Re: svn commit: r285439 - head/sys/dev/random

2015-07-13 Thread Mark R V Murray 

> On 13 Jul 2015, at 20:25, Peter Jeremy  wrote:
> 
> On 2015-Jul-13 08:38:21 +, Mark Murray  wrote:
>> +/*
>> + * Belt-and-braces.
>> + * Round up the read length to a crypto block size 
>> multiple,
>> + * which is what the underlying generator is expecting.
>> + * See the random_buf size requirements in the 
>> Yarrow/Fortuna code.
>> + */
>> +read_len += RANDOM_BLOCKSIZE;
>> +read_len -= read_len % RANDOM_BLOCKSIZE;
> 
> Note that if read_len was already a multiple of RANDOM_BLOCKSIZE, this will
> pad it by an additional RANDOM_BLOCKSIZE.  I don't think this matters but
> it's not what the comment implies.  (The comment also goes over 80 columns).

Yes - this is overly conservative ;-)

I’ve done a further tightening up, but I want to let it settle and not
churn the code.

M
-- 
Mark R V Murray

___
svn-src-head@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/svn-src-head
To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"

Re: svn commit: r285439 - head/sys/dev/random

2015-07-13 Thread Peter Jeremy 
On 2015-Jul-13 08:38:21 +, Mark Murray  wrote:
>+  /*
>+   * Belt-and-braces.
>+   * Round up the read length to a crypto block size 
>multiple,
>+   * which is what the underlying generator is expecting.
>+   * See the random_buf size requirements in the 
>Yarrow/Fortuna code.
>+   */
>+  read_len += RANDOM_BLOCKSIZE;
>+  read_len -= read_len % RANDOM_BLOCKSIZE;

Note that if read_len was already a multiple of RANDOM_BLOCKSIZE, this will
pad it by an additional RANDOM_BLOCKSIZE.  I don't think this matters but
it's not what the comment implies.  (The comment also goes over 80 columns).

-- 
Peter Jeremy


pgpVYCudlMOLy.pgp
Description: PGP signature

svn commit: r285439 - head/sys/dev/random

2015-07-13 Thread Mark Murray 
Author: markm
Date: Mon Jul 13 08:38:21 2015
New Revision: 285439
URL: https://svnweb.freebsd.org/changeset/base/285439

Log:
  Rework the read routines to keep the PRNG sources happy. These work
  in units of crypto blocks, so must have adequate space to write.
  This means needing to be careful about buffers and keeping track
  of external read request length.
  
  Approved by:  so (/dev/random blanket)

Modified:
  head/sys/dev/random/randomdev.c

Modified: head/sys/dev/random/randomdev.c
==
--- head/sys/dev/random/randomdev.c Mon Jul 13 05:59:41 2015
(r285438)
+++ head/sys/dev/random/randomdev.c Mon Jul 13 08:38:21 2015
(r285439)
@@ -153,8 +153,8 @@ static int
 randomdev_read(struct cdev *dev __unused, struct uio *uio, int flags)
 {
uint8_t *random_buf;
-   int c, error;
-   ssize_t nbytes;
+   int error;
+   ssize_t read_len, total_read, c;
 
random_buf = malloc(PAGE_SIZE, M_ENTROPY, M_WAITOK);
random_alg_context.ra_pre_read();
@@ -175,14 +175,24 @@ randomdev_read(struct cdev *dev __unused
/* XXX: FIX!! Next line as an atomic operation? */
read_rate += (uio->uio_resid + 
sizeof(uint32_t))/sizeof(uint32_t);
 #endif
-   nbytes = uio->uio_resid;
+   total_read = 0;
while (uio->uio_resid && !error) {
-   c = MIN(uio->uio_resid, PAGE_SIZE);
-   /* See the random_buf size requirements in the 
Yarrow/Fortuna code */
-   random_alg_context.ra_read(random_buf, c);
+   read_len = uio->uio_resid;
+   /*
+* Belt-and-braces.
+* Round up the read length to a crypto block size 
multiple,
+* which is what the underlying generator is expecting.
+* See the random_buf size requirements in the 
Yarrow/Fortuna code.
+*/
+   read_len += RANDOM_BLOCKSIZE;
+   read_len -= read_len % RANDOM_BLOCKSIZE;
+   read_len = MIN(read_len, PAGE_SIZE);
+   random_alg_context.ra_read(random_buf, read_len);
+   c = MIN(uio->uio_resid, read_len);
error = uiomove(random_buf, c, uio);
+   total_read += c;
}
-   if (nbytes != uio->uio_resid && (error == ERESTART || error == 
EINTR) )
+   if (total_read != uio->uio_resid && (error == ERESTART || error 
== EINTR) )
/* Return partial read, not error. */
error = 0;
}
@@ -212,6 +222,13 @@ read_random(void *random_buf, u_int len)
read_rate += (len + sizeof(uint32_t))/sizeof(uint32_t);
 #endif
read_len = len;
+   /*
+* Belt-and-braces.
+* Round up the read length to a crypto block size multiple,
+* which is what the underlying generator is expecting.
+*/
+   read_len += RANDOM_BLOCKSIZE;
+   read_len -= read_len % RANDOM_BLOCKSIZE;
total_read = 0;
while (read_len) {
c = MIN(read_len, PAGE_SIZE);
___
svn-src-head@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/svn-src-head
To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"