From nobody Tue Feb 15 03:27:20 2022
X-Original-To: dev-commits-src-branches@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
	by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 45E7B19CF98C;
	Tue, 15 Feb 2022 03:27:21 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
	 client-signature RSA-PSS (4096 bits) client-digest SHA256)
	(Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK))
	by mx1.freebsd.org (Postfix) with ESMTPS id 4JyRNT0nbyz4XQh;
	Tue, 15 Feb 2022 03:27:21 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim;
	t=1644895641;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=yXajQiFtoo4qzmUPzCxECp0/6NIS9tj/8bcRFR/B3BI=;
	b=AtiUQYOOQn+AeieGgRRnrEHsrBiVrxWMo+UjoCCHi3Va3jJ8wvCrJ57OGTLoKwPpL9Z4Xq
	7KIKWB2uD0Cq+VPDmsOgU/wlBtuRonirUBVsskwsHIjnW1hfGs5qgDBRhbhkANfYHhTLRV
	8NEKQuH6D4qRmDMzA00kmTFvUocbehWg+orP2On1WULfL2up7WM1t4Hl3BP7PAQdnQTlqN
	uJCAaoCwQrawj/zZxja9TaY7VPP9xflNmOGA/J1b3dS1h2bJprmyVerJ9xeH17P3kMvmTI
	o94mGc2pNXVMLgMUxgJNv+GnngqsoiaxUpVm9Lv3RNJw2qz0QhDYc1uFp19EBw==
Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
	(Client did not present a certificate)
	by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id EE73E1B130;
	Tue, 15 Feb 2022 03:27:20 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org ([127.0.1.44])
	by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 21F3RKFu054136;
	Tue, 15 Feb 2022 03:27:20 GMT
	(envelope-from git@gitrepo.freebsd.org)
Received: (from git@localhost)
	by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 21F3RK7U054135;
	Tue, 15 Feb 2022 03:27:20 GMT
	(envelope-from git)
Date: Tue, 15 Feb 2022 03:27:20 GMT
Message-Id: <202202150327.21F3RK7U054135@gitrepo.freebsd.org>
To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org,
        dev-commits-src-branches@FreeBSD.org
From: "David E. O'Brien" <obrien@FreeBSD.org>
Subject: git: c4a13b1e38f5 - stable/12 - random(4): Abstract loader entropy injection
List-Id: Commits to the stable branches of the FreeBSD src repository <dev-commits-src-branches.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/dev-commits-src-branches
List-Help: <mailto:dev-commits-src-branches+help@freebsd.org>
List-Post: <mailto:dev-commits-src-branches@freebsd.org>
List-Subscribe: <mailto:dev-commits-src-branches+subscribe@freebsd.org>
List-Unsubscribe: <mailto:dev-commits-src-branches+unsubscribe@freebsd.org>
Sender: owner-dev-commits-src-branches@freebsd.org
X-BeenThere: dev-commits-src-branches@freebsd.org
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
X-Git-Committer: obrien
X-Git-Repository: src
X-Git-Refname: refs/heads/stable/12
X-Git-Reftype: branch
X-Git-Commit: c4a13b1e38f52df68cf82f98c794bbaa305d4d3f
Auto-Submitted: auto-generated
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org;
	s=dkim; t=1644895641;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=yXajQiFtoo4qzmUPzCxECp0/6NIS9tj/8bcRFR/B3BI=;
	b=agz6y4KUtYwdqrJlcHMt62z2BQwLFuaGudfEFeXTmFlaSnlkBuoBa8BPnPCUAdAfXLw01j
	qyiJzFIuW/6EgqHCjrNMGdCfrOhxP17IpqazsmKx2uBDe9RI6br2J+Yg6BgQ3OhiLya8l1
	kuFm3M1mQaG6t6qrq1sAIdLlCqkmoqhBKT8q/1CkTTFMF7d6JTWviucJs478/hqJ5dgdVk
	vRvEg4k7cg+weMS8OjE1Yh2GgBGWb6nC5ow1DrhRIDDnkudi58s3Vyox18RW/WTV6que0n
	gkV83gD8cpfQLGNMAS6udvyjuRLPZh5qBpd8QaBu8YBTdJpe3UdJovJevwspiw==
ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1644895641; a=rsa-sha256; cv=none;
	b=B21xS8oMkMIPl9UZI4lgshuYGsKZLe6Qb4dpvQVZ8xZbHnbrGeYgfDM0ySnSsg1z7otFIy
	36Ugabh0c98QRLAPf6t8EkwFK/tKJb7AtoWz82JEYxv5oHdyIV4HFOQhxhRhPncmkXripX
	j7CT24kPz2GQMG1jTYfJiKGd3zzAVw6op6A00JW4/NbdWdDvpa35H3tDBqmgJHX3h8KVgc
	vanPu568wfi9spA3AtKQ3VSs+EwwWfMXyVyQ2C4rhoTtrk4O0VGRsaOrEAdqRmTzvx70T1
	NwLjhWh1us6QCqk9CUlJX9Lc7v3pZLlh26XmI8ickkoGEq6WtwIdoomQ7mOK3w==
ARC-Authentication-Results: i=1;
	mx1.freebsd.org;
	none
X-ThisMailContainsUnwantedMimeParts: N

