Debug run. This now works, except that the "live" sources haven't

been tested. With all sources turned on, this unlocks itself in a couple of seconds! That is no my box, and there is no guarantee that this will be the case everywhere. * Cut debug prints. * Use the same locks/mutexes all the way through. * Be a tad more conservative about entropy estimates.
2013-10-06 12:40:32 +00:00 · 2013-10-06 12:40:32 +00:00 · ad1f331196
commit ad1f331196
parent eee1352e67
7 changed files with 17 additions and 20 deletions
--- a/sys/dev/random/live_entropy_sources.c
+++ b/sys/dev/random/live_entropy_sources.c
@ -51,7 +51,6 @@ __FBSDID("$FreeBSD$");

 LIST_HEAD(les_head, live_entropy_sources);
 static struct les_head sources = LIST_HEAD_INITIALIZER(sources);
-static struct sx les_lock; /* need a sleepable lock */

 #define LES_THRESHOLD 10

@ -65,9 +64,9 @@ live_entropy_source_register(struct random_hardware_source *rsource)
 	les = malloc(sizeof(struct live_entropy_sources), M_ENTROPY, M_WAITOK);
 	les->rsource = rsource;

-	sx_xlock(&les_lock);
+	mtx_lock_spin(&harvest_mtx);
 	LIST_INSERT_HEAD(&sources, les, entries);
-	sx_xunlock(&les_lock);
+	mtx_unlock_spin(&harvest_mtx);
 }

 void
@ -77,7 +76,7 @@ live_entropy_source_deregister(struct random_hardware_source *rsource)

 	KASSERT(rsource != NULL, ("invalid input to %s", __func__));

-	sx_xlock(&les_lock);
+	mtx_lock_spin(&harvest_mtx);
 	LIST_FOREACH(les, &sources, entries) {
 		if (les->rsource == rsource) {
 			LIST_REMOVE(les, entries);
@ -85,7 +84,7 @@ live_entropy_source_deregister(struct random_hardware_source *rsource)
 			break;
 		}
 	}
-	sx_xunlock(&les_lock);
+	mtx_unlock_spin(&harvest_mtx);
 }

 static int
@ -96,7 +95,7 @@ live_entropy_source_handler(SYSCTL_HANDLER_ARGS)

 	count = error = 0;

-	sx_slock(&les_lock);
+	mtx_lock_spin(&harvest_mtx);

 	if (LIST_EMPTY(&sources))
 		error = SYSCTL_OUT(req, "", 0);
@ -113,7 +112,7 @@ live_entropy_source_handler(SYSCTL_HANDLER_ARGS)
 		}
 	}

-	sx_sunlock(&les_lock);
+	mtx_unlock_spin(&harvest_mtx);

 	return (error);
 }
@ -126,8 +125,6 @@ live_entropy_sources_init(void *unused)
 	    CTLTYPE_STRING | CTLFLAG_RD | CTLFLAG_MPSAFE,
 	    NULL, 0, live_entropy_source_handler, "",
 	    "List of Active Live Entropy Sources");
-
-	sx_init(&les_lock, "live_entropy_sources");
 }

 /*
@ -138,6 +135,7 @@ live_entropy_sources_init(void *unused)
 *
 * BEWARE!!!
 * This function runs inside the RNG thread! Don't do anything silly!
+ * The harvest_mtx mutex is held; you may count on that.
 */
 void
 live_entropy_sources_feed(int rounds, event_proc_f entropy_processor)
@ -147,8 +145,6 @@ live_entropy_sources_feed(int rounds, event_proc_f entropy_processor)
 	struct live_entropy_sources *les;
 	int i, n;

-	sx_slock(&les_lock);
-
 	/*
 	 * Walk over all of live entropy sources, and feed their output
 	 * to the system-wide RNG.
@ -176,15 +172,11 @@ live_entropy_sources_feed(int rounds, event_proc_f entropy_processor)
 		}

 	}
-
-	sx_sunlock(&les_lock);
 }

 static void
 live_entropy_sources_deinit(void *unused)
 {
-
-	sx_destroy(&les_lock);
 }

 SYSINIT(random_adaptors, SI_SUB_DRIVERS, SI_ORDER_FIRST,
--- a/sys/dev/random/random_harvestq.c
+++ b/sys/dev/random/random_harvestq.c
@ -52,7 +52,7 @@ __FBSDID("$FreeBSD$");

 /*
 * The harvest mutex protects the consistency of the entropy fifos and
- * empty fifo.
+ * empty fifo and other associated structures.
 */
 struct mtx	harvest_mtx;

--- a/sys/dev/random/random_harvestq.h
+++ b/sys/dev/random/random_harvestq.h
@ -37,5 +37,6 @@ void random_harvestq_internal(u_int64_t, const void *,
    u_int, u_int, enum esource);

 extern int random_kthread_control;
+extern struct mtx harvest_mtx;

 #endif /* __RANDOM_HARVEST_H__ */
--- a/sys/dev/random/yarrow.c
+++ b/sys/dev/random/yarrow.c
@ -114,7 +114,7 @@ random_process_event(struct harvest *event)
 	struct source *source;
 	enum esource src;

-#if 1
+#if 0
 	/* Do this better with DTrace */
 	{
 		int i;
@ -243,6 +243,10 @@ reseed(u_int fastslow)
 	u_int i;
 	enum esource j;

+#if 0
+	printf("Yarrow: %s reseed\n", fastslow == FAST ? "fast" : "slow");
+#endif
+
 	/* The reseed task must not be jumped on */
 	mtx_lock(&random_reseed_mtx);

--- a/sys/net/if_ethersubr.c
+++ b/sys/net/if_ethersubr.c
@ -639,7 +639,7 @@ ether_input_internal(struct ifnet *ifp, struct mbuf *m)
 	}

 	if (harvest.ethernet)
-		random_harvest(&(m->m_data), 12, 3, RANDOM_NET_ETHER);
+		random_harvest(&(m->m_data), 12, 2, RANDOM_NET_ETHER);

 	ether_demux(ifp, m);
 	CURVNET_RESTORE();
--- a/sys/net/if_tun.c
+++ b/sys/net/if_tun.c
@ -918,7 +918,7 @@ tunwrite(struct cdev *dev, struct uio *uio, int flag)
 		return (EAFNOSUPPORT);
 	}
 	if (harvest.point_to_point)
-		random_harvest(&(m->m_data), 12, 3, RANDOM_NET_TUN);
+		random_harvest(&(m->m_data), 12, 2, RANDOM_NET_TUN);
 	ifp->if_ibytes += m->m_pkthdr.len;
 	ifp->if_ipackets++;
 	CURVNET_SET(ifp->if_vnet);
--- a/sys/netgraph/ng_iface.c
+++ b/sys/netgraph/ng_iface.c
@ -775,7 +775,7 @@ ng_iface_rcvdata(hook_p hook, item_p item)
 		return (EAFNOSUPPORT);
 	}
 	if (harvest.point_to_point)
-		random_harvest(&(m->m_data), 12, 3, RANDOM_NET_NG);
+		random_harvest(&(m->m_data), 12, 2, RANDOM_NET_NG);
 	M_SETFIB(m, ifp->if_fib);
 	netisr_dispatch(isr, m);
 	return (0);