freebsd-nq/sys/libkern
Conrad Meyer 3782136ff1 random(4): Restore availability tradeoff prior to r346250
As discussed in that commit message, it is a dangerous default.  But the
safe default causes enough pain on a variety of platforms that for now,
restore the prior default.

Some of this is self-induced pain we should/could do better about; for
example, programmatic CI systems and VM managers should introduce entropy
from the host for individual VM instances.  This is considered a future work
item.

On modern x86 and Power9 systems, this may be wholly unnecessary after
D19928 lands (even in the non-ideal case where early /boot/entropy is
unavailable), because they have fast hardware random sources available early
in boot.  But D19928 is not yet landed and we have a host of architectures
which do not provide fast random sources.

This change adds several tunables and diagnostic sysctls, documented
thoroughly in UPDATING and sys/dev/random/random_infra.c.

PR:		230875 (reopens)
Reported by:	adrian, jhb, imp, and probably others
Reviewed by:	delphij, imp (earlier version), markm (earlier version)
Discussed with:	adrian
Approved by:	secteam(delphij)
Relnotes:	yeah
Security:	related
Differential Revision:	https://reviews.freebsd.org/D19944
2019-04-18 20:48:54 +00:00
..
arm sys/kern: adoption of SPDX licensing ID tags. 2017-11-27 15:20:12 +00:00
arm64 arm64: add ".arch armv8-a+crc" to allow use of crc instructions 2017-06-08 20:06:09 +00:00
x86 x86/crc32_sse42.c: quiet unused function warning 2017-08-11 17:05:31 +00:00
arc4random.c random(4): Restore availability tradeoff prior to r346250 2019-04-18 20:48:54 +00:00
ashldi3.c sys: further adoption of SPDX licensing ID tags. 2017-11-20 19:43:44 +00:00
ashrdi3.c sys: further adoption of SPDX licensing ID tags. 2017-11-20 19:43:44 +00:00
asprintf.c
bcd.c
bcmp.c Use __builtin for various mem* and b* (e.g. bzero) routines. 2018-06-02 18:03:35 +00:00
bcopy.c Simplify things a little 2018-05-10 02:31:48 +00:00
bsearch.c sys: further adoption of SPDX licensing ID tags. 2017-11-20 19:43:44 +00:00
cmpdi2.c sys: further adoption of SPDX licensing ID tags. 2017-11-20 19:43:44 +00:00
crc32.c Continuing efforts to provide hardening of FFS, this change adds a 2017-09-22 12:45:15 +00:00
divdi3.c sys: further adoption of SPDX licensing ID tags. 2017-11-20 19:43:44 +00:00
explicit_bzero.c
ffs.c sys: further adoption of SPDX licensing ID tags. 2017-11-20 19:43:44 +00:00
ffsl.c sys: further adoption of SPDX licensing ID tags. 2017-11-20 19:43:44 +00:00
ffsll.c
fls.c sys: further adoption of SPDX licensing ID tags. 2017-11-20 19:43:44 +00:00
flsl.c sys: further adoption of SPDX licensing ID tags. 2017-11-20 19:43:44 +00:00
flsll.c sys: further adoption of SPDX licensing ID tags. 2017-11-20 19:43:44 +00:00
fnmatch.c sys: further adoption of SPDX licensing ID tags. 2017-11-20 19:43:44 +00:00
iconv_converter_if.m
iconv_ucs.c sys/kern: adoption of SPDX licensing ID tags. 2017-11-27 15:20:12 +00:00
iconv_xlat16.c sys/kern: adoption of SPDX licensing ID tags. 2017-11-27 15:20:12 +00:00
iconv_xlat.c sys/kern: adoption of SPDX licensing ID tags. 2017-11-27 15:20:12 +00:00
iconv.c iconv uses strlen directly on user supplied memory 2018-02-26 18:23:36 +00:00
inet_aton.c sys/kern: adoption of SPDX licensing ID tags. 2017-11-27 15:20:12 +00:00
inet_ntoa.c
inet_ntop.c
inet_pton.c
jenkins_hash.c
