CVS commit: [netbsd-10] src/sys/kern

Tue, 01 Aug 2023 09:11:05 -0700 

Module Name:    src
Committed By:   martin
Date:           Tue Aug  1 16:10:59 UTC 2023

Modified Files:
        src/sys/kern [netbsd-10]: kern_entropy.c

Log Message:
Pull up following revision(s) (requested by riastradh in ticket #294):

        sys/kern/kern_entropy.c: revision 1.60
        sys/kern/kern_entropy.c: revision 1.61

entropy(9): On flags change, cancel any scheduled consolidation.

We've been instructed to lose confidence in existing entropy sources,
so let's make sure to re-gather enough entropy before the next
consolidation can happen, in case some of what would be counted in
consolidation is from those entropy sources.

entropy(9): Avoid race between rnd_add_data and ioctl(RNDCTL).


To generate a diff of this commit:
cvs rdiff -u -r1.57.4.2 -r1.57.4.3 src/sys/kern/kern_entropy.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.


Modified files:

Index: src/sys/kern/kern_entropy.c
diff -u src/sys/kern/kern_entropy.c:1.57.4.2 src/sys/kern/kern_entropy.c:1.57.4.3
--- src/sys/kern/kern_entropy.c:1.57.4.2	Mon Jul 31 15:57:43 2023
+++ src/sys/kern/kern_entropy.c	Tue Aug  1 16:10:59 2023
@@ -1,4 +1,4 @@
-/*	$NetBSD: kern_entropy.c,v 1.57.4.2 2023/07/31 15:57:43 martin Exp $	*/
+/*	$NetBSD: kern_entropy.c,v 1.57.4.3 2023/08/01 16:10:59 martin Exp $	*/
 
 /*-
  * Copyright (c) 2019 The NetBSD Foundation, Inc.
@@ -75,7 +75,7 @@
  */
 
 #include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: kern_entropy.c,v 1.57.4.2 2023/07/31 15:57:43 martin Exp $");
+__KERNEL_RCSID(0, "$NetBSD: kern_entropy.c,v 1.57.4.3 2023/08/01 16:10:59 martin Exp $");
 
 #include <sys/param.h>
 #include <sys/types.h>
@@ -1910,6 +1910,14 @@ rnd_add_data(struct krndsource *rs, cons
 		return;
 	}
 
+	/*
+	 * Hold up the reset xcall before it zeroes the entropy counts
+	 * on this CPU or globally.  Otherwise, we might leave some
+	 * nonzero entropy attributed to an untrusted source in the
+	 * event of a race with a change to flags.
+	 */
+	kpreempt_disable();
+
 	/* Load a snapshot of the flags.  Ioctl may change them under us.  */
 	flags = atomic_load_relaxed(&rs->flags);
 
@@ -1922,7 +1930,7 @@ rnd_add_data(struct krndsource *rs, cons
 	if (!atomic_load_relaxed(&entropy_collection) ||
 	    ISSET(flags, RND_FLAG_NO_COLLECT) ||
 	    !ISSET(flags, RND_FLAG_COLLECT_VALUE|RND_FLAG_COLLECT_TIME))
-		return;
+		goto out;
 
 	/* If asked, ignore the estimate.  */
 	if (ISSET(flags, RND_FLAG_NO_ESTIMATE))
@@ -1939,6 +1947,9 @@ rnd_add_data(struct krndsource *rs, cons
 		rnd_add_data_1(rs, &extra, sizeof extra, 0,
 		    RND_FLAG_COLLECT_TIME);
 	}
+
+out:	/* Allow concurrent changes to flags to finish.  */
+	kpreempt_enable();
 }
 
 static unsigned
@@ -2414,6 +2425,7 @@ entropy_ioctl(unsigned long cmd, void *d
 			E->pending = 0;
 			atomic_store_relaxed(&E->needed,
 			    ENTROPY_CAPACITY*NBBY);
+			E->consolidate = false;
 			mutex_exit(&E->lock);
 		}

Reply via email to