svn commit: r256094 - in projects/random_number_generator/sys: boot/forth conf dev/random kern sys
Mark Murray
markm at FreeBSD.org
Sun Oct 6 22:45:06 UTC 2013
Author: markm
Date: Sun Oct 6 22:45:02 2013
New Revision: 256094
URL: http://svnweb.freebsd.org/changeset/base/256094
Log:
Snapshot.
Looking pretty good; this mostly works now. New code includes:
* Read cached entropy at startup, both from files and from loader(8) preloaded entropy. Failures are soft, but announced. Untested.
* Use EVENTHANDLER to do above just before we go multiuser. Untested.
Added:
projects/random_number_generator/sys/dev/random/rwfile.c (contents, props changed)
projects/random_number_generator/sys/dev/random/rwfile.h (contents, props changed)
Modified:
projects/random_number_generator/sys/boot/forth/loader.conf
projects/random_number_generator/sys/conf/files
projects/random_number_generator/sys/conf/files.amd64
projects/random_number_generator/sys/conf/files.i386
projects/random_number_generator/sys/dev/random/ivy.c
projects/random_number_generator/sys/dev/random/live_entropy_sources.c
projects/random_number_generator/sys/dev/random/live_entropy_sources.h
projects/random_number_generator/sys/dev/random/random_harvestq.c
projects/random_number_generator/sys/dev/random/randomdev_soft.c
projects/random_number_generator/sys/kern/init_main.c
projects/random_number_generator/sys/sys/eventhandler.h
projects/random_number_generator/sys/sys/random.h
Modified: projects/random_number_generator/sys/boot/forth/loader.conf
==============================================================================
--- projects/random_number_generator/sys/boot/forth/loader.conf Sun Oct 6 20:46:01 2013 (r256093)
+++ projects/random_number_generator/sys/boot/forth/loader.conf Sun Oct 6 22:45:02 2013 (r256094)
@@ -39,6 +39,17 @@ bitmap_type="splash_image_data" # and pl
##############################################################
+### Random number generator configuration ###################
+##############################################################
+
+entropy_cache_load="NO" # Set this to YES to load entropy at boot time
+entropy_cache_name="/boot/entropy" # Set this to the name of the file
+entropy_cache_type="/boot/entropy"
+#kern.random.sys.seeded="0" # Set this to 1 to start /dev/random
+ # without waiting for a (re)seed.
+
+
+##############################################################
### Loader settings ########################################
##############################################################
Modified: projects/random_number_generator/sys/conf/files
==============================================================================
--- projects/random_number_generator/sys/conf/files Sun Oct 6 20:46:01 2013 (r256093)
+++ projects/random_number_generator/sys/conf/files Sun Oct 6 22:45:02 2013 (r256094)
@@ -2051,6 +2051,7 @@ dev/random/randomdev.c optional random
dev/random/randomdev_soft.c optional random
dev/random/yarrow.c optional random
dev/random/hash.c optional random
+dev/random/rwfile.c optional random
dev/rc/rc.c optional rc
dev/re/if_re.c optional re
dev/rndtest/rndtest.c optional rndtest
Modified: projects/random_number_generator/sys/conf/files.amd64
==============================================================================
--- projects/random_number_generator/sys/conf/files.amd64 Sun Oct 6 20:46:01 2013 (r256093)
+++ projects/random_number_generator/sys/conf/files.amd64 Sun Oct 6 22:45:02 2013 (r256094)
@@ -259,6 +259,8 @@ dev/nvme/nvme_sysctl.c optional nvme
dev/nvme/nvme_test.c optional nvme
dev/nvme/nvme_util.c optional nvme
dev/nvram/nvram.c optional nvram isa
+dev/random/ivy.c optional rdrand_rng
+dev/random/nehemiah.c optional padlock_rng
dev/qlxge/qls_dbg.c optional qlxge pci
dev/qlxge/qls_dump.c optional qlxge pci
dev/qlxge/qls_hw.c optional qlxge pci
Modified: projects/random_number_generator/sys/conf/files.i386
==============================================================================