The branch stable/12 has been updated by obrien:

URL: https://cgit.FreeBSD.org/src/commit/?id=c4a13b1e38f52df68cf82f98c794bbaa305d4d3f

commit c4a13b1e38f52df68cf82f98c794bbaa305d4d3f
Author:     Conrad Meyer <cem@FreeBSD.org>
AuthorDate: 2019-11-22 20:20:37 +0000
Commit:     David E. O'Brien <obrien@FreeBSD.org>
CommitDate: 2022-02-15 02:49:13 +0000

    random(4): Abstract loader entropy injection
    
    Break random_harvestq_prime up into some logical subroutines.  The goal
    is that it becomes easier to add other early entropy sources.
    
    While here, drop pre-12.0 compatibility logic.  loader default configuration
    should preload the file as expeced since 12.0.
    
    (cherry picked from commit f19de0a945386bb941d3c0fd0e24790570d145ca)
---
 sys/dev/random/random_harvestq.c | 89 ++++++++++++++++++++++++++--------------
 sys/sys/random.h                 |  1 -
 2 files changed, 59 insertions(+), 31 deletions(-)

diff --git a/sys/dev/random/random_harvestq.c b/sys/dev/random/random_harvestq.c
index 598e2cfdc1f9..f09056aa9424 100644
--- a/sys/dev/random/random_harvestq.c
+++ b/sys/dev/random/random_harvestq.c
@@ -378,6 +378,57 @@ random_harvestq_init(void *unused __unused)
 }
 SYSINIT(random_device_h_init, SI_SUB_RANDOM, SI_ORDER_SECOND, random_harvestq_init, NULL);
 
