summaryrefslogtreecommitdiffstats
path: root/sys/dev/random/randomdev_soft.c
diff options
context:
space:
mode:
Diffstat (limited to 'sys/dev/random/randomdev_soft.c')
-rw-r--r--sys/dev/random/randomdev_soft.c88
1 files changed, 39 insertions, 49 deletions
diff --git a/sys/dev/random/randomdev_soft.c b/sys/dev/random/randomdev_soft.c
index 61afb1b..db0b016 100644
--- a/sys/dev/random/randomdev_soft.c
+++ b/sys/dev/random/randomdev_soft.c
@@ -26,10 +26,15 @@
*
*/
-#if !defined(YARROW_RNG) && !defined(FORTUNA_RNG)
-#define YARROW_RNG
-#elif defined(YARROW_RNG) && defined(FORTUNA_RNG)
-#error "Must define either YARROW_RNG or FORTUNA_RNG"
+#include "opt_random.h"
+
+#if !defined(RANDOM_YARROW) && !defined(RANDOM_FORTUNA)
+#define RANDOM_YARROW
+#elif defined(RANDOM_YARROW) && defined(RANDOM_FORTUNA)
+#error "Must define either RANDOM_YARROW or RANDOM_FORTUNA"
+#endif
+#if defined(RANDOM_FORTUNA)
+#error "Fortuna is not yet implemented"
#endif
#include <sys/cdefs.h>
@@ -53,55 +58,54 @@ __FBSDID("$FreeBSD$");
#include <machine/bus.h>
#include <machine/cpu.h>
-#include <dev/random/random_adaptors.h>
#include <dev/random/randomdev.h>
#include <dev/random/randomdev_soft.h>
-#if defined(YARROW_RNG)
+#include <dev/random/random_harvestq.h>
+#include <dev/random/random_adaptors.h>
+#if defined(RANDOM_YARROW)
#include <dev/random/yarrow.h>
#endif
-#if defined(FORTUNA_RNG)
+#if defined(RANDOM_FORTUNA)
#include <dev/random/fortuna.h>
#endif
-#include "random_harvestq.h"
static int randomdev_poll(int event, struct thread *td);
static int randomdev_block(int flag);
static void randomdev_flush_reseed(void);
-#if defined(YARROW_RNG)
+#if defined(RANDOM_YARROW)
static struct random_adaptor random_context = {
.ident = "Software, Yarrow",
.init = randomdev_init,
.deinit = randomdev_deinit,
.block = randomdev_block,
.read = random_yarrow_read,
- .write = randomdev_write,
.poll = randomdev_poll,
.reseed = randomdev_flush_reseed,
- .seeded = 1,
+ .seeded = 0, /* This will be seeded during entropy processing */
};
#define RANDOM_MODULE_NAME yarrow
#define RANDOM_CSPRNG_NAME "yarrow"
#endif
-#if defined(FORTUNA_RNG)
+#if defined(RANDOM_FORTUNA)
static struct random_adaptor random_context = {
.ident = "Software, Fortuna",
.init = randomdev_init,
.deinit = randomdev_deinit,
.block = randomdev_block,
.read = random_fortuna_read,
- .write = randomdev_write,
.poll = randomdev_poll,
.reseed = randomdev_flush_reseed,
- .seeded = 1,
+ .seeded = 0, /* This will be excplicitly seeded at startup when secured */
};
#define RANDOM_MODULE_NAME fortuna
#define RANDOM_CSPRNG_NAME "fortuna"
-
#endif
+TUNABLE_INT("kern.random.sys.seeded", &random_context.seeded);
+
/* List for the dynamic sysctls */
static struct sysctl_ctx_list random_clist;
@@ -111,7 +115,7 @@ random_check_boolean(SYSCTL_HANDLER_ARGS)
{
if (oidp->oid_arg1 != NULL && *(u_int *)(oidp->oid_arg1) != 0)
*(u_int *)(oidp->oid_arg1) = 1;
- return sysctl_handle_int(oidp, oidp->oid_arg1, oidp->oid_arg2, req);
+ return (sysctl_handle_int(oidp, oidp->oid_arg1, oidp->oid_arg2, req));
}
void
@@ -119,10 +123,10 @@ randomdev_init(void)
{
struct sysctl_oid *random_sys_o, *random_sys_harvest_o;
-#if defined(YARROW_RNG)
+#if defined(RANDOM_YARROW)
random_yarrow_init_alg(&random_clist);
#endif
-#if defined(FORTUNA_RNG)
+#if defined(RANDOM_FORTUNA)
random_fortuna_init_alg(&random_clist);
#endif
