svn commit: r339789 - head/sys/dev/random

Fri Oct 26 21:00:27 UTC 2018

Author: cem
Date: Fri Oct 26 21:00:26 2018
New Revision: 339789
URL: https://svnweb.freebsd.org/changeset/base/339789

Log:
  fortuna: Drop global lock to zero stack variables
  
  Also drop explicit zeroing of hash context -- hash finish() operation is
  expected to do this.
  
  PR:		230877
  Suggested by:	delphij@
  Reviewed by:	delphij, markm
  Approved by:	secteam (delphij)
  Sponsored by:	Dell EMC Isilon
  Differential Revision:	https://reviews.freebsd.org/D16986

Modified:
  head/sys/dev/random/fortuna.c

Modified: head/sys/dev/random/fortuna.c
==============================================================================

--- head/sys/dev/random/fortuna.c	Fri Oct 26 20:55:01 2018	(r339788)
+++ head/sys/dev/random/fortuna.c	Fri Oct 26 21:00:26 2018	(r339789)
@@ -374,47 +374,50 @@ random_fortuna_pre_read(void)
 	now = getsbinuptime();
 #endif
 
-	if (fortuna_state.fs_pool[0].fsp_length >= fortuna_state.fs_minpoolsize
+	if (fortuna_state.fs_pool[0].fsp_length < fortuna_state.fs_minpoolsize
 #ifdef _KERNEL
 	    /* FS&K - Use 'getsbinuptime()' to prevent reseed-spamming. */
-	    && (now - fortuna_state.fs_lasttime > SBT_1S/10)
+	    || (now - fortuna_state.fs_lasttime <= SBT_1S/10)
 #endif
 	) {
+		RANDOM_RESEED_UNLOCK();
+		return;
+	}
+
 #ifdef _KERNEL
-		fortuna_state.fs_lasttime = now;
+	fortuna_state.fs_lasttime = now;
 #endif
 
-		/* FS&K - ReseedCNT = ReseedCNT + 1 */
-		fortuna_state.fs_reseedcount++;
-		/* s = \epsilon at start */
-		for (i = 0; i < RANDOM_FORTUNA_NPOOLS; i++) {
-			/* FS&K - if Divides(ReseedCnt, 2^i) ... */
-			if ((fortuna_state.fs_reseedcount % (1 << i)) == 0) {
-				/*-
-				 * FS&K - temp = (P_i)
-				 *      - P_i = \epsilon
-				 *      - s = s|H(temp)
-				 */
-				randomdev_hash_finish(&fortuna_state.fs_pool[i].fsp_hash, temp);
-				randomdev_hash_init(&fortuna_state.fs_pool[i].fsp_hash);
-				fortuna_state.fs_pool[i].fsp_length = 0;
-				randomdev_hash_init(&context);
-				randomdev_hash_iterate(&context, temp, RANDOM_KEYSIZE);
-				randomdev_hash_finish(&context, s + i*RANDOM_KEYSIZE_WORDS);
-			} else
-				break;
-		}
+	/* FS&K - ReseedCNT = ReseedCNT + 1 */
+	fortuna_state.fs_reseedcount++;
+	/* s = \epsilon at start */
+	for (i = 0; i < RANDOM_FORTUNA_NPOOLS; i++) {
+		/* FS&K - if Divides(ReseedCnt, 2^i) ... */
+		if ((fortuna_state.fs_reseedcount % (1 << i)) == 0) {
+			/*-
+			    * FS&K - temp = (P_i)
+			    *      - P_i = \epsilon
+			    *      - s = s|H(temp)
+			    */
+			randomdev_hash_finish(&fortuna_state.fs_pool[i].fsp_hash, temp);
+			randomdev_hash_init(&fortuna_state.fs_pool[i].fsp_hash);
+			fortuna_state.fs_pool[i].fsp_length = 0;
+			randomdev_hash_init(&context);
+			randomdev_hash_iterate(&context, temp, RANDOM_KEYSIZE);
+			randomdev_hash_finish(&context, s + i*RANDOM_KEYSIZE_WORDS);
+		} else
+			break;
+	}
 #ifdef _KERNEL
-		SDT_PROBE2(random, fortuna, event_processor, debug, fortuna_state.fs_reseedcount, fortuna_state.fs_pool);
+	SDT_PROBE2(random, fortuna, event_processor, debug, fortuna_state.fs_reseedcount, fortuna_state.fs_pool);
 #endif
-		/* FS&K */
-		random_fortuna_reseed_internal(s, i);
-		/* Clean up and secure */
-		explicit_bzero(s, sizeof(s));
-		explicit_bzero(temp, sizeof(temp));
-		explicit_bzero(&context, sizeof(context));
-	}
+	/* FS&K */
+	random_fortuna_reseed_internal(s, i);
 	RANDOM_RESEED_UNLOCK();
+
+	/* Clean up and secure */
+	explicit_bzero(s, sizeof(s));
+	explicit_bzero(temp, sizeof(temp));
 }
 
 /*-
