Commit Graph

118 Commits

Author SHA1 Message Date
markm
bda6631159 Large upgrade to the entropy device; mainly inspired by feedback
from many folk.

o The reseed process is now a kthread. With SMPng, kthreads are
  pre-emptive, so the annoying jerkiness of the mouse is gone.

o The data structures are protected by mutexes now, not splfoo()/splx().

o The cryptographic routines are broken out into their own subroutines.
  this facilitates review, and possible replacement if that is ever
  found necessary.

Thanks to:		kris, green, peter, jasone, grog, jhb
Forgotten to thank:	You know who you are; no offense intended.
2000-09-10 13:52:19 +00:00
markm
12a237a692 o Fix a horrible bug where small reads (< 8 bytes) would return the
wrong bytes.

o Improve the public interface; use void* instead of char* or u_int64_t
  to pass arbitrary data around.
Submitted by:	kris ("horrible bug")
2000-07-25 21:18:47 +00:00
markm
5cdbfcb1a2 Clean this up with some BDE-inspired fixes.
o Make the comments KNF-compliant.
o Use nanotime instead of getnanotime; the manpage lies about the
  kern.timecounter.method - it has been removed.
o Fix the ENTROPYSOURCE const permanently.
o Make variable names more consistent.
o Make function prototypes more consistent.

Some more needs to be done; to follow.
2000-07-23 11:08:16 +00:00
markm
8d78207585 Add randomness write functionality. This does absolutely nothing for
entropy estimation, but causes an immediate reseed after the input
(read in sizeof(u_int64_t) chunks) is "harvested".

This will be used in the reboot "reseeder", coming in another
commit. This can be used very effectively at any time you think
your randomness is compromised; something like

# (ps -gauxwww; netstat -an; dmesg; vmstat -c10 1) > /dev/random

will give the attacker something to think about.
2000-07-17 12:23:04 +00:00
markm
5812cc4cc4 Storing to a pointer is (effectively) atomic; no need to protect this
with splhigh(). However, the entropy-harvesting routine needs pretty
serious irq-protection, as it is called out of irq handlers etc.

Clues given by:	bde
2000-07-11 19:37:25 +00:00
markm
e07f67dda2 I think I need to move the newly static variables to the random_state
structure; remind myself in the cooments. Also regroup all the Yarrow
variables at the top of the variable list; they are "special".
(no functional change).
2000-07-11 18:35:33 +00:00
green
7402d1359e One should never allocate 4-kilobyte structs and such on the interrupt
stack.  It's bad for your machine's health.

Make the two huge structs in reseed() static to prevent crashes.  This
is the bug that people have been running into and panic()ing on for the
past few days.

Reviewed by:	phk
2000-07-11 06:47:38 +00:00
markm
950c011f72 Provide more splsofttq() protection for the reseed task (running out of
taskqueue_swi).
2000-07-10 06:40:23 +00:00
markm
40b3a303c2 Make sure that tasks (running out of taskqueue_swi at splsofttq)
are not interfered with by the harvester.
2000-07-09 16:00:31 +00:00
markm
89ca691934 Yarrow tweaks; separate the fast and slow reseed tasks so that they don't
stomp on each other; provide constant names (as enums) for the harvester
to use (makes it more self-documenting).
2000-07-09 11:52:12 +00:00
markm
be58a54d86 Fix bug with a vraiable that needs to be per-process, not static;
fix formatting of long macros.

Pointed out by:	bde
2000-07-09 11:49:07 +00:00
markm
3d0396c734 Add entropy gathering code. This will work whether the module is
compiled in or loaded.
2000-07-07 09:03:59 +00:00
markm
f32bce812d Staticize a variable.
This fixes the case where linking randomdev into the kernel statically
can cause panics at shutdown time.

Reported by:	sos
2000-06-28 18:51:15 +00:00
markm
98710a31ad I am guilty of an act of ommission. There is no longer a /dev/urandom
device with Yarrow, and although I coded for that in dev/MAKEDEV, I forgot
to _tell_ folks.

This commit adds back the /dev/urandom device (as a duplicate) of /dev/random,
until such time as it can be properly announced.

This will help the openssl users quite a lot.
2000-06-27 09:38:40 +00:00
markm
291b197f61 style(9) fixes from BDE.
We shouldn't use '#include ""', rather '#include<>'.
2000-06-26 12:14:20 +00:00
markm
3666dff9ff Fix include for non-module case.
Thanks-to:	SOS
2000-06-25 20:03:44 +00:00
markm
abd10344e9 Fix include for the non-module case.
Thanks-to:	SOS
2000-06-25 19:00:20 +00:00
markm
c46e65268d New machine-independant /dev/random driver.
This is work-in-progress, and the entropy-gathering routines are not
yet present. As such, this should be viewed as a pretty reasonable
PRNG with _ABSOLUTELY_NO_ security!!

Entropy gathering will be the subject of ongoing work.

This is written as a module, and as such is unloadable, but there is
no refcounting done. I would like to use something like device_busy(9)
to achieve this (eventually).

Lots of useful ideas from:	bde, phk, Jeroen van Gelderen

Reviewed by:	dfr
2000-06-25 08:38:58 +00:00