Date: Fri, 22 Nov 2019 13:21:33 -0800 From: Ravi Pokala <rpokala@freebsd.org> To: <cem@freebsd.org> Cc: src-committers <src-committers@freebsd.org>, svn-src-all <svn-src-all@freebsd.org>, svn-src-head <svn-src-head@freebsd.org> Subject: Re: svn commit: r355018 - in head/sys: dev/random sys Message-ID: <8E53796F-8021-43BC-BC45-A8B1026B36AA@panasas.com> In-Reply-To: <CAG6CVpXkfM25tMjJz3q63wSYC34KkGO0VATm1YUR8ZYG=nBX8w@mail.gmail.com> References: <201911222020.xAMKKbE0017524@repo.freebsd.org> <85EFA1CD-5093-4588-9FA4-F704DA122674@panasas.com> <CAG6CVpXkfM25tMjJz3q63wSYC34KkGO0VATm1YUR8ZYG=nBX8w@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
-----Original Message-----
From: Conrad Meyer <cem@freebsd.org>
Reply-To: <cem@freebsd.org>
Date: 2019-11-22, Friday at 13:07
To: Ravi Pokala <rpokala@freebsd.org>
Cc: src-committers <src-committers@freebsd.org>, svn-src-all <svn-src-all@f=
reebsd.org>, svn-src-head <svn-src-head@freebsd.org>
Subject: Re: svn commit: r355018 - in head/sys: dev/random sys
It wasn't lost in the change. The parameters now have the names
"entropy" and "len," but it is the same functionality.
<sigh>
I really need to get new glasses... <facepalm>
-Ravi (rpokala@)
Best,
Conrad
=20
On Fri, Nov 22, 2019 at 12:56 PM Ravi Pokala <rpokala@freebsd.org> wrot=
e:
>
> Hi Conrad,
>
> The original code did
>
> explicit_bzero(data, size);
>
> which appears to have been lost in this change. Is that intentional? =
If so, why is that okay?
>
> Thanks,
>
> Ravi (rpokala@)
>
> =EF=BB=BF-----Original Message-----
> From: <owner-src-committers@freebsd.org> on behalf of Conrad Meyer <c=
em@FreeBSD.org>
> Date: 2019-11-22, Friday at 12:20
> To: <src-committers@freebsd.org>, <svn-src-all@freebsd.org>, <svn-src=
-head@freebsd.org>
> Subject: svn commit: r355018 - in head/sys: dev/random sys
>
> Author: cem
> Date: Fri Nov 22 20:20:37 2019
> New Revision: 355018
> URL: https://svnweb.freebsd.org/changeset/base/355018
>
> Log:
> random(4): Abstract loader entropy injection
>
> Break random_harvestq_prime up into some logical subroutines. =
The goal
> is that it becomes easier to add other early entropy sources.
>
> While here, drop pre-12.0 compatibility logic. loader default =
configuration
> should preload the file as expeced since 12.0.
>
> Approved by: csprng(delphij, markm)
> Differential Revision: https://reviews.freebsd.org/D22482
>
> Modified:
> head/sys/dev/random/random_harvestq.c
> head/sys/sys/random.h
>
> Modified: head/sys/dev/random/random_harvestq.c
> =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D
> --- head/sys/dev/random/random_harvestq.c Fri Nov 22 20:18:07 2=
019 (r355017)
> +++ head/sys/dev/random/random_harvestq.c Fri Nov 22 20:20:37 2=
019 (r355018)
> @@ -402,6 +402,57 @@ random_harvestq_init(void *unused __unused)
> SYSINIT(random_device_h_init, SI_SUB_RANDOM, SI_ORDER_SECOND, ra=
ndom_harvestq_init, NULL);
>
> /*
> + * Subroutine to slice up a contiguous chunk of 'entropy' and fe=
ed it into the
> + * underlying algorithm. Returns number of bytes actually fed i=
nto underlying
> + * algorithm.
> + */
> +static size_t
> +random_early_prime(char *entropy, size_t len)
> +{
> + struct harvest_event event;
> + size_t i;
> +
> + len =3D rounddown(len, sizeof(event.he_entropy));
> + if (len =3D=3D 0)
> + return (0);
> +
> + for (i =3D 0; i < len; i +=3D sizeof(event.he_entropy)) {
> + event.he_somecounter =3D (uint32_t)get_cyclecount();
> + event.he_size =3D sizeof(event.he_entropy);
> + event.he_source =3D RANDOM_CACHED;
> + event.he_destination =3D
> + harvest_context.hc_destination[RANDOM_CACHED]++;
> + memcpy(event.he_entropy, entropy + i, sizeof(event.he=
_entropy));
> + random_harvestq_fast_process_event(&event);
> + }
> + explicit_bzero(entropy, len);
> + return (len);
> +}
> +
> +/*
> + * Subroutine to search for known loader-loaded files in memory =
and feed them
> + * into the underlying algorithm early in boot. Returns the num=
ber of bytes
> + * loaded (zero if none were loaded).