+/*
+ * Subroutine to slice up a contiguous chunk of 'entropy' and feed it into the
+ * underlying algorithm.  Returns number of bytes actually fed into underlying
+ * algorithm.
+ */
+static size_t
+random_early_prime(char *entropy, size_t len)
+{
+	struct harvest_event event;
+	size_t i;
+
+	len = rounddown(len, sizeof(event.he_entropy));
+	if (len == 0)
+		return (0);
+
+	for (i = 0; i < len; i += sizeof(event.he_entropy)) {
+		event.he_somecounter = (uint32_t)get_cyclecount();
+		event.he_size = sizeof(event.he_entropy);
+		event.he_source = RANDOM_CACHED;
+		event.he_destination =
+		    harvest_context.hc_destination[RANDOM_CACHED]++;
+		memcpy(event.he_entropy, entropy + i, sizeof(event.he_entropy));
+		random_harvestq_fast_process_event(&event);
+	}
+	explicit_bzero(entropy, len);
+	return (len);
+}
+
+/*
+ * Subroutine to search for known loader-loaded files in memory and feed them
+ * into the underlying algorithm early in boot.  Returns the number of bytes
+ * loaded (zero if none were loaded).
+ */
+static size_t
+random_prime_loader_file(const char *type)
+{
+	uint8_t *keyfile, *data;
+	size_t size;
+
+	keyfile = preload_search_by_type(type);
+	if (keyfile == NULL)
+		return (0);
+
+	data = preload_fetch_addr(keyfile);
+	size = preload_fetch_size(keyfile);
+	if (data == NULL)
+		return (0);
+
+	return (random_early_prime(data, size));
+}
+
 /*
  * This is used to prime the RNG by grabbing any early random stuff
  * known to the kernel, and inserting it directly into the hashing
@@ -387,41 +438,19 @@ SYSINIT(random_device_h_init, SI_SUB_RANDOM, SI_ORDER_SECOND, random_harvestq_in
 static void
 random_harvestq_prime(void *unused __unused)
 {
-	struct harvest_event event;
-	size_t count, size, i;
-	uint8_t *keyfile, *data;
+	size_t size;
 
 	/*
 	 * Get entropy that may have been preloaded by loader(8)
 	 * and use it to pre-charge the entropy harvest queue.
 	 */
-	keyfile = preload_search_by_type(RANDOM_CACHED_BOOT_ENTROPY_MODULE);
-#ifndef NO_BACKWARD_COMPATIBILITY
-	if (keyfile == NULL)
-	    keyfile = preload_search_by_type(RANDOM_LEGACY_BOOT_ENTROPY_MODULE);
-#endif
-	if (keyfile != NULL) {
-		data = preload_fetch_addr(keyfile);
-		size = preload_fetch_size(keyfile);
-		/* Trim the size. If the admin has a file with a funny size, we lose some. Tough. */
-		size -= (size % sizeof(event.he_entropy));
-		if (data != NULL && size != 0) {
-			for (i = 0; i < size; i += sizeof(event.he_entropy)) {
-				count = sizeof(event.he_entropy);
-				event.he_somecounter = (uint32_t)get_cyclecount();
-				event.he_size = count;
-				event.he_source = RANDOM_CACHED;
-				event.he_destination =
-				    harvest_context.hc_destination[RANDOM_CACHED]++;
-				memcpy(event.he_entropy, data + i, sizeof(event.he_entropy));
-				random_harvestq_fast_process_event(&event);
-			}
-			explicit_bzero(data, size);
-			if (bootverbose)
-				printf("random: read %zu bytes from preloaded cache\n", size);
-		} else
-			if (bootverbose)
-				printf("random: no preloaded entropy cache\n");
+	size = random_prime_loader_file(RANDOM_CACHED_BOOT_ENTROPY_MODULE);
+	if (bootverbose) {
+		if (size > 0)
+			printf("random: read %zu bytes from preloaded cache\n",
+			    size);
+		else
+			printf("random: no preloaded entropy cache\n");
 	}
 }
 SYSINIT(random_device_prime, SI_SUB_RANDOM, SI_ORDER_MIDDLE, random_harvestq_prime, NULL);
diff --git a/sys/sys/random.h b/sys/sys/random.h
index 43b7c2640d14..9f74674eecd4 100644
--- a/sys/sys/random.h
+++ b/sys/sys/random.h
@@ -102,7 +102,6 @@ enum random_entropy_source {
 #define RANDOM_HARVEST_EVERYTHING_MASK ((1 << (RANDOM_ENVIRONMENTAL_END + 1)) - 1)
 #define RANDOM_HARVEST_PURE_MASK (((1 << ENTROPYSOURCE) - 1) & (-1UL << RANDOM_PURE_START))
 
-#define RANDOM_LEGACY_BOOT_ENTROPY_MODULE	"/boot/entropy"
 #define RANDOM_CACHED_BOOT_ENTROPY_MODULE	"boot_entropy_cache"
 
 #if defined(DEV_RANDOM)