--- projects/random_number_generator/sys/conf/files.i386 Sun Oct 6 20:46:01 2013 (r256093)
+++ projects/random_number_generator/sys/conf/files.i386 Sun Oct 6 22:45:02 2013 (r256094)
@@ -257,6 +257,8 @@ dev/nvme/nvme_test.c optional nvme
dev/nvme/nvme_util.c optional nvme
dev/nvram/nvram.c optional nvram isa
dev/pcf/pcf_isa.c optional pcf
+dev/random/ivy.c optional rdrand_rng
+dev/random/nehemiah.c optional padlock_rng
dev/sbni/if_sbni.c optional sbni
dev/sbni/if_sbni_isa.c optional sbni isa
dev/sbni/if_sbni_pci.c optional sbni pci
Modified: projects/random_number_generator/sys/dev/random/ivy.c
==============================================================================
--- projects/random_number_generator/sys/dev/random/ivy.c Sun Oct 6 20:46:01 2013 (r256093)
+++ projects/random_number_generator/sys/dev/random/ivy.c Sun Oct 6 22:45:02 2013 (r256094)
@@ -57,6 +57,15 @@ struct random_hardware_source random_ivy
.read = random_ivy_read
};
+#if 1
+static inline int
+ivy_rng_store(uint64_t *tmp)
+{
+ *tmp = 0xF001FACE;
+
+ return (sizeof(uint64_t));
+}
+#else
static inline int
ivy_rng_store(uint64_t *tmp)
{
@@ -82,6 +91,7 @@ ivy_rng_store(uint64_t *tmp)
return (0);
#endif
}
+#endif
static int
random_ivy_read(void *buf, int c)
@@ -114,6 +124,10 @@ rdrand_modevent(module_t mod, int type,
switch (type) {
case MOD_LOAD:
+#if 1
+ live_entropy_source_register(&random_ivy);
+ printf("%s: CRAP RDRAND is present\n", random_ivy.ident);
+#else
if (cpu_feature2 & CPUID2_RDRAND)
live_entropy_source_register(&random_ivy);
else
@@ -122,6 +136,7 @@ rdrand_modevent(module_t mod, int type,
#endif
printf("%s: RDRAND is not present\n",
random_ivy.ident);
+#endif
break;
case MOD_UNLOAD:
Modified: projects/random_number_generator/sys/dev/random/live_entropy_sources.c
==============================================================================
--- projects/random_number_generator/sys/dev/random/live_entropy_sources.c Sun Oct 6 20:46:01 2013 (r256093)
+++ projects/random_number_generator/sys/dev/random/live_entropy_sources.c Sun Oct 6 22:45:02 2013 (r256094)
@@ -52,7 +52,11 @@ __FBSDID("$FreeBSD$");
LIST_HEAD(les_head, live_entropy_sources);
static struct les_head sources = LIST_HEAD_INITIALIZER(sources);
-#define LES_THRESHOLD 10
+/*
+ * The harvest mutex protects the consistency of the entropy fifos and
+ * empty fifo and other associated structures.
+ */
+struct mtx live_mtx;
void
live_entropy_source_register(struct random_hardware_source *rsource)
@@ -64,27 +68,27 @@ live_entropy_source_register(struct rand
les = malloc(sizeof(struct live_entropy_sources), M_ENTROPY, M_WAITOK);
les->rsource = rsource;
- mtx_lock_spin(&harvest_mtx);
+ mtx_lock(&live_mtx);
LIST_INSERT_HEAD(&sources, les, entries);
- mtx_unlock_spin(&harvest_mtx);
+ mtx_unlock(&live_mtx);
}
void
live_entropy_source_deregister(struct random_hardware_source *rsource)
{
- struct live_entropy_sources *les;
+ struct live_entropy_sources *les = NULL;
KASSERT(rsource != NULL, ("invalid input to %s", __func__));
- mtx_lock_spin(&harvest_mtx);
- LIST_FOREACH(les, &sources, entries) {
+ mtx_lock(&live_mtx);
+ LIST_FOREACH(les, &sources, entries)
if (les->rsource == rsource) {
LIST_REMOVE(les, entries);
- free(les, M_ENTROPY);
break;
}
- }
- mtx_unlock_spin(&harvest_mtx);
+ mtx_unlock(&live_mtx);
+ if (les != NULL)
+ free(les, M_ENTROPY);
}
static int
@@ -95,7 +99,7 @@ live_entropy_source_handler(SYSCTL_HANDL
count = error = 0;
- mtx_lock_spin(&harvest_mtx);
+ mtx_lock(&live_mtx);
if (LIST_EMPTY(&sources))
error = SYSCTL_OUT(req, "", 0);
@@ -112,7 +116,7 @@ live_entropy_source_handler(SYSCTL_HANDL
}
}
- mtx_unlock_spin(&harvest_mtx);
+ mtx_unlock(&live_mtx);
return (error);
}
@@ -125,6 +129,8 @@ live_entropy_sources_init(void *unused)
CTLTYPE_STRING | CTLFLAG_RD | CTLFLAG_MPSAFE,
NULL, 0, live_entropy_source_handler, "",
"List of Active Live Entropy Sources");
+
+ mtx_init(&live_mtx, "live entropy source mutex", NULL, MTX_DEF);
}
/*
@@ -135,7 +141,7 @@ live_entropy_sources_init(void *unused)
*
* BEWARE!!!