@@ -134,7 +138,7 @@ randomdev_init(void)
SYSCTL_ADD_PROC(&random_clist,
SYSCTL_CHILDREN(random_sys_o),
OID_AUTO, "seeded", CTLTYPE_INT | CTLFLAG_RW,
- &random_context.seeded, 1, random_check_boolean, "I",
+ &random_context.seeded, 0, random_check_boolean, "I",
"Seeded State");
random_sys_harvest_o = SYSCTL_ADD_NODE(&random_clist,
@@ -155,12 +159,12 @@ randomdev_init(void)
SYSCTL_ADD_PROC(&random_clist,
SYSCTL_CHILDREN(random_sys_harvest_o),
OID_AUTO, "interrupt", CTLTYPE_INT | CTLFLAG_RW,
- &harvest.interrupt, 0, random_check_boolean, "I",
+ &harvest.interrupt, 1, random_check_boolean, "I",
"Harvest IRQ entropy");
SYSCTL_ADD_PROC(&random_clist,
SYSCTL_CHILDREN(random_sys_harvest_o),
OID_AUTO, "swi", CTLTYPE_INT | CTLFLAG_RW,
- &harvest.swi, 0, random_check_boolean, "I",
+ &harvest.swi, 1, random_check_boolean, "I",
"Harvest SWI entropy");
random_harvestq_init(random_process_event);
@@ -182,10 +186,10 @@ randomdev_deinit(void)
random_kthread_control = -1;
tsleep((void *)&random_kthread_control, 0, "term", 0);
-#if defined(YARROW_RNG)
+#if defined(RANDOM_YARROW)
random_yarrow_deinit_alg();
#endif
-#if defined(FORTUNA_RNG)
+#if defined(RANDOM_FORTUNA)
random_fortuna_deinit_alg();
#endif
@@ -193,32 +197,15 @@ randomdev_deinit(void)
}
void
-randomdev_write(void *buf, int count)
-{
- int i;
- u_int chunk;
-
- /*
- * Break the input up into HARVESTSIZE chunks. The writer has too
- * much control here, so "estimate" the entropy as zero.
- */
- for (i = 0; i < count; i += HARVESTSIZE) {
- chunk = HARVESTSIZE;
- if (i + chunk >= count)
- chunk = (u_int)(count - i);
- random_harvestq_internal(get_cyclecount(), (char *)buf + i,
- chunk, 0, 0, RANDOM_WRITE);
- }
-}
-
-void
randomdev_unblock(void)
{
if (!random_context.seeded) {
- random_context.seeded = 1;
selwakeuppri(&random_context.rsel, PUSER);
wakeup(&random_context);
+ printf("random: unblocking device.\n");
+ random_context.seeded = 1;
}
+ /* Do arc4random(9) a favour while we are about it. */
(void)atomic_cmpset_int(&arc4rand_iniseed_state, ARC4_ENTR_NONE,
ARC4_ENTR_HAVE);
}
@@ -227,6 +214,7 @@ static int
randomdev_poll(int events, struct thread *td)
{
int revents = 0;
+
mtx_lock(&random_reseed_mtx);
if (random_context.seeded)
@@ -235,7 +223,7 @@ randomdev_poll(int events, struct thread *td)
selrecord(td, &random_context.rsel);
mtx_unlock(&random_reseed_mtx);
- return revents;
+ return (revents);
}
static int
@@ -250,7 +238,7 @@ randomdev_block(int flag)
if (flag & O_NONBLOCK)
error = EWOULDBLOCK;
else {
- printf("Entropy device is blocking.\n");
+ printf("random: blocking on read.\n");
error = msleep(&random_context,
&random_reseed_mtx,
PUSER | PCATCH, "block", 0);
@@ -258,7 +246,7 @@ randomdev_block(int flag)
}
mtx_unlock(&random_reseed_mtx);
- return error;
+ return (error);
}
/* Helper routine to perform explicit reseeds */
@@ -270,16 +258,18 @@ randomdev_flush_reseed(void)
while (random_kthread_control)
pause("-", hz / 10);
-#if defined(YARROW_RNG)
+#if defined(RANDOM_YARROW)
+ /* This ultimately calls randomdev_unblock() */
random_yarrow_reseed();
#endif
-#if defined(FORTUNA_RNG)
+#if defined(RANDOM_FORTUNA)
+ /* This ultimately calls randomdev_unblock() */
random_fortuna_reseed();
#endif
}
static int
-randomdev_modevent(module_t mod, int type, void *unused)
+randomdev_modevent(module_t mod __unused, int type, void *unused __unused)
{
switch (type) {
OpenPOWER on IntegriCloud