From owner-svn-src-head@FreeBSD.ORG Fri Jan 20 21:56:54 2012 Return-Path: Delivered-To: svn-src-head@FreeBSD.ORG Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 1EC3E1065675; Fri, 20 Jan 2012 21:56:54 +0000 (UTC) (envelope-from ache@vniz.net) Received: from vniz.net (vniz.net [194.87.13.69]) by mx1.freebsd.org (Postfix) with ESMTP id 847AA8FC0A; Fri, 20 Jan 2012 21:56:53 +0000 (UTC) Received: from localhost (localhost [127.0.0.1]) by vniz.net (8.14.5/8.14.5) with ESMTP id q0KLupA3040055; Sat, 21 Jan 2012 01:56:51 +0400 (MSK) (envelope-from ache@vniz.net) Received: (from ache@localhost) by localhost (8.14.5/8.14.5/Submit) id q0KLuoux040054; Sat, 21 Jan 2012 01:56:51 +0400 (MSK) (envelope-from ache) Date: Sat, 21 Jan 2012 01:56:49 +0400 From: Andrey Chernov To: Mark Murray , Mark Murray Message-ID: <20120120215649.GA40016@vniz.net> Mail-Followup-To: Andrey Chernov , Mark Murray , Mark Murray , David Schultz , src-committers@FreeBSD.ORG, svn-src-all@FreeBSD.ORG, svn-src-head@FreeBSD.ORG References: <201201162018.q0GKIADK050161@svn.freebsd.org> <20120118061943.GA80874@vniz.net> <20120120055823.GA28177@vniz.net> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: User-Agent: Mutt/1.5.21 (2010-09-15) Cc: svn-src-head@FreeBSD.ORG, David Schultz , src-committers@FreeBSD.ORG, svn-src-all@FreeBSD.ORG Subject: Re: svn commit: r230230 - head/sys/dev/random X-BeenThere: svn-src-head@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: SVN commit messages for the src tree for head/-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 20 Jan 2012 21:56:54 -0000 On Fri, Jan 20, 2012 at 03:12:53PM +0000, Mark Murray wrote: > Andrey Chernov writes: > > > Look at the function random_yarrow_unblock(). Thats where yopu want to > > > be doing this. This function is where the random device is unblocked > > > once safely seeded. > > > > Thanx for your hint, but I fear one moment using random_yarrow_unblock(). > > It is called under mtx_lock(&random_reseed_mtx) in reseed(). > > And when arc4rand() seeding is called, it uses read_random(), so I see > > possible deadlock can happens. > > The usual way round this is with a flag. Set a static, volatile flag, defaulting > "off", and set it to "on" when the seeding has happened. Then arc4random() can > do the right thing, depending on this flag. Ok, what about this version, is it right? libkern/arc4rand.c is not a module but always present in the kernel, so "arc4rand_iniseed_state" will be always accessible. --- dev/random/randomdev_soft.c.old 2011-09-26 07:35:48.000000000 +0400 +++ dev/random/randomdev_soft.c 2012-01-21 01:41:37.000000000 +0400 @@ -55,6 +55,8 @@ __FBSDID("$FreeBSD: src/sys/dev/random/r #define RANDOM_FIFO_MAX 256 /* How many events to queue up */ +extern int arc4rand_iniseed_state; + static void random_kthread(void *); static void random_harvest_internal(u_int64_t, const void *, u_int, @@ -361,6 +363,8 @@ random_yarrow_write(void *buf, int count void random_yarrow_unblock(void) { + if (arc4rand_iniseed_state == 0) + arc4rand_iniseed_state = 1; if (!random_systat.seeded) { random_systat.seeded = 1; selwakeuppri(&random_systat.rsel, PUSER); --- libkern/arc4random.c.old 2011-09-26 07:37:23.000000000 +0400 +++ libkern/arc4random.c 2012-01-21 01:46:53.000000000 +0400 @@ -24,6 +24,8 @@ __FBSDID("$FreeBSD: src/sys/libkern/arc4 #define ARC4_RESEED_SECONDS 300 #define ARC4_KEYBYTES (256 / 8) +int arc4rand_iniseed_state = 0; + static u_int8_t arc4_i, arc4_j; static int arc4_numruns = 0; static u_int8_t arc4_sbox[256]; @@ -130,10 +132,13 @@ arc4rand(void *ptr, u_int len, int resee struct timeval tv; getmicrouptime(&tv); - if (reseed || + if (reseed || arc4rand_iniseed_state == 1 || (arc4_numruns > ARC4_RESEED_BYTES) || - (tv.tv_sec > arc4_t_reseed)) + (tv.tv_sec > arc4_t_reseed)) { + if (arc4rand_iniseed_state == 1) + arc4rand_iniseed_state = -1; arc4_randomstir(); + } mtx_lock(&arc4_mtx); arc4_numruns += len; -- http://ache.vniz.net/