svn commit: r249631 - in head/sys: dev/random libkern sys

Andrey A. Chernov ache at FreeBSD.org
Fri Apr 19 00:30:53 UTC 2013 

Author: ache
Date: Fri Apr 19 00:30:52 2013
New Revision: 249631
URL: http://svnweb.freebsd.org/changeset/base/249631

Log:
  Attempt to mitigate poor initialization of arc4 by one-shot
  reinitialization from yarrow right after good entropy is harvested.
  
  Approved by:    secteam (delphij)
  MFC after:      1 week

Modified:
  head/sys/dev/random/randomdev_soft.c
  head/sys/libkern/arc4random.c
  head/sys/sys/libkern.h

Modified: head/sys/dev/random/randomdev_soft.c
==============================================================================
--- head/sys/dev/random/randomdev_soft.c	Thu Apr 18 23:20:16 2013	(r249630)
+++ head/sys/dev/random/randomdev_soft.c	Fri Apr 19 00:30:52 2013	(r249631)
@@ -367,6 +367,8 @@ random_yarrow_unblock(void)
 		selwakeuppri(&random_systat.rsel, PUSER);
 		wakeup(&random_systat);
 	}
+	(void)atomic_cmpset_int(&arc4rand_iniseed_state, ARC4_ENTR_NONE,
+	    ARC4_ENTR_HAVE);
 }
 
 static int

Modified: head/sys/libkern/arc4random.c
==============================================================================
--- head/sys/libkern/arc4random.c	Thu Apr 18 23:20:16 2013	(r249630)
+++ head/sys/libkern/arc4random.c	Fri Apr 19 00:30:52 2013	(r249631)
@@ -24,6 +24,8 @@ __FBSDID("$FreeBSD$");
 #define	ARC4_RESEED_SECONDS 300
 #define	ARC4_KEYBYTES (256 / 8)
 
+int arc4rand_iniseed_state = ARC4_ENTR_NONE;
+
 static u_int8_t arc4_i, arc4_j;
 static int arc4_numruns = 0;
 static u_int8_t arc4_sbox[256];
@@ -130,7 +132,8 @@ arc4rand(void *ptr, u_int len, int resee
 	struct timeval tv;
 
 	getmicrouptime(&tv);
-	if (reseed || 
+	if (atomic_cmpset_int(&arc4rand_iniseed_state, ARC4_ENTR_HAVE,
+	    ARC4_ENTR_SEED) || reseed ||
 	   (arc4_numruns > ARC4_RESEED_BYTES) ||
 	   (tv.tv_sec > arc4_t_reseed))
 		arc4_randomstir();

Modified: head/sys/sys/libkern.h
==============================================================================
--- head/sys/sys/libkern.h	Thu Apr 18 23:20:16 2013	(r249630)
+++ head/sys/sys/libkern.h	Fri Apr 19 00:30:52 2013	(r249631)
@@ -70,6 +70,11 @@ static __inline int abs(int a) { return 
 static __inline long labs(long a) { return (a < 0 ? -a : a); }
 static __inline quad_t qabs(quad_t a) { return (a < 0 ? -a : a); }
 
+#define	ARC4_ENTR_NONE	0	/* Don't have entropy yet. */
+#define	ARC4_ENTR_HAVE	1	/* Have entropy. */
+#define	ARC4_ENTR_SEED	2	/* Reseeding. */
+extern int arc4rand_iniseed_state;
+
 /* Prototypes for non-quad routines. */
 struct malloc_type;
 uint32_t arc4random(void);

More information about the svn-src-head mailing list