> + */
> +static size_t
> +random_prime_loader_file(const char *type)
> +{
> + uint8_t *keyfile, *data;
> + size_t size;
> +
> + keyfile =3D preload_search_by_type(type);
> + if (keyfile =3D=3D NULL)
> + return (0);
> +
> + data =3D preload_fetch_addr(keyfile);
> + size =3D preload_fetch_size(keyfile);
> + if (data =3D=3D NULL)
> + return (0);
> +
> + return (random_early_prime(data, size));
> +}
> +
> +/*
> * This is used to prime the RNG by grabbing any early random st=
uff
> * known to the kernel, and inserting it directly into the hashi=
ng
> * module, currently Fortuna.
> @@ -410,41 +461,19 @@ SYSINIT(random_device_h_init, SI_SUB_RANDOM=
, SI_ORDER_
> static void
> random_harvestq_prime(void *unused __unused)
> {
> - struct harvest_event event;
> - size_t count, size, i;
> - uint8_t *keyfile, *data;
> + size_t size;
>
> /*
> * Get entropy that may have been preloaded by loader(8)
> * and use it to pre-charge the entropy harvest queue.
> */
> - keyfile =3D preload_search_by_type(RANDOM_CACHED_BOOT_ENTROPY_M=
ODULE);
> -#ifndef NO_BACKWARD_COMPATIBILITY
> - if (keyfile =3D=3D NULL)
> - keyfile =3D preload_search_by_type(RANDOM_LEGACY_BOOT_ENTRO=
PY_MODULE);
> -#endif
> - if (keyfile !=3D NULL) {
> - data =3D preload_fetch_addr(keyfile);
> - size =3D preload_fetch_size(keyfile);
> - /* Trim the size. If the admin has a file with a funn=
y size, we lose some. Tough. */
> - size -=3D (size % sizeof(event.he_entropy));
> - if (data !=3D NULL && size !=3D 0) {
> - for (i =3D 0; i < size; i +=3D sizeof(event.he_en=
tropy)) {
> - count =3D sizeof(event.he_entropy);
> - event.he_somecounter =3D (uint32_t)get_=
cyclecount();
> - event.he_size =3D count;
> - event.he_source =3D RANDOM_CACHED;
> - event.he_destination =3D
> - harvest_context.hc_destination[RA=
NDOM_CACHED]++;
> - memcpy(event.he_entropy, data + i, si=
zeof(event.he_entropy));
> - random_harvestq_fast_process_event(&e=
vent);
> - }
> - explicit_bzero(data, size);
> - if (bootverbose)
> - printf("random: read %zu bytes from p=
reloaded cache\n", size);
> - } else
> - if (bootverbose)
> - printf("random: no preloaded entropy =
cache\n");
> + size =3D random_prime_loader_file(RANDOM_CACHED_BOOT_ENTROPY_MO=
DULE);
> + if (bootverbose) {
> + if (size > 0)
> + printf("random: read %zu bytes from preloaded=
cache\n",
> + size);
> + else
> + printf("random: no preloaded entropy cache\n"=
);
> }
> }
> SYSINIT(random_device_prime, SI_SUB_RANDOM, SI_ORDER_MIDDLE, ran=
dom_harvestq_prime, NULL);
>
> Modified: head/sys/sys/random.h
> =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D
> --- head/sys/sys/random.h Fri Nov 22 20:18:07 2019 (r355=
017)
> +++ head/sys/sys/random.h Fri Nov 22 20:20:37 2019 (r355=
018)
> @@ -81,7 +81,6 @@ enum random_entropy_source {
> _Static_assert(ENTROPYSOURCE <=3D 32,
> "hardcoded assumption that values fit in a typical word-size=
d bitset");
>
> -#define RANDOM_LEGACY_BOOT_ENTROPY_MODULE "/boot/entropy"
> #define RANDOM_CACHED_BOOT_ENTROPY_MODULE "boot_entropy_cache"
>
> extern u_int hc_source_mask;
>
>
>
=20
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?8E53796F-8021-43BC-BC45-A8B1026B36AA>