lshrdi3.c sys: further adoption of SPDX licensing ID tags. 2017-11-20 19:43:44 +00:00
mcount.c mcount: tidy up ANSIfication 2018-10-20 22:39:35 +00:00
memcchr.c sys/kern: adoption of SPDX licensing ID tags. 2017-11-27 15:20:12 +00:00
memchr.c sys: further adoption of SPDX licensing ID tags. 2017-11-20 19:43:44 +00:00
memcmp.c Use __builtin for various mem* and b* (e.g. bzero) routines. 2018-06-02 18:03:35 +00:00
memmem.c
memset.c Use __builtin for various mem* and b* (e.g. bzero) routines. 2018-06-02 18:03:35 +00:00
moddi3.c sys: further adoption of SPDX licensing ID tags. 2017-11-20 19:43:44 +00:00
murmur3_32.c
qdivrem.c sys: further adoption of SPDX licensing ID tags. 2017-11-20 19:43:44 +00:00
qsort_r.c
qsort.c sys: further adoption of SPDX licensing ID tags. 2017-11-20 19:43:44 +00:00
quad.h sys: further adoption of SPDX licensing ID tags. 2017-11-20 19:43:44 +00:00
random.c sys: further adoption of SPDX licensing ID tags. 2017-11-20 19:43:44 +00:00
scanc.c sys: further adoption of SPDX licensing ID tags. 2017-11-20 19:43:44 +00:00
strcasecmp.c spdx: initial adoption of licensing ID tags. 2017-11-18 14:26:50 +00:00
strcat.c sys: further adoption of SPDX licensing ID tags. 2017-11-20 19:43:44 +00:00
strchr.c str(r)chr: Replace union abuse with __DECONST 2018-06-04 18:47:14 +00:00
strcmp.c libkern: use nul for terminating char rather than 0 2018-02-13 19:17:48 +00:00
strcpy.c sys: further adoption of SPDX licensing ID tags. 2017-11-20 19:43:44 +00:00
strcspn.c sys/kern: adoption of SPDX licensing ID tags. 2017-11-27 15:20:12 +00:00
strdup.c Add non-sleepable strdup variant strdup_flags 2019-02-20 20:48:10 +00:00
strlcat.c sys/kern: adoption of SPDX licensing ID tags. 2017-11-27 15:20:12 +00:00
strlcpy.c Sync strlcpy with userland version, again 2018-06-21 17:35:13 +00:00
strlen.c Remove "All rights reserved" from my files. 2018-05-10 06:41:08 +00:00
strncat.c libkern: use nul for terminating char rather than 0 2018-02-13 19:17:48 +00:00
strncmp.c sys: further adoption of SPDX licensing ID tags. 2017-11-20 19:43:44 +00:00
strncpy.c libkern: use nul for terminating char rather than 0 2018-02-13 19:17:48 +00:00
strndup.c
strnlen.c sys/kern: adoption of SPDX licensing ID tags. 2017-11-27 15:20:12 +00:00
strrchr.c str(r)chr: Replace union abuse with __DECONST 2018-06-04 18:47:14 +00:00
strsep.c libkern: use nul for terminating char rather than 0 2018-02-13 19:17:48 +00:00
strspn.c sys/kern: adoption of SPDX licensing ID tags. 2017-11-27 15:20:12 +00:00
strstr.c libkern: use nul for terminating char rather than 0 2018-02-13 19:17:48 +00:00
strtol.c sys: further adoption of SPDX licensing ID tags. 2017-11-20 19:43:44 +00:00
strtoq.c sys: further adoption of SPDX licensing ID tags. 2017-11-20 19:43:44 +00:00
strtoul.c sys: further adoption of SPDX licensing ID tags. 2017-11-20 19:43:44 +00:00
strtouq.c sys: further adoption of SPDX licensing ID tags. 2017-11-20 19:43:44 +00:00
strvalid.c sys/kern: adoption of SPDX licensing ID tags. 2017-11-27 15:20:12 +00:00
timingsafe_bcmp.c
ucmpdi2.c sys: further adoption of SPDX licensing ID tags. 2017-11-20 19:43:44 +00:00
udivdi3.c sys: further adoption of SPDX licensing ID tags. 2017-11-20 19:43:44 +00:00
umoddi3.c sys: further adoption of SPDX licensing ID tags. 2017-11-20 19:43:44 +00:00
zlib.c Remove register keyword from sys/ and ANSIfy prototypes 2017-05-17 00:34:34 +00:00