* This function runs inside the RNG thread! Don't do anything silly!
- * The harvest_mtx mutex is held; you may count on that.
+ * Remember that we are NOT holding harvest_mtx on entry!
*/
void
live_entropy_sources_feed(int rounds, event_proc_f entropy_processor)
@@ -145,6 +151,8 @@ live_entropy_sources_feed(int rounds, ev
struct live_entropy_sources *les;
int i, n;
+ mtx_lock(&live_mtx);
+
/*
* Walk over all of live entropy sources, and feed their output
* to the system-wide RNG.
@@ -168,15 +176,18 @@ live_entropy_sources_feed(int rounds, ev
/* Do the actual entropy insertion */
entropy_processor(&event);
-
}
}
+
+ mtx_unlock(&live_mtx);
}
static void
live_entropy_sources_deinit(void *unused)
{
+
+ mtx_destroy(&live_mtx);
}
SYSINIT(random_adaptors, SI_SUB_DRIVERS, SI_ORDER_FIRST,
Modified: projects/random_number_generator/sys/dev/random/live_entropy_sources.h
==============================================================================
--- projects/random_number_generator/sys/dev/random/live_entropy_sources.h Sun Oct 6 20:46:01 2013 (r256093)
+++ projects/random_number_generator/sys/dev/random/live_entropy_sources.h Sun Oct 6 22:45:02 2013 (r256094)
@@ -40,6 +40,8 @@ struct live_entropy_sources {
struct random_hardware_source *rsource; /* associated random adaptor */
};
+extern struct mtx live_mtx;
+
void live_entropy_source_register(struct random_hardware_source *);
void live_entropy_source_deregister(struct random_hardware_source *);
void live_entropy_sources_feed(int, event_proc_f);
Modified: projects/random_number_generator/sys/dev/random/random_harvestq.c
==============================================================================
--- projects/random_number_generator/sys/dev/random/random_harvestq.c Sun Oct 6 20:46:01 2013 (r256093)
+++ projects/random_number_generator/sys/dev/random/random_harvestq.c Sun Oct 6 22:45:02 2013 (r256094)
@@ -33,8 +33,10 @@ __FBSDID("$FreeBSD$");
#include <sys/param.h>
#include <sys/systm.h>
+#include <sys/eventhandler.h>
#include <sys/kernel.h>
#include <sys/kthread.h>
+#include <sys/linker.h>
#include <sys/lock.h>
#include <sys/malloc.h>
#include <sys/mutex.h>
@@ -43,10 +45,13 @@ __FBSDID("$FreeBSD$");
#include <sys/sysctl.h>
#include <sys/unistd.h>
+#include <machine/cpu.h>
+
#include <dev/random/randomdev.h>
#include <dev/random/randomdev_soft.h>
#include <dev/random/random_harvestq.h>
#include <dev/random/live_entropy_sources.h>
+#include <dev/random/rwfile.h>
#define RANDOM_FIFO_MAX 1024 /* How many events to queue up */
@@ -73,6 +78,56 @@ int random_kthread_control = 0;
static struct proc *random_kthread_proc;
+static const char *entropy_files[] = {
+ "/entropy",
+ "/var/db/entropy",
+ "/boot/entropy", /* Yeah, Yeah. I know this is loaded by
+ * loader(8), but not always, and it doesn't
+ * hurt to do this again.
+ */
+ NULL
+};
+
+/* Deal with entropy cached externally if this is present.
