(random_sysctl[i], 1, 0) == EINVAL) + panic("random: removing sysctl"); return 0; case MOD_SHUTDOWN: diff --git a/sys/dev/random/yarrow.c b/sys/dev/random/yarrow.c index d50dcfa..c28fc74 100644 --- a/sys/dev/random/yarrow.c +++ b/sys/dev/random/yarrow.c @@ -184,6 +184,11 @@ random_init(void) mtx_exit(&Giant, MTX_DEF); #endif + /* This can be turned off by the very paranoid + * a reseed will turn it back on. + */ + random_state.seeded = 1; + random_state.gengateinterval = 10; random_state.bins = 10; random_state.pool[0].thresh = 100; diff --git a/sys/dev/random/yarrow.h b/sys/dev/random/yarrow.h index 964ae65..3c76d96 100644 --- a/sys/dev/random/yarrow.h +++ b/sys/dev/random/yarrow.h @@ -70,7 +70,7 @@ struct random_state { struct yarrowhash hash; /* accumulated entropy */ } pool[2]; /* pool[0] is fast, pool[1] is slow */ int which; /* toggle - shows the current insertion pool */ - int seeded; /* 0 until first reseed, then 1 */ + int seeded; /* 0 causes blocking 1 allows normal output */ struct selinfo rsel; /* For poll(2) */ }; diff --git a/sys/i386/conf/GENERIC b/sys/i386/conf/GENERIC index f3aff62..e26923b 100644 --- a/sys/i386/conf/GENERIC +++ b/sys/i386/conf/GENERIC @@ -205,7 +205,6 @@ device wi # WaveLAN/IEEE 802.11 wireless NICs. # Pseudo devices - the number indicates how many units to allocated. device random # Entropy device -options NOBLOCKRANDOM # avoid any blocking on device random device loop # Network loopback device ether # Ethernet support device sl # Kernel SLIP diff --git a/sys/i386/conf/NEWCARD b/sys/i386/conf/NEWCARD index 06cc1b4..f5bd712 100644 --- a/sys/i386/conf/NEWCARD +++ b/sys/i386/conf/NEWCARD @@ -219,7 +219,6 @@ device wi # WaveLAN/IEEE 802.11 wireless NICs. # Pseudo devices - the number indicates how many units to allocated. device random # Entropy device -options NOBLOCKRANDOM # avoid any blocking on device random device loop # Network loopback device ether # Ethernet support device sl # Kernel SLIP diff --git a/sys/i386/conf/NOTES b/sys/i386/conf/NOTES index 936e11d..364543f 100644 --- a/sys/i386/conf/NOTES +++ b/sys/i386/conf/NOTES @@ -773,9 +773,6 @@ options ENABLE_VFS_IOOPT # Cryptographically secure random number generator; /dev/[u]random device random -# Avoid blocking the random device -options NOBLOCKRANDOM - ##################################################################### # POSIX P1003.1B diff --git a/sys/ia64/conf/GENERIC b/sys/ia64/conf/GENERIC index 9556cea..9d8a5c4 100644 --- a/sys/ia64/conf/GENERIC +++ b/sys/ia64/conf/GENERIC @@ -131,7 +131,6 @@ device xl # 3Com 3c90x (``Boomerang'', ``Cyclone'') # Pseudo devices - the number indicates how many units to allocated. device random # Entropy device -options NOBLOCKRANDOM # avoid any blocking on device random device loop # Network loopback device ether # Ethernet support device sl # Kernel SLIP diff --git a/sys/pc98/conf/GENERIC b/sys/pc98/conf/GENERIC index cdaca4e..c2c8e0e 100644 --- a/sys/pc98/conf/GENERIC +++ b/sys/pc98/conf/GENERIC @@ -191,7 +191,6 @@ device wi # WaveLAN/IEEE 802.11 wireless NICs. # Pseudo devices - the number indicates how many units to allocated. device random # Entropy device -options NOBLOCKRANDOM # avoid any blocking on device random device loop # Network loopback device ether # Ethernet support device sl # Kernel SLIP |
