Commit Graph

19 Commits

Author SHA1 Message Date
John Baldwin
2ed0f9191a - Use RFHIGHPID when creating the kthread to get a more sensible pid.
- Don't fake walking a tailq.  Instead, use a while loop that pulls items
  off the head of the queue while the queue is not empty.
2000-09-11 04:09:08 +00:00
Mark Murray
4d87a031c0 Large upgrade to the entropy device; mainly inspired by feedback
from many folk.

o The reseed process is now a kthread. With SMPng, kthreads are
  pre-emptive, so the annoying jerkiness of the mouse is gone.

o The data structures are protected by mutexes now, not splfoo()/splx().

o The cryptographic routines are broken out into their own subroutines.
  this facilitates review, and possible replacement if that is ever
  found necessary.

Thanks to:		kris, green, peter, jasone, grog, jhb
Forgotten to thank:	You know who you are; no offense intended.
2000-09-10 13:52:19 +00:00
Mark Murray
7aa4389a6c o Fix a horrible bug where small reads (< 8 bytes) would return the
wrong bytes.

o Improve the public interface; use void* instead of char* or u_int64_t
  to pass arbitrary data around.
Submitted by:	kris ("horrible bug")
2000-07-25 21:18:47 +00:00
Mark Murray
c90a8fc9a5 Clean this up with some BDE-inspired fixes.
o Make the comments KNF-compliant.
o Use nanotime instead of getnanotime; the manpage lies about the
  kern.timecounter.method - it has been removed.
o Fix the ENTROPYSOURCE const permanently.
o Make variable names more consistent.
o Make function prototypes more consistent.

Some more needs to be done; to follow.
2000-07-23 11:08:16 +00:00
Mark Murray
720a3741cf Add randomness write functionality. This does absolutely nothing for
entropy estimation, but causes an immediate reseed after the input
(read in sizeof(u_int64_t) chunks) is "harvested".

This will be used in the reboot "reseeder", coming in another
commit. This can be used very effectively at any time you think
your randomness is compromised; something like

# (ps -gauxwww; netstat -an; dmesg; vmstat -c10 1) > /dev/random

will give the attacker something to think about.
2000-07-17 12:23:04 +00:00
Mark Murray
4d0e6f79d6 Storing to a pointer is (effectively) atomic; no need to protect this
with splhigh(). However, the entropy-harvesting routine needs pretty
serious irq-protection, as it is called out of irq handlers etc.

Clues given by:	bde
2000-07-11 19:37:25 +00:00
Mark Murray
7978f67e28 I think I need to move the newly static variables to the random_state
structure; remind myself in the cooments. Also regroup all the Yarrow
variables at the top of the variable list; they are "special".
(no functional change).
2000-07-11 18:35:33 +00:00
Brian Feldman
87a478de7b One should never allocate 4-kilobyte structs and such on the interrupt
stack.  It's bad for your machine's health.

Make the two huge structs in reseed() static to prevent crashes.  This
is the bug that people have been running into and panic()ing on for the
past few days.

Reviewed by:	phk
2000-07-11 06:47:38 +00:00
Mark Murray
fb15ada363 Provide more splsofttq() protection for the reseed task (running out of
taskqueue_swi).
2000-07-10 06:40:23 +00:00
Mark Murray
43975bd56c Make sure that tasks (running out of taskqueue_swi at splsofttq)
are not interfered with by the harvester.
2000-07-09 16:00:31 +00:00
Mark Murray
585ebe2b41 Yarrow tweaks; separate the fast and slow reseed tasks so that they don't
stomp on each other; provide constant names (as enums) for the harvester
to use (makes it more self-documenting).
2000-07-09 11:52:12 +00:00
Mark Murray
769afb047c Fix bug with a vraiable that needs to be per-process, not static;
fix formatting of long macros.

Pointed out by:	bde
2000-07-09 11:49:07 +00:00
Mark Murray
c9ec235ca1 Add entropy gathering code. This will work whether the module is
compiled in or loaded.
2000-07-07 09:03:59 +00:00
Mark Murray
d44f401738 Staticize a variable.
This fixes the case where linking randomdev into the kernel statically
can cause panics at shutdown time.

Reported by:	sos
2000-06-28 18:51:15 +00:00
Mark Murray
1f67cd8737 I am guilty of an act of ommission. There is no longer a /dev/urandom
device with Yarrow, and although I coded for that in dev/MAKEDEV, I forgot
to _tell_ folks.

This commit adds back the /dev/urandom device (as a duplicate) of /dev/random,
until such time as it can be properly announced.

This will help the openssl users quite a lot.
2000-06-27 09:38:40 +00:00
Mark Murray
d4262fb0dd style(9) fixes from BDE.
We shouldn't use '#include ""', rather '#include<>'.
2000-06-26 12:14:20 +00:00
Mark Murray
d147096d0f Fix include for non-module case.
Thanks-to:	SOS
2000-06-25 20:03:44 +00:00
Mark Murray
39d9385710 Fix include for the non-module case.
Thanks-to:	SOS
2000-06-25 19:00:20 +00:00
Mark Murray
4db9ae91ff New machine-independant /dev/random driver.
This is work-in-progress, and the entropy-gathering routines are not
yet present. As such, this should be viewed as a pretty reasonable
PRNG with _ABSOLUTELY_NO_ security!!

Entropy gathering will be the subject of ongoing work.

This is written as a module, and as such is unloadable, but there is
no refcounting done. I would like to use something like device_busy(9)
to achieve this (eventually).

Lots of useful ideas from:	bde, phk, Jeroen van Gelderen

Reviewed by:	dfr
2000-06-25 08:38:58 +00:00