+ */
+static void
+random_harvestq_cache(void *arg __unused)
+{
+ const char **entropy_file;
+ uint8_t *keyfile, *data;
+ size_t size, i;
+ int error;
+
+ /* Get stuff that may have been preloaded by loader(8) */
+ keyfile = preload_search_by_type("/boot/entropy");
+ if (keyfile != NULL) {
+ data = preload_fetch_addr(keyfile);
+ size = preload_fetch_size(keyfile);
+ if (data != NULL && size != 0) {
+ for (i = 0U; i < size; i += 16)
+ random_harvestq_internal(get_cyclecount(), data + i, 16, (16*8)/4, RANDOM_CACHED);
+ printf("random: read %zu bytes from preloaded cache\n", size);
+ bzero(data, size);
+ }
+ else
+ printf("random: no preloaded entropy cache available\n");
+ }
+ data = malloc(PAGE_SIZE, M_ENTROPY, M_WAITOK);
+ for (entropy_file = entropy_files; *entropy_file; entropy_file++) {
+ error = randomdev_read_file(*entropy_file, data);
+ if (error == 0) {
+ for (i = 0U; i < PAGE_SIZE; i += 16)
+ random_harvestq_internal(get_cyclecount(), data + i, 16, (16*8)/4, RANDOM_CACHED);
+ printf("random: read %d bytes from '%s'\n", PAGE_SIZE, *entropy_file);
+ }
+ else
+ printf("random: entropy cache '%s' not present or unreadable; error = %d\n", *entropy_file, error);
+ }
+ bzero(data, PAGE_SIZE);
+ free(data, M_ENTROPY);
+}
+EVENTHANDLER_DEFINE(multiuser, random_harvestq_cache, NULL, 0);
+
static void
random_kthread(void *arg)
{
@@ -118,7 +173,9 @@ random_kthread(void *arg)
* Do only one round of the hardware sources for now.
* Later we'll need to make it rate-adaptive.
*/
+ mtx_unlock_spin(&harvest_mtx);
live_entropy_sources_feed(1, entropy_processor);
+ mtx_lock_spin(&harvest_mtx);
/*
* If a queue flush was commanded, it has now happened,
Modified: projects/random_number_generator/sys/dev/random/randomdev_soft.c
==============================================================================
--- projects/random_number_generator/sys/dev/random/randomdev_soft.c Sun Oct 6 20:46:01 2013 (r256093)
+++ projects/random_number_generator/sys/dev/random/randomdev_soft.c Sun Oct 6 22:45:02 2013 (r256094)
@@ -99,6 +99,8 @@ static struct random_adaptor random_cont
#define RANDOM_CSPRNG_NAME "fortuna"
#endif
+TUNABLE_INT("kern.random.sys.seeded", &random_context.seeded);
+
/* List for the dynamic sysctls */
static struct sysctl_ctx_list random_clist;
Added: projects/random_number_generator/sys/dev/random/rwfile.c
==============================================================================
--- /dev/null 00:00:00 1970 (empty, because file is newly added)
+++ projects/random_number_generator/sys/dev/random/rwfile.c Sun Oct 6 22:45:02 2013 (r256094)
@@ -0,0 +1,91 @@
+/*-
+ * Copyright (c) 2013 Mark R V Murray
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer
+ * in this position and unchanged.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
+ * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
+ * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
+ * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
+ * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
+ * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ *
+ */
+
+#include <sys/cdefs.h>
+__FBSDID("$FreeBSD$");
+
+#include <sys/param.h>
+#include <sys/systm.h>
+#include <sys/kernel.h>
+#include <sys/proc.h>
+#include <sys/namei.h>
+#include <sys/fcntl.h>
+#include <sys/vnode.h>
+
+#include <dev/random/rwfile.h>
+
+int
+randomdev_read_file(const char *filename, void *buf)
+{
+ struct nameidata nd;
+ struct thread* td = curthread;
+ int error;
+ ssize_t resid;
+ int flags;
+
+ NDINIT(&nd, LOOKUP, FOLLOW, UIO_SYSSPACE, filename, td);
+ flags = FREAD;
+ error = vn_open(&nd, &flags, 0, NULL);
+ if (error == 0) {
+ NDFREE(&nd, NDF_ONLY_PNBUF);
+ if (nd.ni_vp->v_type != VREG)
+ error = ENOEXEC;
+ else
