From ad1f3311961af3d5ce6c37b32db5bf65d8ffbf35 Mon Sep 17 00:00:00 2001 From: Mark Murray Date: Sun, 6 Oct 2013 12:40:32 +0000 Subject: [PATCH] Debug run. This now works, except that the "live" sources haven't been tested. With all sources turned on, this unlocks itself in a couple of seconds! That is no my box, and there is no guarantee that this will be the case everywhere. * Cut debug prints. * Use the same locks/mutexes all the way through. * Be a tad more conservative about entropy estimates. --- sys/dev/random/live_entropy_sources.c | 22 +++++++--------------- sys/dev/random/random_harvestq.c | 2 +- sys/dev/random/random_harvestq.h | 1 + sys/dev/random/yarrow.c | 6 +++++- sys/net/if_ethersubr.c | 2 +- sys/net/if_tun.c | 2 +- sys/netgraph/ng_iface.c | 2 +- 7 files changed, 17 insertions(+), 20 deletions(-) diff --git a/sys/dev/random/live_entropy_sources.c b/sys/dev/random/live_entropy_sources.c index d29c94ad8a57..7d5ee9bd03b8 100644 --- a/sys/dev/random/live_entropy_sources.c +++ b/sys/dev/random/live_entropy_sources.c @@ -51,7 +51,6 @@ __FBSDID("$FreeBSD$"); LIST_HEAD(les_head, live_entropy_sources); static struct les_head sources = LIST_HEAD_INITIALIZER(sources); -static struct sx les_lock; /* need a sleepable lock */ #define LES_THRESHOLD 10 @@ -65,9 +64,9 @@ live_entropy_source_register(struct random_hardware_source *rsource) les = malloc(sizeof(struct live_entropy_sources), M_ENTROPY, M_WAITOK); les->rsource = rsource; - sx_xlock(&les_lock); + mtx_lock_spin(&harvest_mtx); LIST_INSERT_HEAD(&sources, les, entries); - sx_xunlock(&les_lock); + mtx_unlock_spin(&harvest_mtx); } void @@ -77,7 +76,7 @@ live_entropy_source_deregister(struct random_hardware_source *rsource) KASSERT(rsource != NULL, ("invalid input to %s", __func__)); - sx_xlock(&les_lock); + mtx_lock_spin(&harvest_mtx); LIST_FOREACH(les, &sources, entries) { if (les->rsource == rsource) { LIST_REMOVE(les, entries); @@ -85,7 +84,7 @@ live_entropy_source_deregister(struct random_hardware_source *rsource) break; } } - sx_xunlock(&les_lock); + mtx_unlock_spin(&harvest_mtx); } static int @@ -96,7 +95,7 @@ live_entropy_source_handler(SYSCTL_HANDLER_ARGS) count = error = 0; - sx_slock(&les_lock); + mtx_lock_spin(&harvest_mtx); if (LIST_EMPTY(&sources)) error = SYSCTL_OUT(req, "", 0); @@ -113,7 +112,7 @@ live_entropy_source_handler(SYSCTL_HANDLER_ARGS) } } - sx_sunlock(&les_lock); + mtx_unlock_spin(&harvest_mtx); return (error); } @@ -126,8 +125,6 @@ live_entropy_sources_init(void *unused) CTLTYPE_STRING | CTLFLAG_RD | CTLFLAG_MPSAFE, NULL, 0, live_entropy_source_handler, "", "List of Active Live Entropy Sources"); - - sx_init(&les_lock, "live_entropy_sources"); } /* @@ -138,6 +135,7 @@ live_entropy_sources_init(void *unused) * * BEWARE!!! * This function runs inside the RNG thread! Don't do anything silly! + * The harvest_mtx mutex is held; you may count on that. */ void live_entropy_sources_feed(int rounds, event_proc_f entropy_processor) @@ -147,8 +145,6 @@ live_entropy_sources_feed(int rounds, event_proc_f entropy_processor) struct live_entropy_sources *les; int i, n; - sx_slock(&les_lock); - /* * Walk over all of live entropy sources, and feed their output * to the system-wide RNG. @@ -176,15 +172,11 @@ live_entropy_sources_feed(int rounds, event_proc_f entropy_processor) } } - - sx_sunlock(&les_lock); } static void live_entropy_sources_deinit(void *unused) { - - sx_destroy(&les_lock); } SYSINIT(random_adaptors, SI_SUB_DRIVERS, SI_ORDER_FIRST, diff --git a/sys/dev/random/random_harvestq.c b/sys/dev/random/random_harvestq.c index 6ae29fd5f1bb..4e9d711fc4b8 100644 --- a/sys/dev/random/random_harvestq.c +++ b/sys/dev/random/random_harvestq.c @@ -52,7 +52,7 @@ __FBSDID("$FreeBSD$"); /* * The harvest mutex protects the consistency of the entropy fifos and - * empty fifo. + * empty fifo and other associated structures. */ struct mtx harvest_mtx; diff --git a/sys/dev/random/random_harvestq.h b/sys/dev/random/random_harvestq.h index 11ccfc46e009..f4e9bb188a9c 100644 --- a/sys/dev/random/random_harvestq.h +++ b/sys/dev/random/random_harvestq.h @@ -37,5 +37,6 @@ void random_harvestq_internal(u_int64_t, const void *, u_int, u_int, enum esource); extern int random_kthread_control; +extern struct mtx harvest_mtx; #endif /* __RANDOM_HARVEST_H__ */ diff --git a/sys/dev/random/yarrow.c b/sys/dev/random/yarrow.c index ab26eefb17d9..6d2ea3b48fd9 100644 --- a/sys/dev/random/yarrow.c +++ b/sys/dev/random/yarrow.c @@ -114,7 +114,7 @@ random_process_event(struct harvest *event) struct source *source; enum esource src; -#if 1 +#if 0 /* Do this better with DTrace */ { int i; @@ -243,6 +243,10 @@ reseed(u_int fastslow) u_int i; enum esource j; +#if 0 + printf("Yarrow: %s reseed\n", fastslow == FAST ? "fast" : "slow"); +#endif + /* The reseed task must not be jumped on */ mtx_lock(&random_reseed_mtx); diff --git a/sys/net/if_ethersubr.c b/sys/net/if_ethersubr.c index cc5d8b5d6fff..f1a16665464f 100644 --- a/sys/net/if_ethersubr.c +++ b/sys/net/if_ethersubr.c @@ -639,7 +639,7 @@ ether_input_internal(struct ifnet *ifp, struct mbuf *m) } if (harvest.ethernet) - random_harvest(&(m->m_data), 12, 3, RANDOM_NET_ETHER); + random_harvest(&(m->m_data), 12, 2, RANDOM_NET_ETHER); ether_demux(ifp, m); CURVNET_RESTORE(); diff --git a/sys/net/if_tun.c b/sys/net/if_tun.c index 6a73d7cfbcd8..262d6d2f9a6c 100644 --- a/sys/net/if_tun.c +++ b/sys/net/if_tun.c @@ -918,7 +918,7 @@ tunwrite(struct cdev *dev, struct uio *uio, int flag) return (EAFNOSUPPORT); } if (harvest.point_to_point) - random_harvest(&(m->m_data), 12, 3, RANDOM_NET_TUN); + random_harvest(&(m->m_data), 12, 2, RANDOM_NET_TUN); ifp->if_ibytes += m->m_pkthdr.len; ifp->if_ipackets++; CURVNET_SET(ifp->if_vnet); diff --git a/sys/netgraph/ng_iface.c b/sys/netgraph/ng_iface.c index 12ee3a5cd4a2..6c18d2a1cc16 100644 --- a/sys/netgraph/ng_iface.c +++ b/sys/netgraph/ng_iface.c @@ -775,7 +775,7 @@ ng_iface_rcvdata(hook_p hook, item_p item) return (EAFNOSUPPORT); } if (harvest.point_to_point) - random_harvest(&(m->m_data), 12, 3, RANDOM_NET_NG); + random_harvest(&(m->m_data), 12, 2, RANDOM_NET_NG); M_SETFIB(m, ifp->if_fib); netisr_dispatch(isr, m); return (0);