Add YARROW_RNG and FORTUNA_RNG to sys/conf/options.
Add a SYSINIT that forces a reseed during proc0 setup, which happens fairly late in the boot process. Add a RANDOM_DEBUG option which enables some debugging printf()s. Add a new RANDOM_ATTACH entropy source which harvests entropy from the get_cyclecount() delta across each call to a device attach method.
This commit is contained in:
des
parent
9dda6bc99f
commit
7dad8b80f6
@ -904,3 +904,8 @@ RACCT opt_global.h
|
||||
|
||||
# Resource Limits
|
||||
RCTL opt_global.h
|
||||
|
||||
# Random number generator(s)
|
||||
YARROW_RNG opt_random.h
|
||||
FORTUNA_RNG opt_random.h
|
||||
RANDOM_DEBUG opt_random.h
|
||||
|
||||
@ -227,3 +227,17 @@ SYSINIT(random_adaptors, SI_SUB_DRIVERS, SI_ORDER_FIRST, random_adaptors_init,
|
||||
NULL);
|
||||
SYSUNINIT(random_adaptors, SI_SUB_DRIVERS, SI_ORDER_FIRST,
|
||||
random_adaptors_deinit, NULL);
|
||||
|
||||
static void
|
||||
random_adaptors_reseed(void *unused)
|
||||
{
|
||||
|
||||
(void)unused;
|
||||
if (random_adaptor != NULL) {
|
||||
(*random_adaptor->reseed)();
|
||||
random_adaptor->seeded = 1;
|
||||
}
|
||||
arc4rand(NULL, 0, 1);
|
||||
}
|
||||
SYSINIT(random_reseed, SI_SUB_INTRINSIC_POST, SI_ORDER_SECOND,
|
||||
random_adaptors_reseed, NULL);
|
||||
|
||||
@ -26,11 +26,16 @@
|
||||
*
|
||||
*/
|
||||
|
||||
#include "opt_random.h"
|
||||
|
||||
#if !defined(YARROW_RNG) && !defined(FORTUNA_RNG)
|
||||
#define YARROW_RNG
|
||||
#elif defined(YARROW_RNG) && defined(FORTUNA_RNG)
|
||||
#error "Must define either YARROW_RNG or FORTUNA_RNG"
|
||||
#endif
|
||||
#if defined(FORTUNA_RNG)
|
||||
#error "Fortuna is not yet implemented"
|
||||
#endif
|
||||
|
||||
#include <sys/cdefs.h>
|
||||
__FBSDID("$FreeBSD$");
|
||||
|
||||
@ -28,6 +28,8 @@
|
||||
#include <sys/cdefs.h>
|
||||
__FBSDID("$FreeBSD$");
|
||||
|
||||
#include "opt_random.h"
|
||||
|
||||
#include <sys/param.h>
|
||||
#include <sys/kernel.h>
|
||||
#include <sys/lock.h>
|
||||
@ -398,5 +400,17 @@ generator_gate(void)
|
||||
void
|
||||
random_yarrow_reseed(void)
|
||||
{
|
||||
#ifdef RANDOM_DEBUG
|
||||
int i;
|
||||
|
||||
printf("%s(): fast:", __func__);
|
||||
for (i = RANDOM_START; i < ENTROPYSOURCE; ++i)
|
||||
printf(" %d", random_state.pool[FAST].source[i].bits);
|
||||
printf("\n");
|
||||
printf("%s(): slow:", __func__);
|
||||
for (i = RANDOM_START; i < ENTROPYSOURCE; ++i)
|
||||
printf(" %d", random_state.pool[SLOW].source[i].bits);
|
||||
printf("\n");
|
||||
#endif
|
||||
reseed(SLOW);
|
||||
}
|
||||
|
||||
@ -28,6 +28,7 @@
|
||||
__FBSDID("$FreeBSD$");
|
||||
|
||||
#include "opt_bus.h"
|
||||
#include "opt_random.h"
|
||||
|
||||
#include <sys/param.h>
|
||||
#include <sys/conf.h>
|
||||
@ -44,6 +45,7 @@ __FBSDID("$FreeBSD$");
|
||||
#include <sys/condvar.h>
|
||||
#include <sys/queue.h>
|
||||
#include <machine/bus.h>
|
||||
#include <sys/random.h>
|
||||
#include <sys/rman.h>
|
||||
#include <sys/selinfo.h>
|
||||
#include <sys/signalvar.h>
|
||||
@ -55,6 +57,7 @@ __FBSDID("$FreeBSD$");
|
||||
|
||||
#include <net/vnet.h>
|
||||
|
||||
#include <machine/cpu.h>
|
||||
#include <machine/stdarg.h>
|
||||
|
||||
#include <vm/uma.h>
|
||||
@ -2766,6 +2769,7 @@ device_probe_and_attach(device_t dev)
|
||||
int
|
||||
device_attach(device_t dev)
|
||||
{
|
||||
uint64_t attachtime;
|
||||
int error;
|
||||
|
||||
if (resource_disabled(dev->driver->name, dev->unit)) {
|
||||
@ -2778,6 +2782,7 @@ device_attach(device_t dev)
|
||||
device_sysctl_init(dev);
|
||||
if (!device_is_quiet(dev))
|
||||
device_print_child(dev->parent, dev);
|
||||
attachtime = get_cyclecount();
|
||||
dev->state = DS_ATTACHING;
|
||||
if ((error = DEVICE_ATTACH(dev)) != 0) {
|
||||
printf("device_attach: %s%d attach returned %d\n",
|
||||
@ -2790,6 +2795,17 @@ device_attach(device_t dev)
|
||||
dev->state = DS_NOTPRESENT;
|
||||
return (error);
|
||||
}
|
||||
attachtime = get_cyclecount() - attachtime;
|
||||
/*
|
||||
* 4 bits per device is a reasonable value for desktop and server
|
||||
* hardware with good get_cyclecount() implementations, but may
|
||||
* need to be adjusted on other platforms.
|
||||
*/
|
||||
#ifdef RANDOM_DEBUG
|
||||
printf("%s(): feeding %d bit(s) of entropy from %s%d\n",
|
||||
__func__, 4, dev->driver->name, dev->unit);
|
||||
#endif
|
||||
random_harvest(&attachtime, sizeof(attachtime), 4, RANDOM_ATTACH);
|
||||
device_sysctl_update(dev);
|
||||
if (dev->busy)
|
||||
dev->state = DS_BUSY;
|
||||
|
||||
@ -12,7 +12,7 @@ SRCS+= ivy.c
|
||||
.endif
|
||||
SRCS+= randomdev_soft.c yarrow.c hash.c
|
||||
SRCS+= rijndael-alg-fst.c rijndael-api-fst.c sha2.c
|
||||
SRCS+= bus_if.h device_if.h vnode_if.h opt_cpu.h
|
||||
SRCS+= bus_if.h device_if.h vnode_if.h opt_cpu.h opt_random.h
|
||||
|
||||
CFLAGS+= -I${.CURDIR}/../..
|
||||
|
||||
|
||||
@ -46,6 +46,7 @@ enum esource {
|
||||
RANDOM_NET_ETHER,
|
||||
RANDOM_NET_NG,
|
||||
RANDOM_INTERRUPT,
|
||||
RANDOM_ATTACH,
|
||||
RANDOM_SWI,
|
||||
RANDOM_PURE_OCTEON,
|
||||
RANDOM_PURE_SAFE,
|
||||
|
||||
Loading…
Reference in New Issue
Block a user