Module Name: src Committed By: tls Date: Tue Nov 29 03:50:32 UTC 2011
Modified Files: src/sys/dev: rnd.c rndpool.c src/sys/dev/iscsi: iscsi_globals.h iscsi_test.c iscsi_text.c src/sys/dev/pci: hifn7751.c src/sys/kern: subr_cprng.c src/sys/lib/libkern: arc4random.c src/sys/sys: rnd.h Added Files: src/sys/dev: rnd_private.h Log Message: Remove rnd_extract_data from the public kernel API (it is for use by the stream generators only). Clean up some related minor issues. To generate a diff of this commit: cvs rdiff -u -r1.87 -r1.88 src/sys/dev/rnd.c cvs rdiff -u -r0 -r1.1 src/sys/dev/rnd_private.h cvs rdiff -u -r1.20 -r1.21 src/sys/dev/rndpool.c cvs rdiff -u -r1.1 -r1.2 src/sys/dev/iscsi/iscsi_globals.h \ src/sys/dev/iscsi/iscsi_test.c src/sys/dev/iscsi/iscsi_text.c cvs rdiff -u -r1.47 -r1.48 src/sys/dev/pci/hifn7751.c cvs rdiff -u -r1.2 -r1.3 src/sys/kern/subr_cprng.c cvs rdiff -u -r1.27 -r1.28 src/sys/lib/libkern/arc4random.c cvs rdiff -u -r1.25 -r1.26 src/sys/sys/rnd.h Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
Modified files: Index: src/sys/dev/rnd.c diff -u src/sys/dev/rnd.c:1.87 src/sys/dev/rnd.c:1.88 --- src/sys/dev/rnd.c:1.87 Mon Nov 28 07:56:54 2011 +++ src/sys/dev/rnd.c Tue Nov 29 03:50:31 2011 @@ -1,4 +1,4 @@ -/* $NetBSD: rnd.c,v 1.87 2011/11/28 07:56:54 tls Exp $ */ +/* $NetBSD: rnd.c,v 1.88 2011/11/29 03:50:31 tls Exp $ */ /*- * Copyright (c) 1997-2011 The NetBSD Foundation, Inc. @@ -32,7 +32,7 @@ */ #include <sys/cdefs.h> -__KERNEL_RCSID(0, "$NetBSD: rnd.c,v 1.87 2011/11/28 07:56:54 tls Exp $"); +__KERNEL_RCSID(0, "$NetBSD: rnd.c,v 1.88 2011/11/29 03:50:31 tls Exp $"); #include <sys/param.h> #include <sys/ioctl.h> @@ -54,6 +54,8 @@ __KERNEL_RCSID(0, "$NetBSD: rnd.c,v 1.87 #include <sys/rngtest.h> #include <sys/cpu.h> /* XXX temporary, see rnd_detach_source */ +#include <dev/rnd_private.h> + #if defined(__HAVE_CPU_COUNTER) && !defined(_RUMPKERNEL) /* XXX: bad pooka */ #include <machine/cpu_counter.h> #endif Index: src/sys/dev/rndpool.c diff -u src/sys/dev/rndpool.c:1.20 src/sys/dev/rndpool.c:1.21 --- src/sys/dev/rndpool.c:1.20 Mon Apr 28 20:23:47 2008 +++ src/sys/dev/rndpool.c Tue Nov 29 03:50:31 2011 @@ -1,4 +1,4 @@ -/* $NetBSD: rndpool.c,v 1.20 2008/04/28 20:23:47 martin Exp $ */ +/* $NetBSD: rndpool.c,v 1.21 2011/11/29 03:50:31 tls Exp $ */ /*- * Copyright (c) 1997 The NetBSD Foundation, Inc. @@ -31,13 +31,14 @@ */ #include <sys/cdefs.h> -__KERNEL_RCSID(0, "$NetBSD: rndpool.c,v 1.20 2008/04/28 20:23:47 martin Exp $"); +__KERNEL_RCSID(0, "$NetBSD: rndpool.c,v 1.21 2011/11/29 03:50:31 tls Exp $"); #include <sys/param.h> #include <sys/systm.h> #include <sys/sha1.h> #include <sys/rnd.h> +#include <dev/rnd_private.h> /* * The random pool "taps" @@ -64,7 +65,7 @@ rndpool_init(rndpool_t *rp) rp->stats.threshold = RND_ENTROPY_THRESHOLD; rp->stats.maxentropy = RND_POOLBITS; - KASSERT(RND_ENTROPY_THRESHOLD*2 <= 20); /* XXX sha knowledge */ + KASSERT(RND_ENTROPY_THRESHOLD * 2 <= SHA1_DIGEST_LENGTH); } u_int32_t @@ -250,7 +251,7 @@ rndpool_extract_data(rndpool_t *rp, void { u_int i; SHA1_CTX hash; - u_char digest[20]; /* XXX SHA knowledge */ + u_char digest[SHA1_DIGEST_LENGTH]; u_int32_t remain, deltae, count; u_int8_t *buf; int good; @@ -263,7 +264,7 @@ rndpool_extract_data(rndpool_t *rp, void else good = (rp->stats.curentropy >= (8 * RND_ENTROPY_THRESHOLD)); - KASSERT(RND_ENTROPY_THRESHOLD*2 <= 20); /* XXX SHA knowledge */ + KASSERT(RND_ENTROPY_THRESHOLD * 2 <= sizeof(digest)); while (good && (remain != 0)) { /* Index: src/sys/dev/iscsi/iscsi_globals.h diff -u src/sys/dev/iscsi/iscsi_globals.h:1.1 src/sys/dev/iscsi/iscsi_globals.h:1.2 --- src/sys/dev/iscsi/iscsi_globals.h:1.1 Sun Oct 23 21:15:02 2011 +++ src/sys/dev/iscsi/iscsi_globals.h Tue Nov 29 03:50:31 2011 @@ -1,4 +1,4 @@ -/* $NetBSD: iscsi_globals.h,v 1.1 2011/10/23 21:15:02 agc Exp $ */ +/* $NetBSD: iscsi_globals.h,v 1.2 2011/11/29 03:50:31 tls Exp $ */ /*- * Copyright (c) 2004,2005,2006,2011 The NetBSD Foundation, Inc. @@ -554,25 +554,6 @@ uint8_t InitiatorName[ISCSI_STRING_LENGT uint8_t InitiatorAlias[ISCSI_STRING_LENGTH]; login_isid_t InitiatorISID; - -/* ------------------------- Global Functions ----------------------------- */ - -#ifdef __NetBSD__ -#define GEN_RAND(buffer, len) rnd_extract_data (buffer, len, RND_EXTRACT_ANY) -#else -#define GEN_RAND(buffer, len) get_random_bytes (buffer, len) -#endif - -static __inline uint8_t -randb(void) -{ - uint8_t buf; - - GEN_RAND(&buf, 1); - return buf; -} - - /* Debugging and profiling stuff */ #include "iscsi_profile.h" Index: src/sys/dev/iscsi/iscsi_test.c diff -u src/sys/dev/iscsi/iscsi_test.c:1.1 src/sys/dev/iscsi/iscsi_test.c:1.2 --- src/sys/dev/iscsi/iscsi_test.c:1.1 Sun Oct 23 21:15:02 2011 +++ src/sys/dev/iscsi/iscsi_test.c Tue Nov 29 03:50:31 2011 @@ -1,4 +1,4 @@ -/* $NetBSD: iscsi_test.c,v 1.1 2011/10/23 21:15:02 agc Exp $ */ +/* $NetBSD: iscsi_test.c,v 1.2 2011/11/29 03:50:31 tls Exp $ */ /*- * Copyright (c) 2006,2011 The NetBSD Foundation, Inc. @@ -269,7 +269,8 @@ test_get(pdu_t *pdu, mod_desc_t *mod, in STATIC int check_loss(test_pars_t *tp, int rxtx) { - return (tp->lose_random[rxtx]) ? (randb() % tp->lose_random[rxtx]) : 0; + return (tp->lose_random[rxtx]) ? + (cprng_fast32() % tp->lose_random[rxtx]) : 0; } Index: src/sys/dev/iscsi/iscsi_text.c diff -u src/sys/dev/iscsi/iscsi_text.c:1.1 src/sys/dev/iscsi/iscsi_text.c:1.2 --- src/sys/dev/iscsi/iscsi_text.c:1.1 Sun Oct 23 21:15:02 2011 +++ src/sys/dev/iscsi/iscsi_text.c Tue Nov 29 03:50:31 2011 @@ -1,4 +1,4 @@ -/* $NetBSD: iscsi_text.c,v 1.1 2011/10/23 21:15:02 agc Exp $ */ +/* $NetBSD: iscsi_text.c,v 1.2 2011/11/29 03:50:31 tls Exp $ */ /*- * Copyright (c) 2005,2006,2011 The NetBSD Foundation, Inc. @@ -32,6 +32,7 @@ #include "iscsi_globals.h" #include "base64.h" #include <sys/md5.h> +#include <sys/cprng.h> #define isdigit(x) ((x) >= '0' && (x) <= '9') #define toupper(x) ((x) & ~0x20) @@ -1456,7 +1457,9 @@ assemble_security_parameters(connection_ return ISCSI_STATUS_PARAMETER_MISSING; } - GEN_RAND(&state->temp_buf[CHAP_MD5_SIZE], CHAP_CHALLENGE_LEN + 1); + cprng_strong(kern_cprng, + &state->temp_buf[CHAP_MD5_SIZE], + CHAP_CHALLENGE_LEN + 1); set_key_n(state, K_Auth_CHAP_Identifier, state->temp_buf[CHAP_MD5_SIZE]); cpar = set_key_s(state, K_Auth_CHAP_Challenge, Index: src/sys/dev/pci/hifn7751.c diff -u src/sys/dev/pci/hifn7751.c:1.47 src/sys/dev/pci/hifn7751.c:1.48 --- src/sys/dev/pci/hifn7751.c:1.47 Sat Nov 19 22:51:23 2011 +++ src/sys/dev/pci/hifn7751.c Tue Nov 29 03:50:31 2011 @@ -1,4 +1,4 @@ -/* $NetBSD: hifn7751.c,v 1.47 2011/11/19 22:51:23 tls Exp $ */ +/* $NetBSD: hifn7751.c,v 1.48 2011/11/29 03:50:31 tls Exp $ */ /* $FreeBSD: hifn7751.c,v 1.5.2.7 2003/10/08 23:52:00 sam Exp $ */ /* $OpenBSD: hifn7751.c,v 1.140 2003/08/01 17:55:54 deraadt Exp $ */ @@ -48,7 +48,7 @@ */ #include <sys/cdefs.h> -__KERNEL_RCSID(0, "$NetBSD: hifn7751.c,v 1.47 2011/11/19 22:51:23 tls Exp $"); +__KERNEL_RCSID(0, "$NetBSD: hifn7751.c,v 1.48 2011/11/29 03:50:31 tls Exp $"); #include <sys/param.h> #include <sys/systm.h> @@ -65,6 +65,8 @@ __KERNEL_RCSID(0, "$NetBSD: hifn7751.c,v #else #include <opencrypto/cryptodev.h> #include <sys/cprng.h> +#include <sys/rnd.h> +#include <sys/sha1.h> #endif #include <dev/pci/pcireg.h> @@ -544,7 +546,7 @@ hifn_rng(void *vsc) { struct hifn_softc *sc = vsc; #ifdef __NetBSD__ - u_int32_t num[HIFN_RNG_BITSPER * RND_ENTROPY_THRESHOLD]; + u_int32_t num[HIFN_RNG_BITSPER * SHA1_DIGEST_LENGTH]; #else u_int32_t num[2]; #endif Index: src/sys/kern/subr_cprng.c diff -u src/sys/kern/subr_cprng.c:1.2 src/sys/kern/subr_cprng.c:1.3 --- src/sys/kern/subr_cprng.c:1.2 Mon Nov 21 13:44:38 2011 +++ src/sys/kern/subr_cprng.c Tue Nov 29 03:50:31 2011 @@ -1,4 +1,4 @@ -/* $NetBSD: subr_cprng.c,v 1.2 2011/11/21 13:44:38 tsutsui Exp $ */ +/* $NetBSD: subr_cprng.c,v 1.3 2011/11/29 03:50:31 tls Exp $ */ /*- * Copyright (c) 2011 The NetBSD Foundation, Inc. @@ -38,6 +38,7 @@ #include <sys/mutex.h> #include <sys/rngtest.h> #include <sys/rnd.h> +#include <dev/rnd_private.h> #if defined(__HAVE_CPU_COUNTER) #include <machine/cpu_counter.h> @@ -45,7 +46,7 @@ #include <sys/cprng.h> -__KERNEL_RCSID(0, "$NetBSD: subr_cprng.c,v 1.2 2011/11/21 13:44:38 tsutsui Exp $"); +__KERNEL_RCSID(0, "$NetBSD: subr_cprng.c,v 1.3 2011/11/29 03:50:31 tls Exp $"); void cprng_init(void) Index: src/sys/lib/libkern/arc4random.c diff -u src/sys/lib/libkern/arc4random.c:1.27 src/sys/lib/libkern/arc4random.c:1.28 --- src/sys/lib/libkern/arc4random.c:1.27 Mon Nov 28 08:05:05 2011 +++ src/sys/lib/libkern/arc4random.c Tue Nov 29 03:50:32 2011 @@ -1,4 +1,4 @@ -/* $NetBSD: arc4random.c,v 1.27 2011/11/28 08:05:05 tls Exp $ */ +/* $NetBSD: arc4random.c,v 1.28 2011/11/29 03:50:32 tls Exp $ */ /*- * Copyright (c) 2002, 2011 The NetBSD Foundation, Inc. @@ -70,6 +70,7 @@ #if NRND > 0 #include <sys/rnd.h> +#include <dev/rnd_private.h> rndsink_t rs; Index: src/sys/sys/rnd.h diff -u src/sys/sys/rnd.h:1.25 src/sys/sys/rnd.h:1.26 --- src/sys/sys/rnd.h:1.25 Mon Nov 28 08:00:48 2011 +++ src/sys/sys/rnd.h Tue Nov 29 03:50:32 2011 @@ -1,4 +1,4 @@ -/* $NetBSD: rnd.h,v 1.25 2011/11/28 08:00:48 tls Exp $ */ +/* $NetBSD: rnd.h,v 1.26 2011/11/29 03:50:32 tls Exp $ */ /*- * Copyright (c) 1997 The NetBSD Foundation, Inc. @@ -51,32 +51,6 @@ #define RND_DEV_RANDOM 0 /* minor devices for random and kinda random */ #define RND_DEV_URANDOM 1 -#ifdef _KERNEL -/* - * Size of entropy pool in 32-bit words. This _MUST_ be a power of 2. Don't - * change this unless you really know what you are doing... - */ -#ifndef RND_POOLWORDS -#define RND_POOLWORDS 128 -#endif -#define RND_POOLBITS (RND_POOLWORDS * 32) - -/* - * Number of bytes returned per hash. This value is used in both - * rnd.c and rndpool.c to decide when enough entropy exists to do a - * hash to extract it. - */ -#define RND_ENTROPY_THRESHOLD 10 - -/* - * Size of the event queue. This _MUST_ be a power of 2. - */ -#ifndef RND_EVENTQSIZE -#define RND_EVENTQSIZE 128 -#endif - -#endif /* _KERNEL */ - /* * Exposed "size" of entropy pool, for convenience in load/save * from userspace. Do not assume this is the same as the actual in-kernel @@ -126,6 +100,14 @@ typedef struct { #define RND_TYPE_MAX 5 /* last type id used */ #ifdef _KERNEL +/* + * Size of entropy pool in 32-bit words. This _MUST_ be a power of 2. Don't + * change this unless you really know what you are doing... + */ +#ifndef RND_POOLWORDS +#define RND_POOLWORDS 128 +#endif +#define RND_POOLBITS (RND_POOLWORDS * 32) typedef struct krndsource { LIST_ENTRY(krndsource) list; /* the linked list */ @@ -157,14 +139,6 @@ typedef struct { uint32_t pool[RND_POOLWORDS]; /* random pool data */ } rndpool_t; -/* - * Used by rnd_extract_data() and rndpool_extract_data() to describe how - * "good" the data has to be. - */ -#define RND_EXTRACT_ANY 0 /* extract anything, even if no entropy */ -#define RND_EXTRACT_GOOD 1 /* return as many good bytes - (short read ok) */ - #define RND_ENABLED(rp) \ (((rp)->flags & RND_FLAG_NO_COLLECT) == 0) @@ -181,7 +155,6 @@ void rnd_init(void); void rnd_add_uint32(krndsource_t *, uint32_t); void rnd_add_data(krndsource_t *, const void *const, uint32_t, uint32_t); -uint32_t rnd_extract_data(void *, uint32_t, uint32_t); void rnd_attach_source(krndsource_t *, const char *, uint32_t, uint32_t); void rnd_detach_source(krndsource_t *); Added files: Index: src/sys/dev/rnd_private.h diff -u /dev/null src/sys/dev/rnd_private.h:1.1 --- /dev/null Tue Nov 29 03:50:32 2011 +++ src/sys/dev/rnd_private.h Tue Nov 29 03:50:31 2011 @@ -0,0 +1,58 @@ +/* $NetBSD: rnd_private.h,v 1.1 2011/11/29 03:50:31 tls Exp $ */ + +/*- + * Copyright (c) 1997 The NetBSD Foundation, Inc. + * All rights reserved. + * + * This code is derived from software contributed to The NetBSD Foundation + * by Michael Graff <explo...@flame.org>. This code uses ideas and + * algorithms from the Linux driver written by Ted Ts'o. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS + * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED + * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS + * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR + * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + * POSSIBILITY OF SUCH DAMAGE. + */ + +#ifndef _DEV_RNDPRIVATE_H +#define _DEV_RNDPRIVATE_H +/* + * Number of bytes returned per hash. This value is used in both + * rnd.c and rndpool.c to decide when enough entropy exists to do a + * hash to extract it. + */ +#define RND_ENTROPY_THRESHOLD 10 + +/* + * Size of the event queue. This _MUST_ be a power of 2. + */ +#ifndef RND_EVENTQSIZE +#define RND_EVENTQSIZE 128 +#endif + +/* + * Used by rnd_extract_data() and rndpool_extract_data() to describe how + * "good" the data has to be. + */ +#define RND_EXTRACT_ANY 0 /* extract anything, even if no entropy */ +#define RND_EXTRACT_GOOD 1 /* return as many good bytes + (short read ok) */ + +uint32_t rnd_extract_data(void *, uint32_t, uint32_t); +#endif