+ error = vn_rdwr(UIO_READ, nd.ni_vp, buf, PAGE_SIZE, 0, UIO_SYSSPACE, IO_NODELOCKED, td->td_ucred, NOCRED, &resid, td);
+
+ VOP_UNLOCK(nd.ni_vp, 0);
+ vn_close(nd.ni_vp, FREAD, td->td_ucred, td);
+ }
+
+ return (error);
+}
+
+int
+randomdev_write_file(const char *filename, void *buf)
+{
+ struct nameidata nd;
+ struct thread* td = curthread;
+ int error;
+ ssize_t resid;
+ int flags;
+
+ NDINIT(&nd, LOOKUP, FOLLOW, UIO_SYSSPACE, filename, td);
+ flags = FWRITE | O_CREAT | O_TRUNC;
+ error = vn_open(&nd, &flags, 0, NULL);
+ if (error == 0) {
+ NDFREE(&nd, NDF_ONLY_PNBUF);
+ if (nd.ni_vp->v_type != VREG)
+ error = ENOEXEC;
+ else
+ error = vn_rdwr(UIO_WRITE, nd.ni_vp, buf, PAGE_SIZE, 0, UIO_SYSSPACE, IO_NODELOCKED, td->td_ucred, NOCRED, &resid, td);
+
+ VOP_UNLOCK(nd.ni_vp, 0);
+ vn_close(nd.ni_vp, FREAD, td->td_ucred, td);
+ }
+
+ return (error);
+}
Added: projects/random_number_generator/sys/dev/random/rwfile.h
==============================================================================
--- /dev/null 00:00:00 1970 (empty, because file is newly added)
+++ projects/random_number_generator/sys/dev/random/rwfile.h Sun Oct 6 22:45:02 2013 (r256094)
@@ -0,0 +1,30 @@
+/*-
+ * Copyright (c) 2013 Mark R V Murray
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer
+ * in this position and unchanged.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
+ * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
+ * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
+ * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
+ * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
+ * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ *
+ * $FreeBSD$
+ */
+
+int randomdev_read_file(const char *filename, void *buf);
+int randomdev_write_file(const char *filename, void *buf);
Modified: projects/random_number_generator/sys/kern/init_main.c
==============================================================================
--- projects/random_number_generator/sys/kern/init_main.c Sun Oct 6 20:46:01 2013 (r256093)
+++ projects/random_number_generator/sys/kern/init_main.c Sun Oct 6 22:45:02 2013 (r256094)
@@ -847,6 +847,8 @@ kick_init(const void *udata __unused)
{
struct thread *td;
+ EVENTHANDLER_INVOKE(multiuser);
+
td = FIRST_THREAD_IN_PROC(initproc);
thread_lock(td);
TD_SET_CAN_RUN(td);
Modified: projects/random_number_generator/sys/sys/eventhandler.h
==============================================================================
--- projects/random_number_generator/sys/sys/eventhandler.h Sun Oct 6 20:46:01 2013 (r256093)
+++ projects/random_number_generator/sys/sys/eventhandler.h Sun Oct 6 22:45:02 2013 (r256094)
@@ -192,6 +192,10 @@ EVENTHANDLER_DECLARE(vm_lowmem, vm_lowme
typedef void (*mountroot_handler_t)(void *);
EVENTHANDLER_DECLARE(mountroot, mountroot_handler_t);
+/* Going multiuser (starting pid 1) event */
+typedef void (*multiuser_handler_t)(void *);
+EVENTHANDLER_DECLARE(multiuser, multiuser_handler_t);
+
/* File system mount events */
struct mount;
struct vnode;
Modified: projects/random_number_generator/sys/sys/random.h
==============================================================================
--- projects/random_number_generator/sys/sys/random.h Sun Oct 6 20:46:01 2013 (r256093)
+++ projects/random_number_generator/sys/sys/random.h Sun Oct 6 22:45:02 2013 (r256094)
@@ -39,7 +39,7 @@ int read_random(void *, int);
*/
enum esource {
RANDOM_START = 0,
- RANDOM_WRITE = 0,
+ RANDOM_CACHED = 0,
RANDOM_KEYBOARD,
RANDOM_MOUSE,
RANDOM_NET_TUN,
@@ -54,7 +54,6 @@ enum esource {
RANDOM_PURE_HIFN,
RANDOM_PURE_RDRAND,
RANDOM_PURE_NEHEMIAH,
- RANDOM_PURE,
ENTROPYSOURCE
};
void random_harvest(void *, u_int, u_int, enum esource);
More information about the svn-src-projects
mailing list