Add randomness write functionality. This does absolutely nothing for

entropy estimation, but causes an immediate reseed after the input (read in sizeof(u_int64_t) chunks) is "harvested". This will be used in the reboot "reseeder", coming in another commit. This can be used very effectively at any time you think your randomness is compromised; something like # (ps -gauxwww; netstat -an; dmesg; vmstat -c10 1) > /dev/random will give the attacker something to think about.
svn path=/head/; revision=63306
2000-07-17 12:23:04 +00:00 · 2000-07-17 12:23:04 +00:00 · 720a3741cf · 2020-12-20 02:59:44 +00:00
commit 720a3741cf
parent e492a4c41a
5 changed files with 41 additions and 3 deletions
--- a/sys/dev/random/randomdev.c
+++ b/sys/dev/random/randomdev.c
@ -117,7 +117,7 @@ random_write(dev_t dev, struct uio *uio, int flag)
 		error = uiomove(random_buf, c, uio);
 		if (error)
 			break;
-		/* write_random(random_buf, c); */
+		write_random(random_buf, c);
 	}
 	free(random_buf, M_TEMP);
 	return error;
--- a/sys/dev/random/yarrow.c
+++ b/sys/dev/random/yarrow.c
@ -274,6 +274,25 @@ read_random(char *buf, u_int count)
 	return retval;
 }

+void
+write_random(char *buf, u_int count)
+{
+	u_int i;
+	intrmask_t mask;
+	struct timespec nanotime;
+
+	/* The reseed task must not be jumped on */
+	mask = splsofttq();
+	for (i = 0; i < count/sizeof(u_int64_t); i++) {
+		getnanotime(&nanotime);
+		random_harvest_internal(&nanotime,
+			*(u_int64_t *)&buf[i*sizeof(u_int64_t)],
+			0, 0, RANDOM_WRITE);
+	}
+	reseed(FAST);
+	splx(mask);
+}
+
 static void
 generator_gate(void)
 {
--- a/sys/dev/randomdev/randomdev.c
+++ b/sys/dev/randomdev/randomdev.c
@ -117,7 +117,7 @@ random_write(dev_t dev, struct uio *uio, int flag)
 		error = uiomove(random_buf, c, uio);
 		if (error)
 			break;
-		/* write_random(random_buf, c); */
+		write_random(random_buf, c);
 	}
 	free(random_buf, M_TEMP);
 	return error;
--- a/sys/dev/randomdev/yarrow.c
+++ b/sys/dev/randomdev/yarrow.c
@ -274,6 +274,25 @@ read_random(char *buf, u_int count)
 	return retval;
 }

+void
+write_random(char *buf, u_int count)
+{
+	u_int i;
+	intrmask_t mask;
+	struct timespec nanotime;
+
+	/* The reseed task must not be jumped on */
+	mask = splsofttq();
+	for (i = 0; i < count/sizeof(u_int64_t); i++) {
+		getnanotime(&nanotime);
+		random_harvest_internal(&nanotime,
+			*(u_int64_t *)&buf[i*sizeof(u_int64_t)],
+			0, 0, RANDOM_WRITE);
+	}
+	reseed(FAST);
+	splx(mask);
+}
+
 static void
 generator_gate(void)
 {
--- a/sys/sys/random.h
+++ b/sys/sys/random.h
@ -34,7 +34,7 @@
 u_int read_random(char *, u_int);
 void write_random(char *, u_int);

-enum esource { RANDOM_KEYBOARD, RANDOM_MOUSE };
+enum esource { RANDOM_WRITE, RANDOM_KEYBOARD, RANDOM_MOUSE };
 void random_harvest(u_int64_t, u_int, u_int, u_int);

 #endif